Compare commits

...

2 Commits

Author SHA1 Message Date
Michael Hoennig
19cc787a4a rename coopsharestransactions->coopsharetx 2024-09-20 13:01:44 +02:00
Michael Hoennig
754df475a7 rename coopassetstransactions->coopassettx 2024-09-20 12:42:52 +02:00
20 changed files with 140 additions and 142 deletions

View File

@ -34,7 +34,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor;
import static net.hostsharing.hsadminng.stringify.Stringify.stringify; import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
@Entity @Entity
@Table(schema = "hs_office", name = "coopassetstransaction_rv") @Table(schema = "hs_office", name = "coopassettx_rv")
@Getter @Getter
@Setter @Setter
@Builder @Builder

View File

@ -32,7 +32,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor;
import static net.hostsharing.hsadminng.stringify.Stringify.stringify; import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
@Entity @Entity
@Table(schema = "hs_office", name = "coopsharestransaction_rv") @Table(schema = "hs_office", name = "coopsharetx_rv")
@Getter @Getter
@Setter @Setter
@Builder @Builder

View File

@ -987,14 +987,12 @@ public class RbacView {
String getRawTableShortName() { String getRawTableShortName() {
// TODO.impl: some combined function and trigger names are too long // TODO.impl: some combined function and trigger names are too long
// maybe we should shorten the table name e.g. hs_office.coopsharestransaction -> hsof.coopsharetx // maybe we should shorten the table name e.g. hs_office.coopsharetx -> hsof.coopsharetx
// this is just a workaround: // this is just a workaround:
return getRawTableName() return getRawTableName()
.replace("hs_office.", "hsof.") .replace("hs_office.", "hsof.")
.replace("hs_booking.", "hsbk_") .replace("hs_booking.", "hsbk_")
.replace("hs_hosting.", "hsho_") .replace("hs_hosting.", "hsho_");
.replace("coopsharestransaction", "coopsharetx")
.replace("coopassetstransaction", "coopassettx");
} }
String dependsOnColumName() { String dependsOnColumName() {

View File

@ -8,7 +8,7 @@ CREATE TYPE hs_office.CoopSharesTransactionType AS ENUM ('ADJUSTMENT', 'SUBSCRIP
CREATE CAST (character varying as hs_office.CoopSharesTransactionType) WITH INOUT AS IMPLICIT; CREATE CAST (character varying as hs_office.CoopSharesTransactionType) WITH INOUT AS IMPLICIT;
create table if not exists hs_office.coopsharestransaction create table if not exists hs_office.coopsharetx
( (
uuid uuid unique references rbac.object (uuid) initially deferred, uuid uuid unique references rbac.object (uuid) initially deferred,
version int not null default 0, version int not null default 0,
@ -17,7 +17,7 @@ create table if not exists hs_office.coopsharestransaction
valueDate date not null, valueDate date not null,
shareCount integer not null, shareCount integer not null,
reference varchar(48) not null, reference varchar(48) not null,
adjustedShareTxUuid uuid unique REFERENCES hs_office.coopsharestransaction(uuid) DEFERRABLE INITIALLY DEFERRED, adjustedShareTxUuid uuid unique REFERENCES hs_office.coopsharetx(uuid) DEFERRABLE INITIALLY DEFERRED,
comment varchar(512) comment varchar(512)
); );
--// --//
@ -26,7 +26,7 @@ create table if not exists hs_office.coopsharestransaction
--changeset michael.hoennig:hs-office-coopshares-BUSINESS-RULES endDelimiter:--// --changeset michael.hoennig:hs-office-coopshares-BUSINESS-RULES endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
alter table hs_office.coopsharestransaction alter table hs_office.coopsharetx
add constraint reverse_entry_missing add constraint reverse_entry_missing
check ( transactionType = 'ADJUSTMENT' and adjustedShareTxUuid is not null check ( transactionType = 'ADJUSTMENT' and adjustedShareTxUuid is not null
or transactionType <> 'ADJUSTMENT' and adjustedShareTxUuid is null); or transactionType <> 'ADJUSTMENT' and adjustedShareTxUuid is null);
@ -44,7 +44,7 @@ declare
totalShareCount integer; totalShareCount integer;
begin begin
select sum(cst.shareCount) select sum(cst.shareCount)
from hs_office.coopsharestransaction cst from hs_office.coopsharetx cst
where cst.membershipUuid = forMembershipUuid where cst.membershipUuid = forMembershipUuid
into currentShareCount; into currentShareCount;
totalShareCount := currentShareCount + newShareCount; totalShareCount := currentShareCount + newShareCount;
@ -54,7 +54,7 @@ begin
return true; return true;
end; $$; end; $$;
alter table hs_office.coopsharestransaction alter table hs_office.coopsharetx
add constraint check_positive_total_shares_count add constraint check_positive_total_shares_count
check ( hs_office.coopsharestx_check_positive_total(membershipUuid, shareCount) ); check ( hs_office.coopsharestx_check_positive_total(membershipUuid, shareCount) );
@ -64,5 +64,5 @@ alter table hs_office.coopsharestransaction
--changeset michael.hoennig:hs-office-coopshares-MAIN-TABLE-JOURNAL endDelimiter:--// --changeset michael.hoennig:hs-office-coopshares-MAIN-TABLE-JOURNAL endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call base.create_journal('hs_office.coopsharestransaction'); call base.create_journal('hs_office.coopsharetx');
--// --//

View File

@ -3,29 +3,29 @@
-- ============================================================================ -- ============================================================================
--changeset RbacObjectGenerator:hs-office-coopsharestransaction-rbac-OBJECT endDelimiter:--// --changeset RbacObjectGenerator:hs-office-coopsharetx-rbac-OBJECT endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRelatedRbacObject('hs_office.coopsharestransaction'); call rbac.generateRelatedRbacObject('hs_office.coopsharetx');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacRoleDescriptorsGenerator:hs-office-coopsharestransaction-rbac-ROLE-DESCRIPTORS endDelimiter:--// --changeset RbacRoleDescriptorsGenerator:hs-office-coopsharetx-rbac-ROLE-DESCRIPTORS endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRoleDescriptors('hs_office.coopsharestransaction'); call rbac.generateRbacRoleDescriptors('hs_office.coopsharetx');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RolesGrantsAndPermissionsGenerator:hs-office-coopsharestransaction-rbac-insert-trigger endDelimiter:--// --changeset RolesGrantsAndPermissionsGenerator:hs-office-coopsharetx-rbac-insert-trigger endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure hs_office.coopsharestransaction_build_rbac_system( create or replace procedure hs_office.coopsharetx_build_rbac_system(
NEW hs_office.coopsharestransaction NEW hs_office.coopsharetx
) )
language plpgsql as $$ language plpgsql as $$
@ -45,52 +45,52 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopsharestransaction row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopsharetx row.
*/ */
create or replace function hs_office.coopsharestransaction_build_rbac_system_after_insert_tf() create or replace function hs_office.coopsharetx_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call hs_office.coopsharestransaction_build_rbac_system(NEW); call hs_office.coopsharetx_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger build_rbac_system_after_insert_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.coopsharestransaction after insert on hs_office.coopsharetx
for each row for each row
execute procedure hs_office.coopsharestransaction_build_rbac_system_after_insert_tf(); execute procedure hs_office.coopsharetx_build_rbac_system_after_insert_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopsharestransaction-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopsharetx-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
-- granting INSERT permission to hs_office.membership ---------------------------- -- granting INSERT permission to hs_office.membership ----------------------------
/* /*
Grants INSERT INTO hs_office.coopsharestransaction permissions to specified role of pre-existing hs_office.membership rows. Grants INSERT INTO hs_office.coopsharetx permissions to specified role of pre-existing hs_office.membership rows.
*/ */
do language plpgsql $$ do language plpgsql $$
declare declare
row hs_office.membership; row hs_office.membership;
begin begin
call base.defineContext('create INSERT INTO hs_office.coopsharestransaction permissions for pre-exising hs_office.membership rows'); call base.defineContext('create INSERT INTO hs_office.coopsharetx permissions for pre-exising hs_office.membership rows');
FOR row IN SELECT * FROM hs_office.membership FOR row IN SELECT * FROM hs_office.membership
-- unconditional for all rows in that table -- unconditional for all rows in that table
LOOP LOOP
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopsharestransaction'), rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopsharetx'),
hs_office.membership_ADMIN(row)); hs_office.membership_ADMIN(row));
END LOOP; END LOOP;
end; end;
$$; $$;
/** /**
Grants hs_office.coopsharestransaction INSERT permission to specified role of new membership rows. Grants hs_office.coopsharetx INSERT permission to specified role of new membership rows.
*/ */
create or replace function hs_office.new_coopsharetx_grants_insert_to_membership_tf() create or replace function hs_office.new_coopsharetx_grants_insert_to_membership_tf()
returns trigger returns trigger
@ -99,53 +99,53 @@ create or replace function hs_office.new_coopsharetx_grants_insert_to_membership
begin begin
-- unconditional for all rows in that table -- unconditional for all rows in that table
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopsharestransaction'), rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopsharetx'),
hs_office.membership_ADMIN(NEW)); hs_office.membership_ADMIN(NEW));
-- end. -- end.
return NEW; return NEW;
end; $$; end; $$;
-- z_... is to put it at the end of after insert triggers, to make sure the roles exist -- z_... is to put it at the end of after insert triggers, to make sure the roles exist
create trigger z_new_coopsharestransaction_grants_after_insert_tg create trigger z_new_coopsharetx_grants_after_insert_tg
after insert on hs_office.membership after insert on hs_office.membership
for each row for each row
execute procedure hs_office.new_coopsharetx_grants_insert_to_membership_tf(); execute procedure hs_office.new_coopsharetx_grants_insert_to_membership_tf();
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopsharestransaction-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopsharetx-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/** /**
Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopsharestransaction. Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopsharetx.
*/ */
create or replace function hs_office.coopsharestransaction_insert_permission_check_tf() create or replace function hs_office.coopsharetx_insert_permission_check_tf()
returns trigger returns trigger
language plpgsql as $$ language plpgsql as $$
declare declare
superObjectUuid uuid; superObjectUuid uuid;
begin begin
-- check INSERT permission via direct foreign key: NEW.membershipUuid -- check INSERT permission via direct foreign key: NEW.membershipUuid
if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopsharestransaction') then if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopsharetx') then
return NEW; return NEW;
end if; end if;
raise exception '[403] insert into hs_office.coopsharestransaction values(%) not allowed for current subjects % (%)', raise exception '[403] insert into hs_office.coopsharetx values(%) not allowed for current subjects % (%)',
NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids(); NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids();
end; $$; end; $$;
create trigger coopsharestransaction_insert_permission_check_tg create trigger coopsharetx_insert_permission_check_tg
before insert on hs_office.coopsharestransaction before insert on hs_office.coopsharetx
for each row for each row
execute procedure hs_office.coopsharestransaction_insert_permission_check_tf(); execute procedure hs_office.coopsharetx_insert_permission_check_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacIdentityViewGenerator:hs-office-coopsharestransaction-rbac-IDENTITY-VIEW endDelimiter:--// --changeset RbacIdentityViewGenerator:hs-office-coopsharetx-rbac-IDENTITY-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacIdentityViewFromProjection('hs_office.coopsharestransaction', call rbac.generateRbacIdentityViewFromProjection('hs_office.coopsharetx',
$idName$ $idName$
reference reference
$idName$); $idName$);
@ -153,9 +153,9 @@ call rbac.generateRbacIdentityViewFromProjection('hs_office.coopsharestransactio
-- ============================================================================ -- ============================================================================
--changeset RbacRestrictedViewGenerator:hs-office-coopsharestransaction-rbac-RESTRICTED-VIEW endDelimiter:--// --changeset RbacRestrictedViewGenerator:hs-office-coopsharetx-rbac-RESTRICTED-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRestrictedView('hs_office.coopsharestransaction', call rbac.generateRbacRestrictedView('hs_office.coopsharetx',
$orderBy$ $orderBy$
reference reference
$orderBy$, $orderBy$,

View File

@ -9,7 +9,7 @@
CREATE TABLE hs_office.coopsharestransaction_legacy_id CREATE TABLE hs_office.coopsharestransaction_legacy_id
( (
uuid uuid NOT NULL REFERENCES hs_office.coopsharestransaction(uuid), uuid uuid NOT NULL REFERENCES hs_office.coopsharetx(uuid),
member_share_id integer NOT NULL member_share_id integer NOT NULL
); );
--// --//
@ -42,7 +42,7 @@ ALTER TABLE hs_office.coopsharestransaction_legacy_id
CALL base.defineContext('schema-migration'); CALL base.defineContext('schema-migration');
INSERT INTO hs_office.coopsharestransaction_legacy_id(uuid, member_share_id) INSERT INTO hs_office.coopsharestransaction_legacy_id(uuid, member_share_id)
SELECT uuid, nextVal('hs_office.coopsharestransaction_legacy_id_seq') FROM hs_office.coopsharestransaction; SELECT uuid, nextVal('hs_office.coopsharestransaction_legacy_id_seq') FROM hs_office.coopsharetx;
--/ --/
@ -65,7 +65,7 @@ begin
end; $$; end; $$;
create trigger insert_legacy_id_mapping_tg create trigger insert_legacy_id_mapping_tg
after insert on hs_office.coopsharestransaction after insert on hs_office.coopsharetx
for each row for each row
execute procedure hs_office.coopsharetx_insert_legacy_id_mapping_tf(); execute procedure hs_office.coopsharetx_insert_legacy_id_mapping_tf();
--/ --/
@ -90,7 +90,7 @@ begin
end; $$; end; $$;
create trigger delete_legacy_id_mapping_tg create trigger delete_legacy_id_mapping_tg
before delete on hs_office.coopsharestransaction before delete on hs_office.coopsharetx
for each row for each row
execute procedure hs_office.coopsharetx_delete_legacy_id_mapping_tf(); execute procedure hs_office.coopsharetx_delete_legacy_id_mapping_tf();
--/ --/

View File

@ -27,7 +27,7 @@ begin
raise notice 'creating test coopSharesTransaction: %', givenPartnerNumber::text || givenMemberNumberSuffix; raise notice 'creating test coopSharesTransaction: %', givenPartnerNumber::text || givenMemberNumberSuffix;
subscriptionEntryUuid := uuid_generate_v4(); subscriptionEntryUuid := uuid_generate_v4();
insert insert
into hs_office.coopsharestransaction(uuid, membershipuuid, transactiontype, valuedate, sharecount, reference, comment, adjustedShareTxUuid) into hs_office.coopsharetx(uuid, membershipuuid, transactiontype, valuedate, sharecount, reference, comment, adjustedShareTxUuid)
values values
(uuid_generate_v4(), membership.uuid, 'SUBSCRIPTION', '2010-03-15', 4, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-1', 'initial subscription', null), (uuid_generate_v4(), membership.uuid, 'SUBSCRIPTION', '2010-03-15', 4, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-1', 'initial subscription', null),
(uuid_generate_v4(), membership.uuid, 'CANCELLATION', '2021-09-01', -2, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-2', 'cancelling some', null), (uuid_generate_v4(), membership.uuid, 'CANCELLATION', '2021-09-01', -2, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-2', 'cancelling some', null),

View File

@ -15,7 +15,7 @@ CREATE TYPE hs_office.CoopAssetsTransactionType AS ENUM ('ADJUSTMENT',
CREATE CAST (character varying as hs_office.CoopAssetsTransactionType) WITH INOUT AS IMPLICIT; CREATE CAST (character varying as hs_office.CoopAssetsTransactionType) WITH INOUT AS IMPLICIT;
create table if not exists hs_office.coopassetstransaction create table if not exists hs_office.coopassettx
( (
uuid uuid unique references rbac.object (uuid) initially deferred, uuid uuid unique references rbac.object (uuid) initially deferred,
version int not null default 0, version int not null default 0,
@ -24,7 +24,7 @@ create table if not exists hs_office.coopassetstransaction
valueDate date not null, valueDate date not null,
assetValue money not null, assetValue money not null,
reference varchar(48) not null, reference varchar(48) not null,
adjustedAssetTxUuid uuid unique REFERENCES hs_office.coopassetstransaction(uuid) DEFERRABLE INITIALLY DEFERRED, adjustedAssetTxUuid uuid unique REFERENCES hs_office.coopassettx(uuid) DEFERRABLE INITIALLY DEFERRED,
comment varchar(512) comment varchar(512)
); );
--// --//
@ -34,7 +34,7 @@ create table if not exists hs_office.coopassetstransaction
--changeset michael.hoennig:hs-office-coopassets-BUSINESS-RULES endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-BUSINESS-RULES endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
alter table hs_office.coopassetstransaction alter table hs_office.coopassettx
add constraint reverse_entry_missing add constraint reverse_entry_missing
check ( transactionType = 'ADJUSTMENT' and adjustedAssetTxUuid is not null check ( transactionType = 'ADJUSTMENT' and adjustedAssetTxUuid is not null
or transactionType <> 'ADJUSTMENT' and adjustedAssetTxUuid is null); or transactionType <> 'ADJUSTMENT' and adjustedAssetTxUuid is null);
@ -52,7 +52,7 @@ declare
totalAssetValue money; totalAssetValue money;
begin begin
select sum(cat.assetValue) select sum(cat.assetValue)
from hs_office.coopassetstransaction cat from hs_office.coopassettx cat
where cat.membershipUuid = forMembershipUuid where cat.membershipUuid = forMembershipUuid
into currentAssetValue; into currentAssetValue;
totalAssetValue := currentAssetValue + newAssetValue; totalAssetValue := currentAssetValue + newAssetValue;
@ -62,7 +62,7 @@ begin
return true; return true;
end; $$; end; $$;
alter table hs_office.coopassetstransaction alter table hs_office.coopassettx
add constraint check_positive_total add constraint check_positive_total
check ( hs_office.coopassetstx_check_positive_total(membershipUuid, assetValue) ); check ( hs_office.coopassetstx_check_positive_total(membershipUuid, assetValue) );
--// --//
@ -72,5 +72,5 @@ alter table hs_office.coopassetstransaction
--changeset michael.hoennig:hs-office-coopassets-MAIN-TABLE-JOURNAL endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MAIN-TABLE-JOURNAL endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call base.create_journal('hs_office.coopassetstransaction'); call base.create_journal('hs_office.coopassettx');
--// --//

View File

@ -3,29 +3,29 @@
-- ============================================================================ -- ============================================================================
--changeset RbacObjectGenerator:hs-office-coopassetstransaction-rbac-OBJECT endDelimiter:--// --changeset RbacObjectGenerator:hs-office-coopassettx-rbac-OBJECT endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRelatedRbacObject('hs_office.coopassetstransaction'); call rbac.generateRelatedRbacObject('hs_office.coopassettx');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacRoleDescriptorsGenerator:hs-office-coopassetstransaction-rbac-ROLE-DESCRIPTORS endDelimiter:--// --changeset RbacRoleDescriptorsGenerator:hs-office-coopassettx-rbac-ROLE-DESCRIPTORS endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRoleDescriptors('hs_office.coopassetstransaction'); call rbac.generateRbacRoleDescriptors('hs_office.coopassettx');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RolesGrantsAndPermissionsGenerator:hs-office-coopassetstransaction-rbac-insert-trigger endDelimiter:--// --changeset RolesGrantsAndPermissionsGenerator:hs-office-coopassettx-rbac-insert-trigger endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure hs_office.coopassetstransaction_build_rbac_system( create or replace procedure hs_office.coopassettx_build_rbac_system(
NEW hs_office.coopassetstransaction NEW hs_office.coopassettx
) )
language plpgsql as $$ language plpgsql as $$
@ -45,52 +45,52 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopassetstransaction row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopassettx row.
*/ */
create or replace function hs_office.coopassetstransaction_build_rbac_system_after_insert_tf() create or replace function hs_office.coopassettx_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call hs_office.coopassetstransaction_build_rbac_system(NEW); call hs_office.coopassettx_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger build_rbac_system_after_insert_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.coopassetstransaction after insert on hs_office.coopassettx
for each row for each row
execute procedure hs_office.coopassetstransaction_build_rbac_system_after_insert_tf(); execute procedure hs_office.coopassettx_build_rbac_system_after_insert_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopassetstransaction-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopassettx-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
-- granting INSERT permission to hs_office.membership ---------------------------- -- granting INSERT permission to hs_office.membership ----------------------------
/* /*
Grants INSERT INTO hs_office.coopassetstransaction permissions to specified role of pre-existing hs_office.membership rows. Grants INSERT INTO hs_office.coopassettx permissions to specified role of pre-existing hs_office.membership rows.
*/ */
do language plpgsql $$ do language plpgsql $$
declare declare
row hs_office.membership; row hs_office.membership;
begin begin
call base.defineContext('create INSERT INTO hs_office.coopassetstransaction permissions for pre-exising hs_office.membership rows'); call base.defineContext('create INSERT INTO hs_office.coopassettx permissions for pre-exising hs_office.membership rows');
FOR row IN SELECT * FROM hs_office.membership FOR row IN SELECT * FROM hs_office.membership
-- unconditional for all rows in that table -- unconditional for all rows in that table
LOOP LOOP
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopassetstransaction'), rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopassettx'),
hs_office.membership_ADMIN(row)); hs_office.membership_ADMIN(row));
END LOOP; END LOOP;
end; end;
$$; $$;
/** /**
Grants hs_office.coopassetstransaction INSERT permission to specified role of new membership rows. Grants hs_office.coopassettx INSERT permission to specified role of new membership rows.
*/ */
create or replace function hs_office.new_coopassettx_grants_insert_to_membership_tf() create or replace function hs_office.new_coopassettx_grants_insert_to_membership_tf()
returns trigger returns trigger
@ -99,53 +99,53 @@ create or replace function hs_office.new_coopassettx_grants_insert_to_membership
begin begin
-- unconditional for all rows in that table -- unconditional for all rows in that table
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopassetstransaction'), rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopassettx'),
hs_office.membership_ADMIN(NEW)); hs_office.membership_ADMIN(NEW));
-- end. -- end.
return NEW; return NEW;
end; $$; end; $$;
-- z_... is to put it at the end of after insert triggers, to make sure the roles exist -- z_... is to put it at the end of after insert triggers, to make sure the roles exist
create trigger z_new_coopassetstransaction_grants_after_insert_tg create trigger z_new_coopassettx_grants_after_insert_tg
after insert on hs_office.membership after insert on hs_office.membership
for each row for each row
execute procedure hs_office.new_coopassettx_grants_insert_to_membership_tf(); execute procedure hs_office.new_coopassettx_grants_insert_to_membership_tf();
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopassetstransaction-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopassettx-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/** /**
Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopassetstransaction. Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopassettx.
*/ */
create or replace function hs_office.coopassetstransaction_insert_permission_check_tf() create or replace function hs_office.coopassettx_insert_permission_check_tf()
returns trigger returns trigger
language plpgsql as $$ language plpgsql as $$
declare declare
superObjectUuid uuid; superObjectUuid uuid;
begin begin
-- check INSERT permission via direct foreign key: NEW.membershipUuid -- check INSERT permission via direct foreign key: NEW.membershipUuid
if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopassetstransaction') then if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopassettx') then
return NEW; return NEW;
end if; end if;
raise exception '[403] insert into hs_office.coopassetstransaction values(%) not allowed for current subjects % (%)', raise exception '[403] insert into hs_office.coopassettx values(%) not allowed for current subjects % (%)',
NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids(); NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids();
end; $$; end; $$;
create trigger coopassetstransaction_insert_permission_check_tg create trigger coopassettx_insert_permission_check_tg
before insert on hs_office.coopassetstransaction before insert on hs_office.coopassettx
for each row for each row
execute procedure hs_office.coopassetstransaction_insert_permission_check_tf(); execute procedure hs_office.coopassettx_insert_permission_check_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacIdentityViewGenerator:hs-office-coopassetstransaction-rbac-IDENTITY-VIEW endDelimiter:--// --changeset RbacIdentityViewGenerator:hs-office-coopassettx-rbac-IDENTITY-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacIdentityViewFromProjection('hs_office.coopassetstransaction', call rbac.generateRbacIdentityViewFromProjection('hs_office.coopassettx',
$idName$ $idName$
reference reference
$idName$); $idName$);
@ -153,9 +153,9 @@ call rbac.generateRbacIdentityViewFromProjection('hs_office.coopassetstransactio
-- ============================================================================ -- ============================================================================
--changeset RbacRestrictedViewGenerator:hs-office-coopassetstransaction-rbac-RESTRICTED-VIEW endDelimiter:--// --changeset RbacRestrictedViewGenerator:hs-office-coopassettx-rbac-RESTRICTED-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRestrictedView('hs_office.coopassetstransaction', call rbac.generateRbacRestrictedView('hs_office.coopassettx',
$orderBy$ $orderBy$
reference reference
$orderBy$, $orderBy$,

View File

@ -7,9 +7,9 @@
--changeset michael.hoennig:hs-office-coopassets-MIGRATION-mapping endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MIGRATION-mapping endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE TABLE hs_office.coopassetstransaction_legacy_id CREATE TABLE hs_office.coopassettx_legacy_id
( (
uuid uuid NOT NULL REFERENCES hs_office.coopassetstransaction(uuid), uuid uuid NOT NULL REFERENCES hs_office.coopassettx(uuid),
member_asset_id integer NOT NULL member_asset_id integer NOT NULL
); );
--// --//
@ -19,10 +19,10 @@ CREATE TABLE hs_office.coopassetstransaction_legacy_id
--changeset michael.hoennig:hs-office-coopassets-MIGRATION-sequence endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MIGRATION-sequence endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE SEQUENCE IF NOT EXISTS hs_office.coopassetstransaction_legacy_id_seq CREATE SEQUENCE IF NOT EXISTS hs_office.coopassettx_legacy_id_seq
AS integer AS integer
START 1000000000 START 1000000000
OWNED BY hs_office.coopassetstransaction_legacy_id.member_asset_id; OWNED BY hs_office.coopassettx_legacy_id.member_asset_id;
--// --//
@ -30,9 +30,9 @@ CREATE SEQUENCE IF NOT EXISTS hs_office.coopassetstransaction_legacy_id_seq
--changeset michael.hoennig:hs-office-coopassets-MIGRATION-default endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MIGRATION-default endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
ALTER TABLE hs_office.coopassetstransaction_legacy_id ALTER TABLE hs_office.coopassettx_legacy_id
ALTER COLUMN member_asset_id ALTER COLUMN member_asset_id
SET DEFAULT nextVal('hs_office.coopassetstransaction_legacy_id_seq'); SET DEFAULT nextVal('hs_office.coopassettx_legacy_id_seq');
--/ --/
@ -41,8 +41,8 @@ ALTER TABLE hs_office.coopassetstransaction_legacy_id
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL base.defineContext('schema-migration'); CALL base.defineContext('schema-migration');
INSERT INTO hs_office.coopassetstransaction_legacy_id(uuid, member_asset_id) INSERT INTO hs_office.coopassettx_legacy_id(uuid, member_asset_id)
SELECT uuid, nextVal('hs_office.coopassetstransaction_legacy_id_seq') FROM hs_office.coopassetstransaction; SELECT uuid, nextVal('hs_office.coopassettx_legacy_id_seq') FROM hs_office.coopassettx;
--/ --/
@ -58,14 +58,14 @@ begin
raise exception 'invalid usage of trigger'; raise exception 'invalid usage of trigger';
end if; end if;
INSERT INTO hs_office.coopassetstransaction_legacy_id VALUES INSERT INTO hs_office.coopassettx_legacy_id VALUES
(NEW.uuid, nextVal('hs_office.coopassetstransaction_legacy_id_seq')); (NEW.uuid, nextVal('hs_office.coopassettx_legacy_id_seq'));
return NEW; return NEW;
end; $$; end; $$;
create trigger insert_legacy_id_mapping_tg create trigger insert_legacy_id_mapping_tg
after insert on hs_office.coopassetstransaction after insert on hs_office.coopassettx
for each row for each row
execute procedure hs_office.coopassettx_insert_legacy_id_mapping_tf(); execute procedure hs_office.coopassettx_insert_legacy_id_mapping_tf();
--/ --/
@ -83,14 +83,14 @@ begin
raise exception 'invalid usage of trigger'; raise exception 'invalid usage of trigger';
end if; end if;
DELETE FROM hs_office.coopassetstransaction_legacy_id DELETE FROM hs_office.coopassettx_legacy_id
WHERE uuid = OLD.uuid; WHERE uuid = OLD.uuid;
return OLD; return OLD;
end; $$; end; $$;
create trigger delete_legacy_id_mapping_tg create trigger delete_legacy_id_mapping_tg
before delete on hs_office.coopassetstransaction before delete on hs_office.coopassettx
for each row for each row
execute procedure hs_office.coopassettx_delete_legacy_id_mapping_tf(); execute procedure hs_office.coopassettx_delete_legacy_id_mapping_tf();
--/ --/

View File

@ -27,7 +27,7 @@ begin
raise notice 'creating test coopAssetsTransaction: %', givenPartnerNumber || givenMemberNumberSuffix; raise notice 'creating test coopAssetsTransaction: %', givenPartnerNumber || givenMemberNumberSuffix;
lossEntryUuid := uuid_generate_v4(); lossEntryUuid := uuid_generate_v4();
insert insert
into hs_office.coopassetstransaction(uuid, membershipuuid, transactiontype, valuedate, assetvalue, reference, comment, adjustedAssetTxUuid) into hs_office.coopassettx(uuid, membershipuuid, transactiontype, valuedate, assetvalue, reference, comment, adjustedAssetTxUuid)
values values
(uuid_generate_v4(), membership.uuid, 'DEPOSIT', '2010-03-15', 320.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-1', 'initial deposit', null), (uuid_generate_v4(), membership.uuid, 'DEPOSIT', '2010-03-15', 320.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-1', 'initial deposit', null),
(uuid_generate_v4(), membership.uuid, 'DISBURSAL', '2021-09-01', -128.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-2', 'partial disbursal', null), (uuid_generate_v4(), membership.uuid, 'DISBURSAL', '2021-09-01', -128.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-2', 'partial disbursal', null),

View File

@ -677,7 +677,7 @@ public abstract class BaseOfficeDataImport extends CsvDataImport {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context(rbacSuperuser); context(rbacSuperuser);
coopAssets.forEach(this::persist); coopAssets.forEach(this::persist);
updateLegacyIds(coopAssets, "hs_office.coopassetstransaction_legacy_id", "member_asset_id"); updateLegacyIds(coopAssets, "hs_office.coopassettx_legacy_id", "member_asset_id");
}).assertSuccessful(); }).assertSuccessful();
} }

View File

@ -254,9 +254,9 @@ public class CsvDataImport extends ContextBasedTest {
em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.project where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.project where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.project_ex where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.project_ex where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopassetstransaction where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopassettx where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopassetstransaction_legacy_id where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopassettx_legacy_id where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopsharestransaction where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopsharetx where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopsharestransaction_legacy_id where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopsharestransaction_legacy_id where true").executeUpdate();
em.createNativeQuery("delete from hs_office.membership where true").executeUpdate(); em.createNativeQuery("delete from hs_office.membership where true").executeUpdate();
em.createNativeQuery("delete from hs_office.sepamandate where true").executeUpdate(); em.createNativeQuery("delete from hs_office.sepamandate where true").executeUpdate();
@ -275,7 +275,7 @@ public class CsvDataImport extends ContextBasedTest {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context(rbacSuperuser); context(rbacSuperuser);
em.createNativeQuery("alter sequence hs_office.contact_legacy_id_seq restart with 1000000000;").executeUpdate(); em.createNativeQuery("alter sequence hs_office.contact_legacy_id_seq restart with 1000000000;").executeUpdate();
em.createNativeQuery("alter sequence hs_office.coopassetstransaction_legacy_id_seq restart with 1000000000;") em.createNativeQuery("alter sequence hs_office.coopassettx_legacy_id_seq restart with 1000000000;")
.executeUpdate(); .executeUpdate();
em.createNativeQuery("alter sequence public.hs_office.coopsharestransaction_legacy_id_seq restart with 1000000000;") em.createNativeQuery("alter sequence public.hs_office.coopsharestransaction_legacy_id_seq restart with 1000000000;")
.executeUpdate(); .executeUpdate();

View File

@ -391,9 +391,9 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define("superuser-alex@hostsharing.net", null);
// HsOfficeCoopAssetsTransactionEntity respectively hs_office.coopassetstransaction_rv // HsOfficeCoopAssetsTransactionEntity respectively hs_office.coopassettx_rv
// cannot be deleted at all, but the underlying table record can be deleted. // cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office.coopassetstransaction where reference like 'temp %'") em.createNativeQuery("delete from hs_office.coopassettx where reference like 'temp %'")
.executeUpdate(); .executeUpdate();
}).assertSuccessful(); }).assertSuccessful();
} }

View File

@ -112,8 +112,8 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
.map(s -> s.replace("hs_office.", "")) .map(s -> s.replace("hs_office.", ""))
.containsExactlyInAnyOrder(Array.fromFormatted( .containsExactlyInAnyOrder(Array.fromFormatted(
initialGrantNames, initialGrantNames,
"{ grant perm:coopassetstransaction#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }", "{ grant perm:coopassettx#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }",
"{ grant perm:coopassetstransaction#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }", "{ grant perm:coopassettx#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }",
null)); null));
} }
@ -222,7 +222,7 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference' select currentTask, targetTable, targetOp, targetdelta->>'reference'
from base.tx_journal_v from base.tx_journal_v
where targettable = 'hs_office.coopassetstransaction'; where targettable = 'hs_office.coopassettx';
"""); """);
// when // when
@ -230,18 +230,18 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
// then // then
assertThat(customerLogEntries).map(Arrays::toString).contains( assertThat(customerLogEntries).map(Arrays::toString).contains(
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-1]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-1]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-2]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-2]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-1]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-1]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-2]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-2]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-1]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-1]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-2]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-2]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-3]"); "[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-3]");
} }
@BeforeEach @BeforeEach

View File

@ -55,9 +55,9 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define("superuser-alex@hostsharing.net", null);
// HsOfficeCoopSharesTransactionEntity respectively hs_office.coopsharestransaction_rv // HsOfficeCoopSharesTransactionEntity respectively hs_office.coopsharetx_rv
// cannot be deleted at all, but the underlying table record can be deleted. // cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office.coopsharestransaction where reference like 'temp %'").executeUpdate(); em.createNativeQuery("delete from hs_office.coopsharetx where reference like 'temp %'").executeUpdate();
}).assertSuccessful(); }).assertSuccessful();
} }

View File

@ -111,8 +111,8 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
.map(s -> s.replace("hs_office.", "")) .map(s -> s.replace("hs_office.", ""))
.containsExactlyInAnyOrder(Array.fromFormatted( .containsExactlyInAnyOrder(Array.fromFormatted(
initialGrantNames, initialGrantNames,
"{ grant perm:coopsharestransaction#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }", "{ grant perm:coopsharetx#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }",
"{ grant perm:coopsharestransaction#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }", "{ grant perm:coopsharetx#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }",
null)); null));
} }
@ -221,7 +221,7 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference' select currentTask, targetTable, targetOp, targetdelta->>'reference'
from base.tx_journal_v from base.tx_journal_v
where targettable = 'hs_office.coopsharestransaction'; where targettable = 'hs_office.coopsharetx';
"""); """);
// when // when
@ -229,18 +229,18 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
// then // then
assertThat(customerLogEntries).map(Arrays::toString).contains( assertThat(customerLogEntries).map(Arrays::toString).contains(
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-1]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-1]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-2]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-2]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-3]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-3]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-4]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-4]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-1]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-1]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-2]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-2]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-3]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-3]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-4]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-4]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-1]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-1]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-2]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-2]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-3]", "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-3]",
"[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-4]"); "[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-4]");
} }
@BeforeEach @BeforeEach

View File

@ -118,8 +118,8 @@ class HsOfficeMembershipRepositoryIntegrationTest extends ContextBasedTestWithCl
.containsExactlyInAnyOrder(Array.fromFormatted( .containsExactlyInAnyOrder(Array.fromFormatted(
initialGrantNames, initialGrantNames,
// insert // insert
"{ grant perm:membership#M-1000117:INSERT>coopassetstransaction to role:membership#M-1000117:ADMIN by system and assume }", "{ grant perm:membership#M-1000117:INSERT>coopassettx to role:membership#M-1000117:ADMIN by system and assume }",
"{ grant perm:membership#M-1000117:INSERT>coopsharestransaction to role:membership#M-1000117:ADMIN by system and assume }", "{ grant perm:membership#M-1000117:INSERT>coopsharetx to role:membership#M-1000117:ADMIN by system and assume }",
// owner // owner
"{ grant perm:membership#M-1000117:DELETE to role:membership#M-1000117:ADMIN by system and assume }", "{ grant perm:membership#M-1000117:DELETE to role:membership#M-1000117:ADMIN by system and assume }",

View File

@ -95,7 +95,7 @@ class RbacGrantsDiagramServiceIntegrationTest extends ContextBasedTestWithCleanu
//final var graph = grantsMermaidService.allGrantsTocurrentSubject(EnumSet.of(Include.NON_TEST_ENTITIES, Include.PERMISSIONS)); //final var graph = grantsMermaidService.allGrantsTocurrentSubject(EnumSet.of(Include.NON_TEST_ENTITIES, Include.PERMISSIONS));
final var targetObject = (UUID) em.createNativeQuery("SELECT uuid FROM hs_office.coopassetstransaction WHERE reference='ref 1000101-1'").getSingleResult(); final var targetObject = (UUID) em.createNativeQuery("SELECT uuid FROM hs_office.coopassettx WHERE reference='ref 1000101-1'").getSingleResult();
final var graph = grantsMermaidService.allGrantsFrom(targetObject, "view", EnumSet.of(Include.USERS)); final var graph = grantsMermaidService.allGrantsFrom(targetObject, "view", EnumSet.of(Include.USERS));
RbacGrantsDiagramService.writeToFile(join(";", context.fetchAssumedRoles()), graph, "doc/all-grants.md"); RbacGrantsDiagramService.writeToFile(join(";", context.fetchAssumedRoles()), graph, "doc/all-grants.md");

View File

@ -7,7 +7,7 @@ spring:
url-tc: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers url-tc: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers
url-tcx: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers?TC_REUSABLE=true&TC_DAEMON=true url-tcx: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers?TC_REUSABLE=true&TC_DAEMON=true
url-local: jdbc:postgresql://localhost:5432/postgres url-local: jdbc:postgresql://localhost:5432/postgres
url: ${spring.datasource.url-tc} url: ${spring.datasource.url-local}
username: postgres username: postgres
password: password password: password