prepare hs-admin-customer files to be used as template + generate script v1

This commit is contained in:
Michael Hoennig 2022-09-07 14:04:45 +02:00
parent 23796c56f9
commit 9720b37d85
4 changed files with 53 additions and 25 deletions

View File

@ -280,7 +280,7 @@ create domain RbacOp as varchar(67)
or VALUE = 'view'
or VALUE = 'assume'
or VALUE ~ '^add-[a-z]+$'
or VALUE ~ '^set-[a-z]+$'
or VALUE ~ '^new-[a-z]+$'
);
create table RbacPermission

View File

@ -7,7 +7,7 @@
/*
Creates the related RbacObject through a BEFORE INSERT TRIGGER.
*/
create trigger createRbacObjectForCustomer_Trigger
create trigger createRbacObjectForHsAdminCustomer_Trigger
before insert
on hs_admin_contact
for each row
@ -57,14 +57,14 @@ create or replace function createRbacRolesForHsAdminContact()
language plpgsql
strict as $$
declare
contOwnerRole uuid;
ownerRole uuid;
begin
if TG_OP <> 'INSERT' then
raise exception 'invalid usage of TRIGGER AFTER INSERT';
end if;
-- the owner role with full access for the creator assigned to the contact's email addr
contOwnerRole = createRole(
-- the owner role with full access for the creator assigned to the current user
ownerRole = createRole(
hsAdminContactOwner(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['*']),
beneathRole(globalAdmin()),
@ -77,7 +77,7 @@ begin
perform createRole(
hsAdminContactTenant(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['view']),
beneathRole(contOwnerRole)
beneathRole(ownerRole)
);
return NEW;
@ -102,7 +102,6 @@ execute procedure createRbacRolesForHsAdminContact();
/*
Deletes the roles and their assignments of a deleted contact for the BEFORE DELETE TRIGGER.
*/
create or replace function deleteRbacRulesForHsAdminContact()
returns trigger
language plpgsql
@ -120,7 +119,6 @@ end; $$;
/*
An BEFORE DELETE TRIGGER which deletes the role structure of a contact.
*/
create trigger deleteRbacRulesForTestContact_Trigger
before delete
on hs_admin_contact
@ -194,9 +192,6 @@ create or replace function insertHsAdminContact()
declare
newUser hs_admin_contact;
begin
-- insert
-- into RbacObject as r (uuid, objecttable)
-- values( new.uuid, 'hs_admin_contact_rv');
insert
into hs_admin_contact
values (new.*)
@ -245,10 +240,10 @@ execute function deleteHsAdminContact();
--/
-- ============================================================================
--changeset hs-admin-contact-rbac-SET-CONTACT:1 endDelimiter:--//
--changeset hs-admin-contact-rbac-NEW-CONTACT:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a global permission for set-contact and assigns it to the hostsharing admins role.
Creates a global permission for new-contact and assigns it to the hostsharing admins role.
*/
do language plpgsql $$
declare
@ -256,11 +251,11 @@ do language plpgsql $$
globalObjectUuid uuid;
globalAdminRoleUuid uuid ;
begin
call defineContext('granting global set-contact permission to global admin role', null, null, null);
call defineContext('granting global new-contact permission to global admin role', null, null, null);
globalAdminRoleUuid := findRoleId(globalAdmin());
globalObjectUuid := (select uuid from global);
addCustomerPermissions := createPermissions(globalObjectUuid, array ['set-contact']);
addCustomerPermissions := createPermissions(globalObjectUuid, array ['new-contact']);
call grantPermissionsToRole(globalAdminRoleUuid, addCustomerPermissions);
end;
$$;
@ -273,7 +268,7 @@ create or replace function addHsAdminContactNotAllowedForCurrentSubjects()
language PLPGSQL
as $$
begin
raise exception '[403] set-contact not permitted for %',
raise exception '[403] new-contact not permitted for %',
array_to_string(currentSubjects(), ';', 'null');
end; $$;

View File

@ -12,31 +12,29 @@ create or replace procedure createHsAdminContactTestData(contLabel varchar)
language plpgsql as $$
declare
currentTask varchar;
contRowId uuid;
contEmailAddr varchar;
emailAddr varchar;
begin
currentTask = 'creating RBAC test contact ' || contLabel;
call defineContext(currentTask, null, 'alex@hostsharing.net', 'global#global.admin');
execute format('set local hsadminng.currentTask to %L', currentTask);
-- contRowId = uuid_generate_v4();
contEmailAddr = 'customer-admin@' || cleanIdentifier(contLabel) || '.example.com';
emailAddr = 'customer-admin@' || cleanIdentifier(contLabel) || '.example.com';
raise notice 'creating test contact: %', contLabel;
insert
into hs_admin_contact (label, postaladdress, emailaddresses, phonenumbers)
values (contLabel, $addr$
values (contLabel, $address$
Vorname Nachname
Straße Hnr
PLZ Stadt
$addr$, contEmailAddr, '+49 123 1234567');
$address$, emailAddr, '+49 123 1234567');
end; $$;
--//
/*
Creates a range of test customers for mass data generation.
Creates a range of test contact for mass data generation.
*/
create or replace procedure createTestCustomerTestData(
create or replace procedure createTestContactTestData(
startCount integer, -- count of auto generated rows before the run
endCount integer -- count of auto generated rows after the run
)
@ -44,7 +42,7 @@ create or replace procedure createTestCustomerTestData(
begin
for t in startCount..endCount
loop
call createHsAdminContactTestData(intToVarChar(t, 4)|| ' ' || testCustomerReference(t));
call createHsAdminContactTestData(intToVarChar(t, 4) || '#' || t);
commit;
end loop;
end; $$;

35
tools/generate Executable file
View File

@ -0,0 +1,35 @@
#!/bin/bash
sed -e 's/hs-admin-contact/hs-admin-person/g' \
-e 's/hs_admin_contact/hs_admin_person/g' \
<src/main/resources/db/changelog/200-hs-admin-contact.sql >src/main/resources/db/changelog/210-hs-admin-person.sql
sed -e 's/hs-admin-contact/hs-admin-person/g' \
-e 's/hs_admin_contact/hs_admin_person/g' \
-e 's/HsAdminCustomer/HsAdminPerson/g' \
-e 's/hsAdminContact/hsAdminPerson/g' \
-e 's/contact/person/g' \
<src/main/resources/db/changelog/203-hs-admin-contact-rbac.sql >src/main/resources/db/changelog/213-hs-admin-person-rbac.sql
sed -e 's/hs-admin-contact/hs-admin-person/g' \
-e 's/hs_admin_contact/hs_admin_person/g' \
-e 's/HsAdminCustomer/HsAdminPerson/g' \
-e 's/hsAdminContact/hsAdminPerson/g' \
-e 's/contact/person/g' \
<src/main/resources/db/changelog/208-hs-admin-contact-test-data.sql >src/main/resources/db/changelog/218-hs-admin-person-test-data.sql
# mkdir -p src/main/java/net/hostsharing/hsadminng/hs/admin/person
#
# sed -e 's/HsAdminContactEntity/HsAdminPersonEntity/g' \
# sed -e 's/admin.contact/admin.person/g' \
# <src/main/java/net/hostsharing/hsadminng/hs/admin/contact/HsAdminContactEntity.java >src/main/java/net/hostsharing/hsadminng/hs/admin/person/HsAdminPersonEntity.java
cat >>src/main/resources/db/changelog/db.changelog-master.yaml <<EOF
- include:
file: db/changelog/210-hs-admin-person.sql
- include:
file: db/changelog/213-hs-admin-person-rbac.sql
- include:
file: db/changelog/218-hs-admin-person-test-data.sql
EOF