From 9d0dc358f0cd85b4fe2795c7515e3a88970b52f0 Mon Sep 17 00:00:00 2001 From: Michael Hoennig Date: Sat, 13 Apr 2024 15:34:06 +0200 Subject: [PATCH] implement proper identity view with debitorNumber:caption --- .../hs/booking/item/HsBookingItemEntity.java | 6 +++++- .../6013-hs-booking-item-rbac.sql | 18 ++++++++++-------- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/main/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemEntity.java b/src/main/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemEntity.java index 04d74012..3527d9d1 100644 --- a/src/main/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemEntity.java +++ b/src/main/java/net/hostsharing/hsadminng/hs/booking/item/HsBookingItemEntity.java @@ -117,7 +117,11 @@ public class HsBookingItemEntity implements Stringifyable, RbacObject { public static RbacView rbac() { return rbacViewFor("bookingItem", HsBookingItemEntity.class) - .withIdentityView(SQL.projection("caption")) // FIXME: use memberNumber:caption + .withIdentityView(SQL.query(""" + SELECT i.uuid as uuid, d.idName || ':' || i.caption as idName + FROM hs_booking_item i + JOIN hs_office_debitor_iv d ON d.uuid = i.debitorUuid + """)) .withRestrictedViewOrderBy(SQL.expression("validity")) .withUpdatableColumns("version", "validity", "resources") diff --git a/src/main/resources/db/changelog/6-hs-booking/601-booking-item/6013-hs-booking-item-rbac.sql b/src/main/resources/db/changelog/6-hs-booking/601-booking-item/6013-hs-booking-item-rbac.sql index aa138789..590fef50 100644 --- a/src/main/resources/db/changelog/6-hs-booking/601-booking-item/6013-hs-booking-item-rbac.sql +++ b/src/main/resources/db/changelog/6-hs-booking/601-booking-item/6013-hs-booking-item-rbac.sql @@ -107,14 +107,14 @@ do language plpgsql $$ WHERE type in ('DEBITOR') -- TODO.rbac: currently manually patched, needs to be generated LOOP call grantPermissionToRole( - createPermission(row.uuid, 'INSERT', 'hs_booking_item'), - hsOfficeRelationADMIN(row)); + createPermission(row.uuid, 'INSERT', 'hs_booking_item'), + hsOfficeRelationADMIN(row)); END LOOP; END; $$; /** - Adds hs_booking_item INSERT permission to specified roleNSERT permission to specified role of new hs_office_relation rows. + Adds hs_booking_item INSERT permission to specified role of new hs_office_relation rows. */ create or replace function hs_booking_item_hs_office_relation_insert_tf() returns trigger @@ -175,10 +175,12 @@ create trigger hs_booking_item_insert_permission_check_tg --changeset hs-booking-item-rbac-IDENTITY-VIEW:1 endDelimiter:--// -- ---------------------------------------------------------------------------- -call generateRbacIdentityViewFromProjection('hs_booking_item', - $idName$ - caption - $idName$); + call generateRbacIdentityViewFromQuery('hs_booking_item', + $idName$ + SELECT i.uuid as uuid, d.idName || ':' || i.caption as idName + FROM hs_booking_item i + JOIN hs_office_debitor_iv d ON d.uuid = i.debitorUuid + $idName$); --// -- ============================================================================ @@ -186,7 +188,7 @@ call generateRbacIdentityViewFromProjection('hs_booking_item', -- ---------------------------------------------------------------------------- call generateRbacRestrictedView('hs_booking_item', $orderBy$ - caption + validity $orderBy$, $updates$ version = new.version,