WIP
This commit is contained in:
parent
1f4a20b658
commit
fc8cf0a0b7
@ -33,12 +33,13 @@ import java.util.Map;
|
||||
import java.util.UUID;
|
||||
|
||||
import static java.util.Optional.ofNullable;
|
||||
import static net.hostsharing.hsadminng.hs.hosting.server.HsHostingAssetType.BBB_SERVER;
|
||||
import static net.hostsharing.hsadminng.hs.hosting.server.HsHostingAssetType.CLOUD_SERVER;
|
||||
import static net.hostsharing.hsadminng.hs.hosting.server.HsHostingAssetType.MANAGED_SERVER;
|
||||
import static net.hostsharing.hsadminng.hs.hosting.server.HsHostingAssetType.MANAGED_WEBSPACE;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.CaseDef.inCaseOf;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.CaseDef.inOtherCases;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Column.dependsOnColumn;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.ColumnValue.usingCase;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.ColumnValue.usingDefaultCase;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Nullable.NOT_NULL;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Nullable.NULLABLE;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.DELETE;
|
||||
@ -55,7 +56,7 @@ import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
|
||||
|
||||
@Builder
|
||||
@Entity
|
||||
@Table(name = "hs_hosting_server_rv")
|
||||
@Table(name = "hs_hosting_asset_rv")
|
||||
@Getter
|
||||
@Setter
|
||||
@NoArgsConstructor
|
||||
@ -87,6 +88,9 @@ public class HsHostingAssetEntity implements Stringifyable, RbacObject {
|
||||
@Enumerated(EnumType.STRING)
|
||||
private HsHostingAssetType type;
|
||||
|
||||
@Column(name = "fixedname")
|
||||
private String fixedName; // vm1234, xyz00, example.org, xyz00_abc
|
||||
|
||||
@Column(name = "caption")
|
||||
private String caption;
|
||||
|
||||
@ -134,7 +138,7 @@ public class HsHostingAssetEntity implements Stringifyable, RbacObject {
|
||||
.withRestrictedViewOrderBy(SQL.expression("caption"))
|
||||
.withUpdatableColumns("version", "caption", "config")
|
||||
|
||||
.importEntityAlias("bookingItem", HsBookingItemEntity.class,
|
||||
.importEntityAlias("bookingItem", HsBookingItemEntity.class, usingDefaultCase(),
|
||||
dependsOnColumn("bookingItemUuid"),
|
||||
directlyFetchedByDependsOnColumn(),
|
||||
NOT_NULL)
|
||||
@ -144,15 +148,14 @@ public class HsHostingAssetEntity implements Stringifyable, RbacObject {
|
||||
then -> then.toRole("bookingItem", AGENT).grantPermission(INSERT)),
|
||||
inCaseOf(MANAGED_SERVER.name(),
|
||||
then -> then.toRole("bookingItem", AGENT).grantPermission(INSERT)),
|
||||
inCaseOf(BBB_SERVER.name(),
|
||||
then -> then.toRole("bookingItem", AGENT).grantPermission(INSERT)),
|
||||
inOtherCases(then -> {
|
||||
then.importEntityAlias("parentAsset", HsHostingAssetEntity.class,
|
||||
inCaseOf(MANAGED_WEBSPACE.name(), then ->
|
||||
then.importEntityAlias("parentServer", HsHostingAssetEntity.class, usingCase(MANAGED_SERVER),
|
||||
dependsOnColumn("parentAssetUuid"),
|
||||
directlyFetchedByDependsOnColumn(),
|
||||
NULLABLE)
|
||||
.toRole("parentAsset", AGENT).grantPermission(INSERT);
|
||||
})
|
||||
// TODO.rbac: implement multiple INSERT-rules, e.g. for Asset.bookingItem + Asset.parentAsset
|
||||
//.toRole("parentServer", AGENT).grantPermission(INSERT)
|
||||
)
|
||||
)
|
||||
|
||||
.createRole(OWNER, (with) -> {
|
||||
|
@ -3,17 +3,18 @@ package net.hostsharing.hsadminng.hs.hosting.server;
|
||||
public enum HsHostingAssetType {
|
||||
CLOUD_SERVER,
|
||||
MANAGED_SERVER,
|
||||
BBB_SERVER,
|
||||
MANAGED_WEBSPACE(MANAGED_SERVER),
|
||||
UNIX_USER(MANAGED_WEBSPACE),
|
||||
DOMAIN_SETUP(UNIX_USER),
|
||||
EMAIL_ALIAS(HsHostingAssetType.DOMAIN_SETUP),
|
||||
EMAIL_ADDRESS(HsHostingAssetType.DOMAIN_SETUP),
|
||||
PGSQL_DATABASE(HsHostingAssetType.MANAGED_WEBSPACE),
|
||||
PGSQL_USER(HsHostingAssetType.MANAGED_WEBSPACE),
|
||||
MARIADB_DATABASE(HsHostingAssetType.MANAGED_WEBSPACE),
|
||||
|
||||
MARIADB_USER(HsHostingAssetType.MANAGED_WEBSPACE);
|
||||
// TODO.spec: SECURE_MX
|
||||
EMAIL_ALIAS(MANAGED_WEBSPACE),
|
||||
EMAIL_ADDRESS(DOMAIN_SETUP),
|
||||
PGSQL_USER(MANAGED_WEBSPACE),
|
||||
PGSQL_DATABASE(MANAGED_WEBSPACE), // TODO.spec: or PGSQL_USER?
|
||||
MARIADB_USER(MANAGED_WEBSPACE),
|
||||
MARIADB_DATABASE(MANAGED_WEBSPACE); // TODO.spec: or MARIADB_USER?
|
||||
|
||||
|
||||
public final HsHostingAssetType parentAssetType;
|
||||
|
||||
|
@ -241,7 +241,10 @@ public class InsertTriggerGenerator {
|
||||
|
||||
private static <T> BinaryOperator<T> singleton() {
|
||||
return (x, y) -> {
|
||||
throw new IllegalStateException("only a single INSERT permission grant allowed");
|
||||
if ( !x.equals(y) ) {
|
||||
throw new IllegalStateException("only a single INSERT permission grant allowed");
|
||||
}
|
||||
return x;
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -18,7 +18,9 @@ import java.util.function.Consumer;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import static java.lang.reflect.Modifier.isStatic;
|
||||
import static java.util.Arrays.asList;
|
||||
import static java.util.Arrays.stream;
|
||||
import static java.util.Collections.max;
|
||||
import static java.util.Optional.ofNullable;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.ColumnValue.usingDefaultCase;
|
||||
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Nullable.NOT_NULL;
|
||||
@ -314,6 +316,15 @@ public class RbacView {
|
||||
return this;
|
||||
}
|
||||
|
||||
// TODO.impl: use importEntityAlias with all parameters
|
||||
@Deprecated
|
||||
public RbacView importEntityAlias(
|
||||
final String aliasName, final Class<? extends RbacObject> entityClass,
|
||||
final Column dependsOnColum, final SQL fetchSql, final Nullable nullable) {
|
||||
importEntityAliasImpl(aliasName, entityClass, usingDefaultCase(), fetchSql, dependsOnColum, false, nullable);
|
||||
return this;
|
||||
}
|
||||
|
||||
/**
|
||||
* Imports the RBAC template from the given entity class and defines an anlias name for it.
|
||||
*
|
||||
@ -325,6 +336,9 @@ public class RbacView {
|
||||
* A JPA entity class extending RbacObject which also implements an `rbac` method returning
|
||||
* its RBAC specification.
|
||||
*
|
||||
* @param usingCase
|
||||
* Only use this case value for a switch within the rbac rules.
|
||||
*
|
||||
* @param fetchSql
|
||||
* An SQL SELECT statement which fetches the referenced row. Use `${REF}` to speficiy the
|
||||
* newly created or updated row (will be replaced by NEW/OLD from the trigger method).
|
||||
@ -342,19 +356,29 @@ public class RbacView {
|
||||
* a JPA entity class extending RbacObject
|
||||
*/
|
||||
public RbacView importEntityAlias(
|
||||
final String aliasName, final Class<? extends RbacObject> entityClass,
|
||||
final String aliasName, final Class<? extends RbacObject> entityClass, final ColumnValue usingCase,
|
||||
final Column dependsOnColum, final SQL fetchSql, final Nullable nullable) {
|
||||
importEntityAliasImpl(aliasName, entityClass, usingDefaultCase(), fetchSql, dependsOnColum, false, nullable);
|
||||
importEntityAliasImpl(aliasName, entityClass, usingCase, fetchSql, dependsOnColum, false, nullable);
|
||||
return this;
|
||||
}
|
||||
|
||||
private EntityAlias importEntityAliasImpl(
|
||||
final String aliasName, final Class<? extends RbacObject> entityClass, final ColumnValue forCase,
|
||||
final String aliasName, final Class<? extends RbacObject> entityClass, final ColumnValue usingCase,
|
||||
final SQL fetchSql, final Column dependsOnColum, boolean asSubEntity, final Nullable nullable) {
|
||||
final var entityAlias = new EntityAlias(aliasName, entityClass, fetchSql, dependsOnColum, asSubEntity, nullable);
|
||||
entityAliases.put(aliasName, entityAlias);
|
||||
|
||||
final var entityAlias = ofNullable(entityAliases.get(aliasName))
|
||||
.orElseGet(() -> {
|
||||
final var ea = new EntityAlias(aliasName, entityClass, usingCase, fetchSql, dependsOnColum, asSubEntity, nullable);
|
||||
entityAliases.put(aliasName, ea);
|
||||
return ea;
|
||||
});
|
||||
|
||||
try {
|
||||
importAsAlias(aliasName, rbacDefinition(entityClass), forCase, asSubEntity);
|
||||
// TODO.impl: this only works for directly recursive RBAC definitions, not for indirect recursion
|
||||
final var rbacDef = entityClass == rootEntityAlias.entityClass
|
||||
? this
|
||||
: rbacDefinition(entityClass);
|
||||
importAsAlias(aliasName, rbacDef, usingCase, asSubEntity);
|
||||
} catch (final ReflectiveOperationException exc) {
|
||||
throw new RuntimeException("cannot import entity: " + entityClass, exc);
|
||||
}
|
||||
@ -369,7 +393,7 @@ public class RbacView {
|
||||
private RbacView importAsAlias(final String aliasName, final RbacView importedRbacView, final ColumnValue forCase, final boolean asSubEntity) {
|
||||
final var mapper = new AliasNameMapper(importedRbacView, aliasName,
|
||||
asSubEntity ? entityAliases.keySet() : null);
|
||||
importedRbacView.getEntityAliases().values().stream()
|
||||
copyOf(importedRbacView.getEntityAliases().values()).stream()
|
||||
.filter(entityAlias -> !importedRbacView.isRootEntityAlias(entityAlias))
|
||||
.filter(entityAlias -> !entityAlias.isGlobal())
|
||||
.filter(entityAlias -> !asSubEntity || !entityAliases.containsKey(entityAlias.aliasName))
|
||||
@ -377,10 +401,10 @@ public class RbacView {
|
||||
final String mappedAliasName = mapper.map(entityAlias.aliasName);
|
||||
entityAliases.put(mappedAliasName, new EntityAlias(mappedAliasName, entityAlias.entityClass));
|
||||
});
|
||||
importedRbacView.getRoleDefs().forEach(roleDef -> {
|
||||
copyOf(importedRbacView.getRoleDefs()).forEach(roleDef -> {
|
||||
new RbacRoleDefinition(findEntityAlias(mapper.map(roleDef.entityAlias.aliasName)), roleDef.role);
|
||||
});
|
||||
importedRbacView.getGrantDefs().forEach(grantDef -> {
|
||||
copyOf(importedRbacView.getGrantDefs()).forEach(grantDef -> {
|
||||
if ( grantDef.grantType() == RbacGrantDefinition.GrantType.ROLE_TO_ROLE &&
|
||||
(grantDef.forCases == null || grantDef.matchesCase(forCase)) ) {
|
||||
final var importedGrantDef = findOrCreateGrantDef(
|
||||
@ -411,6 +435,10 @@ public class RbacView {
|
||||
return this;
|
||||
}
|
||||
|
||||
private static <T> List<T> copyOf(final Collection<T> eas) {
|
||||
return eas.stream().toList();
|
||||
}
|
||||
|
||||
private void verifyVersionColumnExists() {
|
||||
if (stream(rootEntityAlias.entityClass.getDeclaredFields())
|
||||
.noneMatch(f -> f.getAnnotation(Version.class) != null)) {
|
||||
@ -615,6 +643,13 @@ public class RbacView {
|
||||
return this;
|
||||
}
|
||||
|
||||
public long level() {
|
||||
return max(asList(
|
||||
superRoleDef != null ? superRoleDef.entityAlias.level() : 0,
|
||||
subRoleDef != null ? subRoleDef.entityAlias.level() : 0,
|
||||
permDef != null ? permDef.entityAlias.level() : 0));
|
||||
}
|
||||
|
||||
public enum GrantType {
|
||||
ROLE_TO_USER,
|
||||
ROLE_TO_ROLE,
|
||||
@ -854,14 +889,14 @@ public class RbacView {
|
||||
return distinctGrantDef;
|
||||
}
|
||||
|
||||
record EntityAlias(String aliasName, Class<? extends RbacObject> entityClass, SQL fetchSql, Column dependsOnColum, boolean isSubEntity, Nullable nullable) {
|
||||
record EntityAlias(String aliasName, Class<? extends RbacObject> entityClass, ColumnValue usingCase, SQL fetchSql, Column dependsOnColum, boolean isSubEntity, Nullable nullable) {
|
||||
|
||||
public EntityAlias(final String aliasName) {
|
||||
this(aliasName, null, null, null, false, null);
|
||||
this(aliasName, null, null, null, null, false, null);
|
||||
}
|
||||
|
||||
public EntityAlias(final String aliasName, final Class<? extends RbacObject> entityClass) {
|
||||
this(aliasName, entityClass, null, null, false, null);
|
||||
this(aliasName, entityClass, null, null, null, false, null);
|
||||
}
|
||||
|
||||
boolean isGlobal() {
|
||||
@ -872,7 +907,6 @@ public class RbacView {
|
||||
return entityClass == null;
|
||||
}
|
||||
|
||||
@NotNull
|
||||
@Override
|
||||
public SQL fetchSql() {
|
||||
if (fetchSql == null) {
|
||||
@ -914,6 +948,10 @@ public class RbacView {
|
||||
}
|
||||
return dependsOnColum.column;
|
||||
}
|
||||
|
||||
long level() {
|
||||
return aliasName.chars().filter(ch -> ch == '.').count() + 1;
|
||||
}
|
||||
}
|
||||
|
||||
public static String withoutRvSuffix(final String tableName) {
|
||||
@ -1074,10 +1112,9 @@ public class RbacView {
|
||||
return new ColumnValue(null);
|
||||
}
|
||||
|
||||
public static ColumnValue usingCase(final String value) {
|
||||
return new ColumnValue(value);
|
||||
public static <E extends Enum<E>> ColumnValue usingCase(final E value) {
|
||||
return new ColumnValue(value.name());
|
||||
}
|
||||
|
||||
public final String value;
|
||||
|
||||
private ColumnValue(final String value) {
|
||||
|
@ -15,6 +15,9 @@ public class RbacViewMermaidFlowchartGenerator {
|
||||
public static final String HOSTSHARING_LIGHT_ORANGE = "#feb28c";
|
||||
public static final String HOSTSHARING_DARK_BLUE = "#274d6e";
|
||||
public static final String HOSTSHARING_LIGHT_BLUE = "#99bcdb";
|
||||
|
||||
// TODO.rbac: implement level limit for all renderable items and remove items which not part of a grant
|
||||
private static final long MAX_LEVEL_TO_RENDER = 3;
|
||||
private final RbacView rbacDef;
|
||||
|
||||
private final CaseDef forCase;
|
||||
@ -56,6 +59,7 @@ public class RbacViewMermaidFlowchartGenerator {
|
||||
|
||||
flowchart.indented( () -> {
|
||||
rbacDef.getEntityAliases().values().stream()
|
||||
.filter(e -> e.level() <= MAX_LEVEL_TO_RENDER)
|
||||
.filter(e -> e.aliasName().startsWith(entity.aliasName() + ":"))
|
||||
.forEach(this::renderEntitySubgraph);
|
||||
|
||||
@ -106,6 +110,7 @@ public class RbacViewMermaidFlowchartGenerator {
|
||||
|
||||
private void renderGrants(final RbacView.RbacGrantDefinition.GrantType grantType, final String comment) {
|
||||
final var grantsOfRequestedType = rbacDef.getGrantDefs().stream()
|
||||
.filter(g -> g.level() <= MAX_LEVEL_TO_RENDER)
|
||||
.filter(g -> g.grantType() == grantType)
|
||||
.filter(this::isToBeRenderedInThisGraph)
|
||||
.toList();
|
||||
|
@ -1,14 +1,29 @@
|
||||
--liquibase formatted sql
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hosting-server-MAIN-TABLE:1 endDelimiter:--//
|
||||
--changeset hosting-asset-MAIN-TABLE:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create table if not exists hs_hosting_server
|
||||
create type HsHostingAssetType as enum (
|
||||
'MANAGED_SERVER',
|
||||
'MANAGED_WEBSPACE',
|
||||
'UNIX_USER',
|
||||
'DOMAIN_SETUP',
|
||||
'EMAIL_ALIAS',
|
||||
'EMAIL_ADDRESS',
|
||||
'PGSQL_USER',
|
||||
'PGSQL_DATABASE',
|
||||
'MARIADB_USER',
|
||||
'MARIADB_DATABASE'
|
||||
);
|
||||
|
||||
create table if not exists hs_hosting_asset
|
||||
(
|
||||
uuid uuid unique references RbacObject (uuid),
|
||||
version int not null default 0,
|
||||
bookingItemUuid uuid not null references hs_booking_item(uuid),
|
||||
type HsHostingAssetType,
|
||||
parentAssetUuid uuid null references hs_hosting_asset(uuid),
|
||||
caption varchar(80) not null,
|
||||
config jsonb not null
|
||||
);
|
||||
@ -16,8 +31,8 @@ create table if not exists hs_hosting_server
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-server-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
--changeset hs-hosting-asset-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call create_journal('hs_hosting_server');
|
||||
call create_journal('hs_hosting_asset');
|
||||
--//
|
@ -0,0 +1,476 @@
|
||||
### rbac asset inCaseOf:CLOUD_SERVER
|
||||
|
||||
This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manually.
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
flowchart TB
|
||||
|
||||
subgraph parentServer.bookingItem["`**parentServer.bookingItem**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem:roles[ ]
|
||||
style parentServer.bookingItem:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem:OWNER[[parentServer.bookingItem:OWNER]]
|
||||
role:parentServer.bookingItem:ADMIN[[parentServer.bookingItem:ADMIN]]
|
||||
role:parentServer.bookingItem:AGENT[[parentServer.bookingItem:AGENT]]
|
||||
role:parentServer.bookingItem:TENANT[[parentServer.bookingItem:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.anchorPerson["`**parentServer.bookingItem.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:OWNER[[parentServer.bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.holderPerson["`**parentServer.bookingItem.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:OWNER[[parentServer.bookingItem.debitorRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:ADMIN[[parentServer.bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:REFERRER[[parentServer.bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer["`**parentServer**`"]
|
||||
direction TB
|
||||
style parentServer fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.holderPerson["`**parentServer.bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:OWNER[[parentServer.bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:ADMIN[[parentServer.bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:REFERRER[[parentServer.bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.anchorPerson["`**parentServer.bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:OWNER[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.anchorPerson["`**bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER[[bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.contact["`**parentServer.bookingItem.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.contact:OWNER[[parentServer.bookingItem.debitorRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.contact:ADMIN[[parentServer.bookingItem.debitorRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.contact:REFERRER[[parentServer.bookingItem.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel["`**bookingItem.debitor.partnerRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel:roles[ ]
|
||||
style bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel:OWNER[[bookingItem.debitor.partnerRel:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel:ADMIN[[bookingItem.debitor.partnerRel:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel:AGENT[[bookingItem.debitor.partnerRel:AGENT]]
|
||||
role:bookingItem.debitor.partnerRel:TENANT[[bookingItem.debitor.partnerRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.anchorPerson["`**bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER[[bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel["`**bookingItem.debitorRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel:roles[ ]
|
||||
style bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel:OWNER[[bookingItem.debitorRel:OWNER]]
|
||||
role:bookingItem.debitorRel:ADMIN[[bookingItem.debitorRel:ADMIN]]
|
||||
role:bookingItem.debitorRel:AGENT[[bookingItem.debitorRel:AGENT]]
|
||||
role:bookingItem.debitorRel:TENANT[[bookingItem.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.contact["`**parentServer.bookingItem.debitor.partnerRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:OWNER[[parentServer.bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:ADMIN[[parentServer.bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:REFERRER[[parentServer.bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.anchorPerson["`**bookingItem.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.anchorPerson:OWNER[[bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN[[bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitorRel.anchorPerson:REFERRER[[bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel["`**parentServer.bookingItem.debitor.debitorRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel:OWNER[[parentServer.bookingItem.debitor.debitorRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:ADMIN[[parentServer.bookingItem.debitor.debitorRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:AGENT[[parentServer.bookingItem.debitor.debitorRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:TENANT[[parentServer.bookingItem.debitor.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.holderPerson["`**bookingItem.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.holderPerson:OWNER[[bookingItem.debitorRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN[[bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitorRel.holderPerson:REFERRER[[bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.refundBankAccount["`**bookingItem.debitor.refundBankAccount**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.refundBankAccount:roles[ ]
|
||||
style bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.refundBankAccount:OWNER[[bookingItem.debitor.refundBankAccount:OWNER]]
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN[[bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||
role:bookingItem.debitor.refundBankAccount:REFERRER[[bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel["`**parentServer.bookingItem.debitor.partnerRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel:OWNER[[parentServer.bookingItem.debitor.partnerRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:ADMIN[[parentServer.bookingItem.debitor.partnerRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:AGENT[[parentServer.bookingItem.debitor.partnerRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:TENANT[[parentServer.bookingItem.debitor.partnerRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.contact["`**bookingItem.debitor.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.contact:OWNER[[bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.contact:ADMIN[[bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.contact:REFERRER[[bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor["`**parentServer.bookingItem.debitor**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.holderPerson["`**parentServer.bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:OWNER[[parentServer.bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:ADMIN[[parentServer.bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:REFERRER[[parentServer.bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.contact["`**bookingItem.debitor.partnerRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.contact:OWNER[[bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.contact:ADMIN[[bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.contact:REFERRER[[bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel["`**parentServer.bookingItem.debitorRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel:OWNER[[parentServer.bookingItem.debitorRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel:ADMIN[[parentServer.bookingItem.debitorRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel:AGENT[[parentServer.bookingItem.debitorRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitorRel:TENANT[[parentServer.bookingItem.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem["`**bookingItem**`"]
|
||||
direction TB
|
||||
style bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem:roles[ ]
|
||||
style bookingItem:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem:OWNER[[bookingItem:OWNER]]
|
||||
role:bookingItem:ADMIN[[bookingItem:ADMIN]]
|
||||
role:bookingItem:AGENT[[bookingItem:AGENT]]
|
||||
role:bookingItem:TENANT[[bookingItem:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.parentServer["`**parentServer.parentServer**`"]
|
||||
direction TB
|
||||
style parentServer.parentServer fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.contact["`**parentServer.bookingItem.debitor.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:OWNER[[parentServer.bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:ADMIN[[parentServer.bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:REFERRER[[parentServer.bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.holderPerson["`**bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:OWNER[[bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN[[bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:REFERRER[[bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.contact["`**bookingItem.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.contact:roles[ ]
|
||||
style bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.contact:OWNER[[bookingItem.debitorRel.contact:OWNER]]
|
||||
role:bookingItem.debitorRel.contact:ADMIN[[bookingItem.debitorRel.contact:ADMIN]]
|
||||
role:bookingItem.debitorRel.contact:REFERRER[[bookingItem.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.refundBankAccount["`**parentServer.bookingItem.debitor.refundBankAccount**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.refundBankAccount:roles[ ]
|
||||
style parentServer.bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:OWNER[[parentServer.bookingItem.debitor.refundBankAccount:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:ADMIN[[parentServer.bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:REFERRER[[parentServer.bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor["`**bookingItem.debitor**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.holderPerson["`**bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:OWNER[[bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN[[bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:REFERRER[[bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel["`**bookingItem.debitor.debitorRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel:roles[ ]
|
||||
style bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel:OWNER[[bookingItem.debitor.debitorRel:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel:ADMIN[[bookingItem.debitor.debitorRel:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel:AGENT[[bookingItem.debitor.debitorRel:AGENT]]
|
||||
role:bookingItem.debitor.debitorRel:TENANT[[bookingItem.debitor.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph asset["`**asset**`"]
|
||||
direction TB
|
||||
style asset fill:#dd4901,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph asset:roles[ ]
|
||||
style asset:roles fill:#dd4901,stroke:white
|
||||
|
||||
role:asset:OWNER[[asset:OWNER]]
|
||||
role:asset:ADMIN[[asset:ADMIN]]
|
||||
role:asset:TENANT[[asset:TENANT]]
|
||||
end
|
||||
|
||||
subgraph asset:permissions[ ]
|
||||
style asset:permissions fill:#dd4901,stroke:white
|
||||
|
||||
perm:asset:INSERT{{asset:INSERT}}
|
||||
perm:asset:DELETE{{asset:DELETE}}
|
||||
perm:asset:UPDATE{{asset:UPDATE}}
|
||||
perm:asset:SELECT{{asset:SELECT}}
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.anchorPerson["`**parentServer.bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:OWNER[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
%% granting roles to roles
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
|
||||
role:bookingItem.debitor.debitorRel:OWNER -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||
role:bookingItem.debitor.debitorRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.debitorRel:TENANT
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:OWNER
|
||||
role:bookingItem.debitor.refundBankAccount:OWNER -.-> role:bookingItem.debitor.refundBankAccount:ADMIN
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
|
||||
role:bookingItem.debitor.partnerRel:OWNER -.-> role:bookingItem.debitor.partnerRel:ADMIN
|
||||
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
|
||||
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:OWNER
|
||||
role:bookingItem.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitorRel.anchorPerson:ADMIN
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:OWNER
|
||||
role:bookingItem.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitorRel.holderPerson:ADMIN
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.contact:OWNER
|
||||
role:bookingItem.debitorRel.contact:OWNER -.-> role:bookingItem.debitorRel.contact:ADMIN
|
||||
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||
role:bookingItem.debitorRel:OWNER -.-> role:bookingItem.debitorRel:ADMIN
|
||||
role:bookingItem.debitorRel:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:OWNER
|
||||
role:bookingItem:OWNER -.-> role:bookingItem:ADMIN
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:ADMIN
|
||||
role:bookingItem:ADMIN -.-> role:bookingItem:AGENT
|
||||
role:bookingItem:AGENT -.-> role:bookingItem:TENANT
|
||||
role:bookingItem:TENANT -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem:ADMIN ==> role:asset:OWNER
|
||||
role:asset:OWNER ==> role:asset:ADMIN
|
||||
role:asset:ADMIN ==> role:asset:TENANT
|
||||
role:asset:TENANT ==> role:bookingItem:TENANT
|
||||
|
||||
%% granting permissions to roles
|
||||
role:bookingItem:AGENT ==> perm:asset:INSERT
|
||||
role:asset:OWNER ==> perm:asset:DELETE
|
||||
role:asset:ADMIN ==> perm:asset:UPDATE
|
||||
role:asset:TENANT ==> perm:asset:SELECT
|
||||
|
||||
```
|
@ -0,0 +1,476 @@
|
||||
### rbac asset inCaseOf:MANAGED_SERVER
|
||||
|
||||
This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manually.
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
flowchart TB
|
||||
|
||||
subgraph parentServer.bookingItem["`**parentServer.bookingItem**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem:roles[ ]
|
||||
style parentServer.bookingItem:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem:OWNER[[parentServer.bookingItem:OWNER]]
|
||||
role:parentServer.bookingItem:ADMIN[[parentServer.bookingItem:ADMIN]]
|
||||
role:parentServer.bookingItem:AGENT[[parentServer.bookingItem:AGENT]]
|
||||
role:parentServer.bookingItem:TENANT[[parentServer.bookingItem:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.anchorPerson["`**parentServer.bookingItem.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:OWNER[[parentServer.bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.holderPerson["`**parentServer.bookingItem.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:OWNER[[parentServer.bookingItem.debitorRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:ADMIN[[parentServer.bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:REFERRER[[parentServer.bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer["`**parentServer**`"]
|
||||
direction TB
|
||||
style parentServer fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.holderPerson["`**parentServer.bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:OWNER[[parentServer.bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:ADMIN[[parentServer.bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:REFERRER[[parentServer.bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.anchorPerson["`**parentServer.bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:OWNER[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.anchorPerson["`**bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER[[bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.contact["`**parentServer.bookingItem.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.contact:OWNER[[parentServer.bookingItem.debitorRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.contact:ADMIN[[parentServer.bookingItem.debitorRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.contact:REFERRER[[parentServer.bookingItem.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel["`**bookingItem.debitor.partnerRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel:roles[ ]
|
||||
style bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel:OWNER[[bookingItem.debitor.partnerRel:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel:ADMIN[[bookingItem.debitor.partnerRel:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel:AGENT[[bookingItem.debitor.partnerRel:AGENT]]
|
||||
role:bookingItem.debitor.partnerRel:TENANT[[bookingItem.debitor.partnerRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.anchorPerson["`**bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER[[bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel["`**bookingItem.debitorRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel:roles[ ]
|
||||
style bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel:OWNER[[bookingItem.debitorRel:OWNER]]
|
||||
role:bookingItem.debitorRel:ADMIN[[bookingItem.debitorRel:ADMIN]]
|
||||
role:bookingItem.debitorRel:AGENT[[bookingItem.debitorRel:AGENT]]
|
||||
role:bookingItem.debitorRel:TENANT[[bookingItem.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.contact["`**parentServer.bookingItem.debitor.partnerRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:OWNER[[parentServer.bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:ADMIN[[parentServer.bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:REFERRER[[parentServer.bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.anchorPerson["`**bookingItem.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.anchorPerson:OWNER[[bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN[[bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitorRel.anchorPerson:REFERRER[[bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel["`**parentServer.bookingItem.debitor.debitorRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel:OWNER[[parentServer.bookingItem.debitor.debitorRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:ADMIN[[parentServer.bookingItem.debitor.debitorRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:AGENT[[parentServer.bookingItem.debitor.debitorRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:TENANT[[parentServer.bookingItem.debitor.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.holderPerson["`**bookingItem.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.holderPerson:OWNER[[bookingItem.debitorRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN[[bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitorRel.holderPerson:REFERRER[[bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.refundBankAccount["`**bookingItem.debitor.refundBankAccount**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.refundBankAccount:roles[ ]
|
||||
style bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.refundBankAccount:OWNER[[bookingItem.debitor.refundBankAccount:OWNER]]
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN[[bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||
role:bookingItem.debitor.refundBankAccount:REFERRER[[bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel["`**parentServer.bookingItem.debitor.partnerRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel:OWNER[[parentServer.bookingItem.debitor.partnerRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:ADMIN[[parentServer.bookingItem.debitor.partnerRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:AGENT[[parentServer.bookingItem.debitor.partnerRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:TENANT[[parentServer.bookingItem.debitor.partnerRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.contact["`**bookingItem.debitor.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.contact:OWNER[[bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.contact:ADMIN[[bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.contact:REFERRER[[bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor["`**parentServer.bookingItem.debitor**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.holderPerson["`**parentServer.bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:OWNER[[parentServer.bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:ADMIN[[parentServer.bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:REFERRER[[parentServer.bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.contact["`**bookingItem.debitor.partnerRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.contact:OWNER[[bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.contact:ADMIN[[bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.contact:REFERRER[[bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel["`**parentServer.bookingItem.debitorRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel:OWNER[[parentServer.bookingItem.debitorRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel:ADMIN[[parentServer.bookingItem.debitorRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel:AGENT[[parentServer.bookingItem.debitorRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitorRel:TENANT[[parentServer.bookingItem.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem["`**bookingItem**`"]
|
||||
direction TB
|
||||
style bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem:roles[ ]
|
||||
style bookingItem:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem:OWNER[[bookingItem:OWNER]]
|
||||
role:bookingItem:ADMIN[[bookingItem:ADMIN]]
|
||||
role:bookingItem:AGENT[[bookingItem:AGENT]]
|
||||
role:bookingItem:TENANT[[bookingItem:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.parentServer["`**parentServer.parentServer**`"]
|
||||
direction TB
|
||||
style parentServer.parentServer fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.contact["`**parentServer.bookingItem.debitor.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:OWNER[[parentServer.bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:ADMIN[[parentServer.bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:REFERRER[[parentServer.bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.holderPerson["`**bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:OWNER[[bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN[[bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:REFERRER[[bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.contact["`**bookingItem.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.contact:roles[ ]
|
||||
style bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.contact:OWNER[[bookingItem.debitorRel.contact:OWNER]]
|
||||
role:bookingItem.debitorRel.contact:ADMIN[[bookingItem.debitorRel.contact:ADMIN]]
|
||||
role:bookingItem.debitorRel.contact:REFERRER[[bookingItem.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.refundBankAccount["`**parentServer.bookingItem.debitor.refundBankAccount**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.refundBankAccount:roles[ ]
|
||||
style parentServer.bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:OWNER[[parentServer.bookingItem.debitor.refundBankAccount:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:ADMIN[[parentServer.bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:REFERRER[[parentServer.bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor["`**bookingItem.debitor**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.holderPerson["`**bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:OWNER[[bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN[[bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:REFERRER[[bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel["`**bookingItem.debitor.debitorRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel:roles[ ]
|
||||
style bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel:OWNER[[bookingItem.debitor.debitorRel:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel:ADMIN[[bookingItem.debitor.debitorRel:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel:AGENT[[bookingItem.debitor.debitorRel:AGENT]]
|
||||
role:bookingItem.debitor.debitorRel:TENANT[[bookingItem.debitor.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph asset["`**asset**`"]
|
||||
direction TB
|
||||
style asset fill:#dd4901,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph asset:roles[ ]
|
||||
style asset:roles fill:#dd4901,stroke:white
|
||||
|
||||
role:asset:OWNER[[asset:OWNER]]
|
||||
role:asset:ADMIN[[asset:ADMIN]]
|
||||
role:asset:TENANT[[asset:TENANT]]
|
||||
end
|
||||
|
||||
subgraph asset:permissions[ ]
|
||||
style asset:permissions fill:#dd4901,stroke:white
|
||||
|
||||
perm:asset:INSERT{{asset:INSERT}}
|
||||
perm:asset:DELETE{{asset:DELETE}}
|
||||
perm:asset:UPDATE{{asset:UPDATE}}
|
||||
perm:asset:SELECT{{asset:SELECT}}
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.anchorPerson["`**parentServer.bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:OWNER[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
%% granting roles to roles
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
|
||||
role:bookingItem.debitor.debitorRel:OWNER -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||
role:bookingItem.debitor.debitorRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.debitorRel:TENANT
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:OWNER
|
||||
role:bookingItem.debitor.refundBankAccount:OWNER -.-> role:bookingItem.debitor.refundBankAccount:ADMIN
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
|
||||
role:bookingItem.debitor.partnerRel:OWNER -.-> role:bookingItem.debitor.partnerRel:ADMIN
|
||||
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
|
||||
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:OWNER
|
||||
role:bookingItem.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitorRel.anchorPerson:ADMIN
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:OWNER
|
||||
role:bookingItem.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitorRel.holderPerson:ADMIN
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.contact:OWNER
|
||||
role:bookingItem.debitorRel.contact:OWNER -.-> role:bookingItem.debitorRel.contact:ADMIN
|
||||
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||
role:bookingItem.debitorRel:OWNER -.-> role:bookingItem.debitorRel:ADMIN
|
||||
role:bookingItem.debitorRel:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:OWNER
|
||||
role:bookingItem:OWNER -.-> role:bookingItem:ADMIN
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:ADMIN
|
||||
role:bookingItem:ADMIN -.-> role:bookingItem:AGENT
|
||||
role:bookingItem:AGENT -.-> role:bookingItem:TENANT
|
||||
role:bookingItem:TENANT -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem:ADMIN ==> role:asset:OWNER
|
||||
role:asset:OWNER ==> role:asset:ADMIN
|
||||
role:asset:ADMIN ==> role:asset:TENANT
|
||||
role:asset:TENANT ==> role:bookingItem:TENANT
|
||||
|
||||
%% granting permissions to roles
|
||||
role:bookingItem:AGENT ==> perm:asset:INSERT
|
||||
role:asset:OWNER ==> perm:asset:DELETE
|
||||
role:asset:ADMIN ==> perm:asset:UPDATE
|
||||
role:asset:TENANT ==> perm:asset:SELECT
|
||||
|
||||
```
|
@ -0,0 +1,486 @@
|
||||
### rbac asset inCaseOf:MANAGED_WEBSPACE
|
||||
|
||||
This code generated was by RbacViewMermaidFlowchartGenerator, do not amend manually.
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
flowchart TB
|
||||
|
||||
subgraph parentServer.bookingItem["`**parentServer.bookingItem**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem:roles[ ]
|
||||
style parentServer.bookingItem:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem:OWNER[[parentServer.bookingItem:OWNER]]
|
||||
role:parentServer.bookingItem:ADMIN[[parentServer.bookingItem:ADMIN]]
|
||||
role:parentServer.bookingItem:AGENT[[parentServer.bookingItem:AGENT]]
|
||||
role:parentServer.bookingItem:TENANT[[parentServer.bookingItem:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.anchorPerson["`**parentServer.bookingItem.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:OWNER[[parentServer.bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.holderPerson["`**parentServer.bookingItem.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:OWNER[[parentServer.bookingItem.debitorRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:ADMIN[[parentServer.bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.holderPerson:REFERRER[[parentServer.bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer["`**parentServer**`"]
|
||||
direction TB
|
||||
style parentServer fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.holderPerson["`**parentServer.bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:OWNER[[parentServer.bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:ADMIN[[parentServer.bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.holderPerson:REFERRER[[parentServer.bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.anchorPerson["`**parentServer.bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:OWNER[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.anchorPerson["`**bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:OWNER[[bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.contact["`**parentServer.bookingItem.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel.contact:OWNER[[parentServer.bookingItem.debitorRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel.contact:ADMIN[[parentServer.bookingItem.debitorRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel.contact:REFERRER[[parentServer.bookingItem.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel["`**bookingItem.debitor.partnerRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel:roles[ ]
|
||||
style bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel:OWNER[[bookingItem.debitor.partnerRel:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel:ADMIN[[bookingItem.debitor.partnerRel:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel:AGENT[[bookingItem.debitor.partnerRel:AGENT]]
|
||||
role:bookingItem.debitor.partnerRel:TENANT[[bookingItem.debitor.partnerRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.anchorPerson["`**bookingItem.debitor.partnerRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:OWNER[[bookingItem.debitor.partnerRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:ADMIN[[bookingItem.debitor.partnerRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.anchorPerson:REFERRER[[bookingItem.debitor.partnerRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel["`**bookingItem.debitorRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel:roles[ ]
|
||||
style bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel:OWNER[[bookingItem.debitorRel:OWNER]]
|
||||
role:bookingItem.debitorRel:ADMIN[[bookingItem.debitorRel:ADMIN]]
|
||||
role:bookingItem.debitorRel:AGENT[[bookingItem.debitorRel:AGENT]]
|
||||
role:bookingItem.debitorRel:TENANT[[bookingItem.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.contact["`**parentServer.bookingItem.debitor.partnerRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:OWNER[[parentServer.bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:ADMIN[[parentServer.bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel.contact:REFERRER[[parentServer.bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.anchorPerson["`**bookingItem.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.anchorPerson:roles[ ]
|
||||
style bookingItem.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.anchorPerson:OWNER[[bookingItem.debitorRel.anchorPerson:OWNER]]
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN[[bookingItem.debitorRel.anchorPerson:ADMIN]]
|
||||
role:bookingItem.debitorRel.anchorPerson:REFERRER[[bookingItem.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel["`**parentServer.bookingItem.debitor.debitorRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel:OWNER[[parentServer.bookingItem.debitor.debitorRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:ADMIN[[parentServer.bookingItem.debitor.debitorRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:AGENT[[parentServer.bookingItem.debitor.debitorRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel:TENANT[[parentServer.bookingItem.debitor.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.holderPerson["`**bookingItem.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.holderPerson:OWNER[[bookingItem.debitorRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN[[bookingItem.debitorRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitorRel.holderPerson:REFERRER[[bookingItem.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.refundBankAccount["`**bookingItem.debitor.refundBankAccount**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.refundBankAccount:roles[ ]
|
||||
style bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.refundBankAccount:OWNER[[bookingItem.debitor.refundBankAccount:OWNER]]
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN[[bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||
role:bookingItem.debitor.refundBankAccount:REFERRER[[bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel["`**parentServer.bookingItem.debitor.partnerRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.partnerRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.partnerRel:roles[ ]
|
||||
style parentServer.bookingItem.debitor.partnerRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.partnerRel:OWNER[[parentServer.bookingItem.debitor.partnerRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:ADMIN[[parentServer.bookingItem.debitor.partnerRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:AGENT[[parentServer.bookingItem.debitor.partnerRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitor.partnerRel:TENANT[[parentServer.bookingItem.debitor.partnerRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.contact["`**bookingItem.debitor.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.contact:OWNER[[bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.contact:ADMIN[[bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.contact:REFERRER[[bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor["`**parentServer.bookingItem.debitor**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.holderPerson["`**parentServer.bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:OWNER[[parentServer.bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:ADMIN[[parentServer.bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.holderPerson:REFERRER[[parentServer.bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.contact["`**bookingItem.debitor.partnerRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.contact:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.contact:OWNER[[bookingItem.debitor.partnerRel.contact:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.contact:ADMIN[[bookingItem.debitor.partnerRel.contact:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.contact:REFERRER[[bookingItem.debitor.partnerRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel["`**parentServer.bookingItem.debitorRel**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitorRel:roles[ ]
|
||||
style parentServer.bookingItem.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitorRel:OWNER[[parentServer.bookingItem.debitorRel:OWNER]]
|
||||
role:parentServer.bookingItem.debitorRel:ADMIN[[parentServer.bookingItem.debitorRel:ADMIN]]
|
||||
role:parentServer.bookingItem.debitorRel:AGENT[[parentServer.bookingItem.debitorRel:AGENT]]
|
||||
role:parentServer.bookingItem.debitorRel:TENANT[[parentServer.bookingItem.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem["`**bookingItem**`"]
|
||||
direction TB
|
||||
style bookingItem fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem:roles[ ]
|
||||
style bookingItem:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem:OWNER[[bookingItem:OWNER]]
|
||||
role:bookingItem:ADMIN[[bookingItem:ADMIN]]
|
||||
role:bookingItem:AGENT[[bookingItem:AGENT]]
|
||||
role:bookingItem:TENANT[[bookingItem:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.parentServer["`**parentServer.parentServer**`"]
|
||||
direction TB
|
||||
style parentServer.parentServer fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.contact["`**parentServer.bookingItem.debitor.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.contact:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:OWNER[[parentServer.bookingItem.debitor.debitorRel.contact:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:ADMIN[[parentServer.bookingItem.debitor.debitorRel.contact:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.contact:REFERRER[[parentServer.bookingItem.debitor.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.holderPerson["`**bookingItem.debitor.partnerRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.partnerRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.partnerRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitor.partnerRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:OWNER[[bookingItem.debitor.partnerRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:ADMIN[[bookingItem.debitor.partnerRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitor.partnerRel.holderPerson:REFERRER[[bookingItem.debitor.partnerRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitorRel.contact["`**bookingItem.debitorRel.contact**`"]
|
||||
direction TB
|
||||
style bookingItem.debitorRel.contact fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitorRel.contact:roles[ ]
|
||||
style bookingItem.debitorRel.contact:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitorRel.contact:OWNER[[bookingItem.debitorRel.contact:OWNER]]
|
||||
role:bookingItem.debitorRel.contact:ADMIN[[bookingItem.debitorRel.contact:ADMIN]]
|
||||
role:bookingItem.debitorRel.contact:REFERRER[[bookingItem.debitorRel.contact:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.refundBankAccount["`**parentServer.bookingItem.debitor.refundBankAccount**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.refundBankAccount fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.refundBankAccount:roles[ ]
|
||||
style parentServer.bookingItem.debitor.refundBankAccount:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:OWNER[[parentServer.bookingItem.debitor.refundBankAccount:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:ADMIN[[parentServer.bookingItem.debitor.refundBankAccount:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.refundBankAccount:REFERRER[[parentServer.bookingItem.debitor.refundBankAccount:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor["`**bookingItem.debitor**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.holderPerson["`**bookingItem.debitor.debitorRel.holderPerson**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel.holderPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel.holderPerson:roles[ ]
|
||||
style bookingItem.debitor.debitorRel.holderPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:OWNER[[bookingItem.debitor.debitorRel.holderPerson:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:ADMIN[[bookingItem.debitor.debitorRel.holderPerson:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel.holderPerson:REFERRER[[bookingItem.debitor.debitorRel.holderPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel["`**bookingItem.debitor.debitorRel**`"]
|
||||
direction TB
|
||||
style bookingItem.debitor.debitorRel fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph bookingItem.debitor.debitorRel:roles[ ]
|
||||
style bookingItem.debitor.debitorRel:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:bookingItem.debitor.debitorRel:OWNER[[bookingItem.debitor.debitorRel:OWNER]]
|
||||
role:bookingItem.debitor.debitorRel:ADMIN[[bookingItem.debitor.debitorRel:ADMIN]]
|
||||
role:bookingItem.debitor.debitorRel:AGENT[[bookingItem.debitor.debitorRel:AGENT]]
|
||||
role:bookingItem.debitor.debitorRel:TENANT[[bookingItem.debitor.debitorRel:TENANT]]
|
||||
end
|
||||
end
|
||||
|
||||
subgraph asset["`**asset**`"]
|
||||
direction TB
|
||||
style asset fill:#dd4901,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph asset:roles[ ]
|
||||
style asset:roles fill:#dd4901,stroke:white
|
||||
|
||||
role:asset:OWNER[[asset:OWNER]]
|
||||
role:asset:ADMIN[[asset:ADMIN]]
|
||||
role:asset:TENANT[[asset:TENANT]]
|
||||
end
|
||||
|
||||
subgraph asset:permissions[ ]
|
||||
style asset:permissions fill:#dd4901,stroke:white
|
||||
|
||||
perm:asset:INSERT{{asset:INSERT}}
|
||||
perm:asset:DELETE{{asset:DELETE}}
|
||||
perm:asset:UPDATE{{asset:UPDATE}}
|
||||
perm:asset:SELECT{{asset:SELECT}}
|
||||
end
|
||||
end
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.anchorPerson["`**parentServer.bookingItem.debitor.debitorRel.anchorPerson**`"]
|
||||
direction TB
|
||||
style parentServer.bookingItem.debitor.debitorRel.anchorPerson fill:#99bcdb,stroke:#274d6e,stroke-width:8px
|
||||
|
||||
subgraph parentServer.bookingItem.debitor.debitorRel.anchorPerson:roles[ ]
|
||||
style parentServer.bookingItem.debitor.debitorRel.anchorPerson:roles fill:#99bcdb,stroke:white
|
||||
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:OWNER[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:OWNER]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:ADMIN[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:ADMIN]]
|
||||
role:parentServer.bookingItem.debitor.debitorRel.anchorPerson:REFERRER[[parentServer.bookingItem.debitor.debitorRel.anchorPerson:REFERRER]]
|
||||
end
|
||||
end
|
||||
|
||||
%% granting roles to roles
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.debitorRel:OWNER
|
||||
role:bookingItem.debitor.debitorRel:OWNER -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||
role:bookingItem.debitor.debitorRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.debitorRel:TENANT
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:OWNER
|
||||
role:bookingItem.debitor.refundBankAccount:OWNER -.-> role:bookingItem.debitor.refundBankAccount:ADMIN
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||
role:bookingItem.debitor.refundBankAccount:ADMIN -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.refundBankAccount:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitor.partnerRel:OWNER
|
||||
role:bookingItem.debitor.partnerRel:OWNER -.-> role:bookingItem.debitor.partnerRel:ADMIN
|
||||
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.partnerRel:AGENT
|
||||
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||
role:bookingItem.debitor.partnerRel:ADMIN -.-> role:bookingItem.debitor.debitorRel:ADMIN
|
||||
role:bookingItem.debitor.partnerRel:AGENT -.-> role:bookingItem.debitor.debitorRel:AGENT
|
||||
role:bookingItem.debitor.debitorRel:AGENT -.-> role:bookingItem.debitor.partnerRel:TENANT
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:OWNER
|
||||
role:bookingItem.debitorRel.anchorPerson:OWNER -.-> role:bookingItem.debitorRel.anchorPerson:ADMIN
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:OWNER
|
||||
role:bookingItem.debitorRel.holderPerson:OWNER -.-> role:bookingItem.debitorRel.holderPerson:ADMIN
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel.contact:OWNER
|
||||
role:bookingItem.debitorRel.contact:OWNER -.-> role:bookingItem.debitorRel.contact:ADMIN
|
||||
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||
role:global:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||
role:bookingItem.debitorRel:OWNER -.-> role:bookingItem.debitorRel:ADMIN
|
||||
role:bookingItem.debitorRel:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem.debitorRel.contact:ADMIN -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.anchorPerson:REFERRER
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.holderPerson:REFERRER
|
||||
role:bookingItem.debitorRel:TENANT -.-> role:bookingItem.debitorRel.contact:REFERRER
|
||||
role:bookingItem.debitorRel.anchorPerson:ADMIN -.-> role:bookingItem.debitorRel:OWNER
|
||||
role:bookingItem.debitorRel.holderPerson:ADMIN -.-> role:bookingItem.debitorRel:AGENT
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:OWNER
|
||||
role:bookingItem:OWNER -.-> role:bookingItem:ADMIN
|
||||
role:bookingItem.debitorRel:AGENT -.-> role:bookingItem:ADMIN
|
||||
role:bookingItem:ADMIN -.-> role:bookingItem:AGENT
|
||||
role:bookingItem:AGENT -.-> role:bookingItem:TENANT
|
||||
role:bookingItem:TENANT -.-> role:bookingItem.debitorRel:TENANT
|
||||
role:global:ADMIN -.-> role:parentServer.bookingItem.debitorRel:OWNER
|
||||
role:parentServer.bookingItem.debitorRel:OWNER -.-> role:parentServer.bookingItem.debitorRel:ADMIN
|
||||
role:parentServer.bookingItem.debitorRel:ADMIN -.-> role:parentServer.bookingItem.debitorRel:AGENT
|
||||
role:parentServer.bookingItem.debitorRel:AGENT -.-> role:parentServer.bookingItem.debitorRel:TENANT
|
||||
role:parentServer.bookingItem.debitorRel:AGENT -.-> role:parentServer.bookingItem:OWNER
|
||||
role:parentServer.bookingItem:OWNER -.-> role:parentServer.bookingItem:ADMIN
|
||||
role:parentServer.bookingItem.debitorRel:AGENT -.-> role:parentServer.bookingItem:ADMIN
|
||||
role:parentServer.bookingItem:ADMIN -.-> role:parentServer.bookingItem:AGENT
|
||||
role:parentServer.bookingItem:AGENT -.-> role:parentServer.bookingItem:TENANT
|
||||
role:parentServer.bookingItem:TENANT -.-> role:parentServer.bookingItem.debitorRel:TENANT
|
||||
role:bookingItem:ADMIN ==> role:asset:OWNER
|
||||
role:asset:OWNER ==> role:asset:ADMIN
|
||||
role:asset:ADMIN ==> role:asset:TENANT
|
||||
role:asset:TENANT ==> role:bookingItem:TENANT
|
||||
|
||||
%% granting permissions to roles
|
||||
role:bookingItem:AGENT ==> perm:asset:INSERT
|
||||
role:asset:OWNER ==> perm:asset:DELETE
|
||||
role:asset:ADMIN ==> perm:asset:UPDATE
|
||||
role:asset:TENANT ==> perm:asset:SELECT
|
||||
|
||||
```
|
@ -0,0 +1,180 @@
|
||||
--liquibase formatted sql
|
||||
-- This code generated was by RbacViewPostgresGenerator, do not amend manually.
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-rbac-OBJECT:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRelatedRbacObject('hs_hosting_asset');
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting_asset');
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-rbac-insert-trigger:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
/*
|
||||
Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
|
||||
*/
|
||||
|
||||
create or replace procedure buildRbacSystemForHsHostingAsset(
|
||||
NEW hs_hosting_asset
|
||||
)
|
||||
language plpgsql as $$
|
||||
|
||||
declare
|
||||
newParentServer hs_hosting_asset;
|
||||
newBookingItem hs_booking_item;
|
||||
|
||||
begin
|
||||
call enterTriggerForObjectUuid(NEW.uuid);
|
||||
|
||||
SELECT * FROM hs_hosting_asset WHERE uuid = NEW.parentAssetUuid INTO newParentServer;
|
||||
|
||||
SELECT * FROM hs_booking_item WHERE uuid = NEW.bookingItemUuid INTO newBookingItem;
|
||||
assert newBookingItem.uuid is not null, format('newBookingItem must not be null for NEW.bookingItemUuid = %s', NEW.bookingItemUuid);
|
||||
|
||||
|
||||
perform createRoleWithGrants(
|
||||
hsHostingAssetOWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[hsBookingItemADMIN(newBookingItem)]
|
||||
);
|
||||
|
||||
perform createRoleWithGrants(
|
||||
hsHostingAssetADMIN(NEW),
|
||||
permissions => array['UPDATE'],
|
||||
incomingSuperRoles => array[hsHostingAssetOWNER(NEW)]
|
||||
);
|
||||
|
||||
perform createRoleWithGrants(
|
||||
hsHostingAssetTENANT(NEW),
|
||||
permissions => array['SELECT'],
|
||||
incomingSuperRoles => array[hsHostingAssetADMIN(NEW)],
|
||||
outgoingSubRoles => array[hsBookingItemTENANT(newBookingItem)]
|
||||
);
|
||||
|
||||
IF NEW.type = 'CLOUD_SERVER' THEN
|
||||
ELSIF NEW.type = 'MANAGED_SERVER' THEN
|
||||
ELSIF NEW.type = 'MANAGED_WEBSPACE' THEN
|
||||
END IF;
|
||||
|
||||
call leaveTriggerForObjectUuid(NEW.uuid);
|
||||
end; $$;
|
||||
|
||||
/*
|
||||
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting_asset row.
|
||||
*/
|
||||
|
||||
create or replace function insertTriggerForHsHostingAsset_tf()
|
||||
returns trigger
|
||||
language plpgsql
|
||||
strict as $$
|
||||
begin
|
||||
call buildRbacSystemForHsHostingAsset(NEW);
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
||||
create trigger insertTriggerForHsHostingAsset_tg
|
||||
after insert on hs_hosting_asset
|
||||
for each row
|
||||
execute procedure insertTriggerForHsHostingAsset_tf();
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-rbac-INSERT:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
/*
|
||||
Creates INSERT INTO hs_hosting_asset permissions for the related hs_booking_item rows.
|
||||
*/
|
||||
do language plpgsql $$
|
||||
declare
|
||||
row hs_booking_item;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_hosting_asset permissions for the related hs_booking_item rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_booking_item
|
||||
LOOP
|
||||
call grantPermissionToRole(
|
||||
createPermission(row.uuid, 'INSERT', 'hs_hosting_asset'),
|
||||
hsBookingItemAGENT(row));
|
||||
END LOOP;
|
||||
END;
|
||||
$$;
|
||||
|
||||
/**
|
||||
Adds hs_hosting_asset INSERT permission to specified role of new hs_booking_item rows.
|
||||
*/
|
||||
create or replace function hs_hosting_asset_hs_booking_item_insert_tf()
|
||||
returns trigger
|
||||
language plpgsql
|
||||
strict as $$
|
||||
begin
|
||||
call grantPermissionToRole(
|
||||
createPermission(NEW.uuid, 'INSERT', 'hs_hosting_asset'),
|
||||
hsBookingItemAGENT(NEW));
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
||||
-- z_... is to put it at the end of after insert triggers, to make sure the roles exist
|
||||
create trigger z_hs_hosting_asset_hs_booking_item_insert_tg
|
||||
after insert on hs_booking_item
|
||||
for each row
|
||||
execute procedure hs_hosting_asset_hs_booking_item_insert_tf();
|
||||
|
||||
/**
|
||||
Checks if the user or assumed roles are allowed to insert a row to hs_hosting_asset,
|
||||
where the check is performed by a direct role.
|
||||
|
||||
A direct role is a role depending on a foreign key directly available in the NEW row.
|
||||
*/
|
||||
create or replace function hs_hosting_asset_insert_permission_missing_tf()
|
||||
returns trigger
|
||||
language plpgsql as $$
|
||||
begin
|
||||
raise exception '[403] insert into hs_hosting_asset not allowed for current subjects % (%)',
|
||||
currentSubjects(), currentSubjectsUuids();
|
||||
end; $$;
|
||||
|
||||
create trigger hs_hosting_asset_insert_permission_check_tg
|
||||
before insert on hs_hosting_asset
|
||||
for each row
|
||||
when ( not hasInsertPermission(NEW.bookingItemUuid, 'INSERT', 'hs_hosting_asset') )
|
||||
execute procedure hs_hosting_asset_insert_permission_missing_tf();
|
||||
--//
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call generateRbacIdentityViewFromQuery('hs_hosting_asset',
|
||||
$idName$
|
||||
SELECT asset.uuid as uuid, bookingItemIV.idName || '-' || cleanIdentifier(asset.caption) as idName
|
||||
FROM hs_hosting_asset asset
|
||||
JOIN hs_booking_item_iv bookingItemIV ON bookingItemIV.uuid = asset.bookingItemUuid
|
||||
$idName$);
|
||||
--//
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacRestrictedView('hs_hosting_asset',
|
||||
$orderBy$
|
||||
caption
|
||||
$orderBy$,
|
||||
$updates$
|
||||
version = new.version,
|
||||
caption = new.caption,
|
||||
config = new.config
|
||||
$updates$);
|
||||
--//
|
||||
|
@ -2,13 +2,13 @@
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-server-TEST-DATA-GENERATOR:1 endDelimiter:--//
|
||||
--changeset hs-hosting-asset-TEST-DATA-GENERATOR:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
/*
|
||||
Creates a single hs_hosting_server test record.
|
||||
Creates a single hs_hosting_asset test record.
|
||||
*/
|
||||
create or replace procedure createHsHostingServerTestData(
|
||||
create or replace procedure createHsHostingAssetTestData(
|
||||
givenPartnerNumber numeric,
|
||||
givenDebitorSuffix char(2)
|
||||
)
|
||||
@ -18,7 +18,7 @@ declare
|
||||
relatedDebitor hs_office_debitor;
|
||||
relatedBookingItem hs_booking_item;
|
||||
begin
|
||||
currentTask := 'creating hosting-server test-data ' || givenPartnerNumber::text || givenDebitorSuffix;
|
||||
currentTask := 'creating hosting-asset test-data ' || givenPartnerNumber::text || givenDebitorSuffix;
|
||||
call defineContext(currentTask, null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
execute format('set local hsadminng.currentTask to %L', currentTask);
|
||||
|
||||
@ -33,25 +33,25 @@ begin
|
||||
where item.debitoruuid = relatedDebitor.uuid
|
||||
and item.caption = 'some PrivateCloud';
|
||||
|
||||
raise notice 'creating test hosting-server: %', givenPartnerNumber::text || givenDebitorSuffix::text;
|
||||
raise notice 'creating test hosting-asset: %', givenPartnerNumber::text || givenDebitorSuffix::text;
|
||||
raise notice '- using debitor (%): %', relatedDebitor.uuid, relatedDebitor;
|
||||
insert
|
||||
into hs_hosting_server (uuid, bookingitemuuid, caption, config)
|
||||
values (uuid_generate_v4(), relatedBookingItem.uuid, 'some ManagedServer', '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
|
||||
(uuid_generate_v4(), relatedBookingItem.uuid, 'another CloudServer', '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
|
||||
into hs_hosting_asset (uuid, bookingitemuuid, caption, config)
|
||||
values (uuid_generate_v4(), relatedBookingItem.uuid, 'some ManagedAsset', '{ "CPU": 2, "SDD": 512, "extra": 42 }'::jsonb),
|
||||
(uuid_generate_v4(), relatedBookingItem.uuid, 'another CloudAsset', '{ "CPU": 2, "HDD": 1024, "extra": 42 }'::jsonb),
|
||||
(uuid_generate_v4(), relatedBookingItem.uuid, 'some Whatever', '{ "CPU": 1, "SDD": 512, "HDD": 2048, "extra": 42 }'::jsonb);
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-server-TEST-DATA-GENERATION:1 –context=dev,tc endDelimiter:--//
|
||||
--changeset hs-hosting-asset-TEST-DATA-GENERATION:1 –context=dev,tc endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call createHsHostingServerTestData(10001, '11');
|
||||
call createHsHostingServerTestData(10002, '12');
|
||||
call createHsHostingServerTestData(10003, '13');
|
||||
call createHsHostingAssetTestData(10001, '11');
|
||||
call createHsHostingAssetTestData(10002, '12');
|
||||
call createHsHostingAssetTestData(10003, '13');
|
||||
end;
|
||||
$$;
|
@ -134,8 +134,8 @@ databaseChangeLog:
|
||||
- include:
|
||||
file: db/changelog/6-hs-booking/601-booking-item/6018-hs-booking-item-test-data.sql
|
||||
- include:
|
||||
file: db/changelog/7-hs-hosting/701-hosting-server/7010-hs-hosting-server.sql
|
||||
file: db/changelog/7-hs-hosting/701-hosting-asset/7010-hs-hosting-asset.sql
|
||||
- include:
|
||||
file: db/changelog/7-hs-hosting/701-hosting-server/7013-hs-hosting-server-rbac.sql
|
||||
file: db/changelog/7-hs-hosting/701-hosting-asset/7013-hs-hosting-server-rbac.sql
|
||||
- include:
|
||||
file: db/changelog/7-hs-hosting/701-hosting-server/7018-hs-hosting-server-test-data.sql
|
||||
file: db/changelog/7-hs-hosting/701-hosting-asset/7018-hs-hosting-asset-test-data.sql
|
||||
|
@ -120,7 +120,7 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
|
||||
|
||||
// insert+delete
|
||||
"{ grant perm:hs_booking_item#D-1000111-somenewbookingitem:DELETE to role:global#global:ADMIN by system and assume }",
|
||||
"{ grant perm:hs_booking_item#D-1000111-somenewbookingitem:INSERT>hs_hosting_server to role:hs_booking_item#D-1000111-somenewbookingitem:AGENT by system and assume }",
|
||||
"{ grant perm:hs_booking_item#D-1000111-somenewbookingitem:INSERT>hs_hosting_asset to role:hs_booking_item#D-1000111-somenewbookingitem:AGENT by system and assume }",
|
||||
|
||||
// owner
|
||||
//"{ grant perm:hs_booking_item#D-1000111-somenewbookingitem:UPDATE to role:hs_booking_item#D-1000111-somenewbookingitem:OWNER by system and assume }",
|
||||
|
@ -24,7 +24,7 @@ class HsHostingAssetEntityUnitTest {
|
||||
final var result = givenServer.toString();
|
||||
|
||||
assertThat(result).isEqualTo(
|
||||
"HsHostingServerEntity(D-1000100:test booking item, some caption, { CPUs: 2, HDD-storage: 2048, SSD-storage: 512 })");
|
||||
"HsHostingAssetEntity(D-1000100:test booking item, some caption, { CPUs: 2, HDD-storage: 2048, SSD-storage: 512 })");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
@ -109,27 +109,27 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
final var all = rawRoleRepo.findAll();
|
||||
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
|
||||
initialRoleNames,
|
||||
"hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:ADMIN",
|
||||
"hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:OWNER",
|
||||
"hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:TENANT"));
|
||||
"hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:ADMIN",
|
||||
"hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:OWNER",
|
||||
"hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:TENANT"));
|
||||
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
|
||||
.map(s -> s.replace("hs_office_", ""))
|
||||
.containsExactlyInAnyOrder(fromFormatted(
|
||||
initialGrantNames,
|
||||
// global-admin
|
||||
"{ grant perm:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:DELETE to role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:OWNER by system and assume }",
|
||||
"{ grant perm:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:DELETE to role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:OWNER by system and assume }",
|
||||
|
||||
// owner
|
||||
"{ grant perm:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:UPDATE to role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:ADMIN by system and assume }",
|
||||
"{ grant perm:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:UPDATE to role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:ADMIN by system and assume }",
|
||||
|
||||
// admin
|
||||
"{ grant role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:ADMIN to role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:OWNER by system and assume }",
|
||||
"{ grant role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:OWNER to role:hs_booking_item#D-1000111-someCloudServer:ADMIN by system and assume }",
|
||||
"{ grant role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:ADMIN to role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:OWNER by system and assume }",
|
||||
"{ grant role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:OWNER to role:hs_booking_item#D-1000111-someCloudServer:ADMIN by system and assume }",
|
||||
|
||||
// tenant
|
||||
"{ grant role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:TENANT to role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:ADMIN by system and assume }",
|
||||
"{ grant perm:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:SELECT to role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:TENANT by system and assume }",
|
||||
"{ grant role:hs_booking_item#D-1000111-someCloudServer:TENANT to role:hs_hosting_server#D-1000111-someCloudServer-somenewbookingserver:TENANT by system and assume }",
|
||||
"{ grant role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:TENANT to role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:ADMIN by system and assume }",
|
||||
"{ grant perm:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:SELECT to role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:TENANT by system and assume }",
|
||||
"{ grant role:hs_booking_item#D-1000111-someCloudServer:TENANT to role:hs_hosting_asset#D-1000111-someCloudServer-somenewbookingserver:TENANT by system and assume }",
|
||||
|
||||
null));
|
||||
}
|
||||
@ -265,7 +265,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
|
||||
// when
|
||||
final var result = jpaAttempt.transacted(() -> {
|
||||
context("person-FirbySusan@example.com", "hs_hosting_server#D-1000111-someCloudServer-sometempbookingserver:ADMIN");
|
||||
context("person-FirbySusan@example.com", "hs_hosting_asset#D-1000111-someCloudServer-sometempbookingserver:ADMIN");
|
||||
assertThat(serverRepo.findByUuid(givenServer.getUuid())).isPresent();
|
||||
|
||||
serverRepo.deleteByUuid(givenServer.getUuid());
|
||||
@ -274,7 +274,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
// then
|
||||
result.assertExceptionWithRootCauseMessage(
|
||||
JpaSystemException.class,
|
||||
"[403] Subject ", " is not allowed to delete hs_hosting_server");
|
||||
"[403] Subject ", " is not allowed to delete hs_hosting_asset");
|
||||
assertThat(jpaAttempt.transacted(() -> {
|
||||
context("superuser-alex@hostsharing.net");
|
||||
return serverRepo.findByUuid(givenServer.getUuid());
|
||||
@ -309,7 +309,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp
|
||||
from tx_journal_v
|
||||
where targettable = 'hs_hosting_server';
|
||||
where targettable = 'hs_hosting_asset';
|
||||
""");
|
||||
|
||||
// when
|
||||
@ -317,9 +317,9 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
|
||||
// then
|
||||
assertThat(customerLogEntries).map(Arrays::toString).contains(
|
||||
"[creating hosting-server test-data 1000111, hs_hosting_server, INSERT]",
|
||||
"[creating hosting-server test-data 1000212, hs_hosting_server, INSERT]",
|
||||
"[creating hosting-server test-data 1000313, hs_hosting_server, INSERT]");
|
||||
"[creating hosting-server test-data 1000111, hs_hosting_asset, INSERT]",
|
||||
"[creating hosting-server test-data 1000212, hs_hosting_asset, INSERT]",
|
||||
"[creating hosting-server test-data 1000313, hs_hosting_asset, INSERT]");
|
||||
}
|
||||
|
||||
private HsHostingAssetEntity givenSomeTemporaryServer(final String debitorName) {
|
||||
|
@ -620,7 +620,7 @@ public class ImportOfficeData extends ContextBasedTest {
|
||||
private void deleteTestDataFromHsOfficeTables() {
|
||||
jpaAttempt.transacted(() -> {
|
||||
context(rbacSuperuser);
|
||||
em.createNativeQuery("delete from hs_hosting_server where true").executeUpdate();
|
||||
em.createNativeQuery("delete from hs_hosting_asset where true").executeUpdate();
|
||||
em.createNativeQuery("delete from hs_booking_item where true").executeUpdate();
|
||||
em.createNativeQuery("delete from hs_office_coopassetstransaction where true").executeUpdate();
|
||||
em.createNativeQuery("delete from hs_office_coopassetstransaction_legacy_id where true").executeUpdate();
|
||||
|
Loading…
Reference in New Issue
Block a user