WIP towards customerOwner -> rbactest.customer_OWNER for example

2024-09-18 15:58:59 +02:00 · 2024-09-18 15:58:59 +02:00 · 94f6bab004
commit 94f6bab004
parent a0e1d96278
20 changed files with 34 additions and 34 deletions
--- a/src/main/java/net/hostsharing/hsadminng/rbac/generator/RbacRoleDescriptorsGenerator.java
+++ b/src/main/java/net/hostsharing/hsadminng/rbac/generator/RbacRoleDescriptorsGenerator.java
@ -19,12 +19,11 @@ public class RbacRoleDescriptorsGenerator {
                -- ============================================================================
                --changeset RbacRoleDescriptorsGenerator:${liquibaseTagPrefix}-rbac-ROLE-DESCRIPTORS endDelimiter:--//
                -- ----------------------------------------------------------------------------
-                call rbac.generateRbacRoleDescriptors('${simpleEntityVarName}', '${rawTableName}');
+                call rbac.generateRbacRoleDescriptors('${rawTableName}');
                --//
                """,
                with("liquibaseTagPrefix", liquibaseTagPrefix),
                with("simpleEntityVarName", simpleEntityVarName),
                with("rawTableName", rawTableName));
    }
 }
--- a/src/main/resources/db/changelog/1-rbac/1058-rbac-generators.sql
+++ b/src/main/resources/db/changelog/1-rbac/1058-rbac-generators.sql
@ -49,62 +49,63 @@ $$;
 --changeset michael.hoennig:rbac-generators-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-create procedure rbac.generateRbacRoleDescriptors(prefix text, targetTable text)
+create procedure rbac.generateRbacRoleDescriptors(targetTable text)
    language plpgsql as $$
 declare
    sql text;
 begin
    sql = format($sql$
-        create or replace function %1$sOwner(entity %2$s, assumed boolean = true)
+        create or replace function %1$s_OWNER(entity %1$s, assumed boolean = true)
            returns rbac.RoleDescriptor
            language plpgsql
            strict as $f$
        begin
-            return rbac.roleDescriptorOf('%2$s', entity.uuid, 'OWNER', assumed);
+            return rbac.roleDescriptorOf('%1$s', entity.uuid, 'OWNER', assumed);
        end; $f$;
-        create or replace function %1$sAdmin(entity %2$s, assumed boolean = true)
+        create or replace function %1$s_ADMIN(entity %1$s, assumed boolean = true)
            returns rbac.RoleDescriptor
            language plpgsql
            strict as $f$
        begin
-            return rbac.roleDescriptorOf('%2$s', entity.uuid, 'ADMIN', assumed);
+            return rbac.roleDescriptorOf('%1$s', entity.uuid, 'ADMIN', assumed);
        end; $f$;
-        create or replace function %1$sAgent(entity %2$s, assumed boolean = true)
+        create or replace function %1$s_AGENT(entity %1$s, assumed boolean = true)
            returns rbac.RoleDescriptor
            language plpgsql
            strict as $f$
        begin
-            return rbac.roleDescriptorOf('%2$s', entity.uuid, 'AGENT', assumed);
+            return rbac.roleDescriptorOf('%1$s', entity.uuid, 'AGENT', assumed);
        end; $f$;
-        create or replace function %1$sTenant(entity %2$s, assumed boolean = true)
+        create or replace function %1$s_TENANT(entity %1$s, assumed boolean = true)
            returns rbac.RoleDescriptor
            language plpgsql
            strict as $f$
        begin
-            return rbac.roleDescriptorOf('%2$s', entity.uuid, 'TENANT', assumed);
+            return rbac.roleDescriptorOf('%1$s', entity.uuid, 'TENANT', assumed);
        end; $f$;
        -- TODO: remove guest role
-        create or replace function %1$sGuest(entity %2$s, assumed boolean = true)
+        create or replace function %1$s_GUEST(entity %1$s, assumed boolean = true)
            returns rbac.RoleDescriptor
            language plpgsql
            strict as $f$
        begin
-            return rbac.roleDescriptorOf('%2$s', entity.uuid, 'GUEST', assumed);
+            return rbac.roleDescriptorOf('%1$s', entity.uuid, 'GUEST', assumed);
        end; $f$;
-        create or replace function %1$sReferrer(entity %2$s)
+        create or replace function %1$s_REFERRER(entity %1$s)
            returns rbac.RoleDescriptor
            language plpgsql
            strict as $f$
        begin
-            return rbac.roleDescriptorOf('%2$s', entity.uuid, 'REFERRER');
+            return rbac.roleDescriptorOf('%1$s', entity.uuid, 'REFERRER');
        end; $f$;
-        $sql$, prefix, targetTable);
+        $sql$, targetTable);
    raise exception 'generated-SQL: %', sql;
    execute sql;
 end; $$;
 --//
--- a/src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql
+++ b/src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('rbactest.customer');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:rbactest-customer-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('testCustomer', 'rbactest.customer');
+call rbac.generateRbacRoleDescriptors('rbactest.customer');
 --//
--- a/src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql
+++ b/src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('rbactest.package');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:rbactest-package-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('testPackage', 'rbactest.package');
+call rbac.generateRbacRoleDescriptors('rbactest.package');
 --//
--- a/src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql
+++ b/src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('rbactest.domain');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:rbactest-domain-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('testDomain', 'rbactest.domain');
+call rbac.generateRbacRoleDescriptors('rbactest.domain');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/501-contact/5013-hs-office-contact-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/501-contact/5013-hs-office-contact-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.contact');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-contact-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeContact', 'hs_office.contact');
+call rbac.generateRbacRoleDescriptors('hs_office.contact');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/502-person/5023-hs-office-person-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/502-person/5023-hs-office-person-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.person');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-person-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficePerson', 'hs_office.person');
+call rbac.generateRbacRoleDescriptors('hs_office.person');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.relation');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-relation-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeRelation', 'hs_office.relation');
+call rbac.generateRbacRoleDescriptors('hs_office.relation');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/504-partner/5043-hs-office-partner-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/504-partner/5043-hs-office-partner-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.partner');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-partner-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficePartner', 'hs_office.partner');
+call rbac.generateRbacRoleDescriptors('hs_office.partner');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/504-partner/5044-hs-office-partner-details-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/504-partner/5044-hs-office-partner-details-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.partner_details');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-partner-details-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficePartnerDetails', 'hs_office.partner_details');
+call rbac.generateRbacRoleDescriptors('hs_office.partner_details');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/505-bankaccount/5053-hs-office-bankaccount-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/505-bankaccount/5053-hs-office-bankaccount-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.bankaccount');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-bankaccount-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeBankAccount', 'hs_office.bankaccount');
+call rbac.generateRbacRoleDescriptors('hs_office.bankaccount');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/506-debitor/5063-hs-office-debitor-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/506-debitor/5063-hs-office-debitor-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.debitor');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-debitor-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeDebitor', 'hs_office.debitor');
+call rbac.generateRbacRoleDescriptors('hs_office.debitor');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/507-sepamandate/5073-hs-office-sepamandate-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/507-sepamandate/5073-hs-office-sepamandate-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.sepamandate');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-sepamandate-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeSepaMandate', 'hs_office.sepamandate');
+call rbac.generateRbacRoleDescriptors('hs_office.sepamandate');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/510-membership/5103-hs-office-membership-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/510-membership/5103-hs-office-membership-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.membership');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-membership-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeMembership', 'hs_office.membership');
+call rbac.generateRbacRoleDescriptors('hs_office.membership');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.coopsharestransaction');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-coopsharestransaction-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeCoopSharesTransaction', 'hs_office.coopsharestransaction');
+call rbac.generateRbacRoleDescriptors('hs_office.coopsharestransaction');
 --//
--- a/src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql
+++ b/src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_office.coopassetstransaction');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-office-coopassetstransaction-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsOfficeCoopAssetsTransaction', 'hs_office.coopassetstransaction');
+call rbac.generateRbacRoleDescriptors('hs_office.coopassetstransaction');
 --//
--- a/src/main/resources/db/changelog/6-hs-booking/620-booking-project/6203-hs-booking-project-rbac.sql
+++ b/src/main/resources/db/changelog/6-hs-booking/620-booking-project/6203-hs-booking-project-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_booking.project');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-booking-project-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsBookingProject', 'hs_booking.project');
+call rbac.generateRbacRoleDescriptors('hs_booking.project');
 --//
--- a/src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql
+++ b/src/main/resources/db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_booking.item');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-booking-item-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsBookingItem', 'hs_booking.item');
+call rbac.generateRbacRoleDescriptors('hs_booking.item');
 --//
--- a/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.sql
+++ b/src/main/resources/db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-asset-rbac.sql
@ -12,7 +12,7 @@ call rbac.generateRelatedRbacObject('hs_hosting.asset');
 -- ============================================================================
 --changeset RbacRoleDescriptorsGenerator:hs-hosting-asset-rbac-ROLE-DESCRIPTORS endDelimiter:--//
 -- ----------------------------------------------------------------------------
-call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting.asset');
+call rbac.generateRbacRoleDescriptors('hs_hosting.asset');
 --//
--- a/src/test/resources/application.yml
+++ b/src/test/resources/application.yml
@ -7,7 +7,7 @@ spring:
        url-tc: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers
        url-tcx: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers?TC_REUSABLE=true&TC_DAEMON=true
        url-local: jdbc:postgresql://localhost:5432/postgres
-        url: ${spring.datasource.url-tc}
+        url: ${spring.datasource.url-local}
        username: postgres
        password: password