hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

Compare commits

base: hostsharing:19cc787a4a4701f9ebda52f456ceb0d3e46878a8
Branches Tags
hostsharing:master
hostsharing:feature/add-advanced-scenario-tests-for-coop-assets
hostsharing:feature/introduce-hasGlobalAdminRole-to-optimize-rbac-select-queries
hostsharing:office-rbac-revision
hostsharing:feature/introduce-global-agent-for-non-hostmaster-admins
hostsharing:spike/auto-build
hostsharing:java-for-gradlew
hostsharing:TP-202408-cors_webui
hostsharing:TP-202405-filtered_import
hostsharing:idea-bug-refactor-inline
hostsharing:api-vision
hostsharing:rbac-object-scope-to-replace-serial-id
hostsharing:office-related-spec-clarifications-and-amendmends
hostsharing:revert-upgrade-openapiprocessor-spring-back-to-2022-5
hostsharing:upgrade-io.openapiprocessoropenapi-processor-spring-to-2024.2
hostsharing:spike/JSonSerializerDeserializerForDTOs
hostsharing:spike/master-detail-for-customer-and-contacts
..
compare: hostsharing:12d74a75cae675221e5d303b86c52d0781ff6a7b
Branches Tags
hostsharing:feature/add-advanced-scenario-tests-for-coop-assets
hostsharing:feature/introduce-hasGlobalAdminRole-to-optimize-rbac-select-queries
hostsharing:master
hostsharing:office-rbac-revision
hostsharing:feature/introduce-global-agent-for-non-hostmaster-admins
hostsharing:spike/auto-build
hostsharing:java-for-gradlew
hostsharing:TP-202408-cors_webui
hostsharing:TP-202405-filtered_import
hostsharing:idea-bug-refactor-inline
hostsharing:api-vision
hostsharing:rbac-object-scope-to-replace-serial-id
hostsharing:office-related-spec-clarifications-and-amendmends
hostsharing:revert-upgrade-openapiprocessor-spring-back-to-2022-5
hostsharing:upgrade-io.openapiprocessoropenapi-processor-spring-to-2024.2
hostsharing:spike/JSonSerializerDeserializerForDTOs
hostsharing:spike/master-detail-for-customer-and-contacts

No commits in common. "19cc787a4a4701f9ebda52f456ceb0d3e46878a8" and "12d74a75cae675221e5d303b86c52d0781ff6a7b" have entirely different histories.
19cc787a4a ... 12d74a75ca

20 changed files with 142 additions and 140 deletions
Show Stats Expand all files Collapse all files

2
src/main/java/net/hostsharing/hsadminng/hs/office/coopassets/HsOfficeCoopAssetsTransactionEntity.java
View File

@ -34,7 +34,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor;
import static net.hostsharing.hsadminng.stringify.Stringify.stringify; import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
@Entity @Entity
@Table(schema = "hs_office", name = "coopassettx_rv") @Table(schema = "hs_office", name = "coopassetstransaction_rv")
@Getter @Getter
@Setter @Setter
@Builder @Builder

2
src/main/java/net/hostsharing/hsadminng/hs/office/coopshares/HsOfficeCoopSharesTransactionEntity.java
View File

@ -32,7 +32,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor;
import static net.hostsharing.hsadminng.stringify.Stringify.stringify; import static net.hostsharing.hsadminng.stringify.Stringify.stringify;
@Entity @Entity
@Table(schema = "hs_office", name = "coopsharetx_rv") @Table(schema = "hs_office", name = "coopsharestransaction_rv")
@Getter @Getter
@Setter @Setter
@Builder @Builder

6
src/main/java/net/hostsharing/hsadminng/rbac/generator/RbacView.java
View File

@ -987,12 +987,14 @@ public class RbacView {
String getRawTableShortName() { String getRawTableShortName() {
// TODO.impl: some combined function and trigger names are too long // TODO.impl: some combined function and trigger names are too long
// maybe we should shorten the table name e.g. hs_office.coopsharetx -> hsof.coopsharetx // maybe we should shorten the table name e.g. hs_office.coopsharestransaction -> hsof.coopsharetx
// this is just a workaround: // this is just a workaround:
return getRawTableName() return getRawTableName()
.replace("hs_office.", "hsof.") .replace("hs_office.", "hsof.")
.replace("hs_booking.", "hsbk_") .replace("hs_booking.", "hsbk_")
.replace("hs_hosting.", "hsho_"); .replace("hs_hosting.", "hsho_")
.replace("coopsharestransaction", "coopsharetx")
.replace("coopassetstransaction", "coopassettx");
} }
String dependsOnColumName() { String dependsOnColumName() {

12
src/main/resources/db/changelog/5-hs-office/511-coopshares/5110-hs-office-coopshares.sql
View File

@ -8,7 +8,7 @@ CREATE TYPE hs_office.CoopSharesTransactionType AS ENUM ('ADJUSTMENT', 'SUBSCRIP
CREATE CAST (character varying as hs_office.CoopSharesTransactionType) WITH INOUT AS IMPLICIT; CREATE CAST (character varying as hs_office.CoopSharesTransactionType) WITH INOUT AS IMPLICIT;
create table if not exists hs_office.coopsharetx create table if not exists hs_office.coopsharestransaction
( (
uuid uuid unique references rbac.object (uuid) initially deferred, uuid uuid unique references rbac.object (uuid) initially deferred,
version int not null default 0, version int not null default 0,
@ -17,7 +17,7 @@ create table if not exists hs_office.coopsharetx
valueDate date not null, valueDate date not null,
shareCount integer not null, shareCount integer not null,
reference varchar(48) not null, reference varchar(48) not null,
adjustedShareTxUuid uuid unique REFERENCES hs_office.coopsharetx(uuid) DEFERRABLE INITIALLY DEFERRED, adjustedShareTxUuid uuid unique REFERENCES hs_office.coopsharestransaction(uuid) DEFERRABLE INITIALLY DEFERRED,
comment varchar(512) comment varchar(512)
); );
--// --//
@ -26,7 +26,7 @@ create table if not exists hs_office.coopsharetx
--changeset michael.hoennig:hs-office-coopshares-BUSINESS-RULES endDelimiter:--// --changeset michael.hoennig:hs-office-coopshares-BUSINESS-RULES endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
alter table hs_office.coopsharetx alter table hs_office.coopsharestransaction
add constraint reverse_entry_missing add constraint reverse_entry_missing
check ( transactionType = 'ADJUSTMENT' and adjustedShareTxUuid is not null check ( transactionType = 'ADJUSTMENT' and adjustedShareTxUuid is not null
or transactionType <> 'ADJUSTMENT' and adjustedShareTxUuid is null); or transactionType <> 'ADJUSTMENT' and adjustedShareTxUuid is null);
@ -44,7 +44,7 @@ declare
totalShareCount integer; totalShareCount integer;
begin begin
select sum(cst.shareCount) select sum(cst.shareCount)
from hs_office.coopsharetx cst from hs_office.coopsharestransaction cst
where cst.membershipUuid = forMembershipUuid where cst.membershipUuid = forMembershipUuid
into currentShareCount; into currentShareCount;
totalShareCount := currentShareCount + newShareCount; totalShareCount := currentShareCount + newShareCount;
@ -54,7 +54,7 @@ begin
return true; return true;
end; $$; end; $$;
alter table hs_office.coopsharetx alter table hs_office.coopsharestransaction
add constraint check_positive_total_shares_count add constraint check_positive_total_shares_count
check ( hs_office.coopsharestx_check_positive_total(membershipUuid, shareCount) ); check ( hs_office.coopsharestx_check_positive_total(membershipUuid, shareCount) );
@ -64,5 +64,5 @@ alter table hs_office.coopsharetx
--changeset michael.hoennig:hs-office-coopshares-MAIN-TABLE-JOURNAL endDelimiter:--// --changeset michael.hoennig:hs-office-coopshares-MAIN-TABLE-JOURNAL endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call base.create_journal('hs_office.coopsharetx'); call base.create_journal('hs_office.coopsharestransaction');
--// --//

62
src/main/resources/db/changelog/5-hs-office/511-coopshares/5113-hs-office-coopshares-rbac.sql
View File

@ -3,29 +3,29 @@
-- ============================================================================ -- ============================================================================
--changeset RbacObjectGenerator:hs-office-coopsharetx-rbac-OBJECT endDelimiter:--// --changeset RbacObjectGenerator:hs-office-coopsharestransaction-rbac-OBJECT endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRelatedRbacObject('hs_office.coopsharetx'); call rbac.generateRelatedRbacObject('hs_office.coopsharestransaction');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacRoleDescriptorsGenerator:hs-office-coopsharetx-rbac-ROLE-DESCRIPTORS endDelimiter:--// --changeset RbacRoleDescriptorsGenerator:hs-office-coopsharestransaction-rbac-ROLE-DESCRIPTORS endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRoleDescriptors('hs_office.coopsharetx'); call rbac.generateRbacRoleDescriptors('hs_office.coopsharestransaction');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RolesGrantsAndPermissionsGenerator:hs-office-coopsharetx-rbac-insert-trigger endDelimiter:--// --changeset RolesGrantsAndPermissionsGenerator:hs-office-coopsharestransaction-rbac-insert-trigger endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure hs_office.coopsharetx_build_rbac_system( create or replace procedure hs_office.coopsharestransaction_build_rbac_system(
NEW hs_office.coopsharetx NEW hs_office.coopsharestransaction
) )
language plpgsql as $$ language plpgsql as $$
@ -45,52 +45,52 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopsharetx row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopsharestransaction row.
*/ */
create or replace function hs_office.coopsharetx_build_rbac_system_after_insert_tf() create or replace function hs_office.coopsharestransaction_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call hs_office.coopsharetx_build_rbac_system(NEW); call hs_office.coopsharestransaction_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger build_rbac_system_after_insert_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.coopsharetx after insert on hs_office.coopsharestransaction
for each row for each row
execute procedure hs_office.coopsharetx_build_rbac_system_after_insert_tf(); execute procedure hs_office.coopsharestransaction_build_rbac_system_after_insert_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopsharetx-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopsharestransaction-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
-- granting INSERT permission to hs_office.membership ---------------------------- -- granting INSERT permission to hs_office.membership ----------------------------
/* /*
Grants INSERT INTO hs_office.coopsharetx permissions to specified role of pre-existing hs_office.membership rows. Grants INSERT INTO hs_office.coopsharestransaction permissions to specified role of pre-existing hs_office.membership rows.
*/ */
do language plpgsql $$ do language plpgsql $$
declare declare
row hs_office.membership; row hs_office.membership;
begin begin
call base.defineContext('create INSERT INTO hs_office.coopsharetx permissions for pre-exising hs_office.membership rows'); call base.defineContext('create INSERT INTO hs_office.coopsharestransaction permissions for pre-exising hs_office.membership rows');
FOR row IN SELECT * FROM hs_office.membership FOR row IN SELECT * FROM hs_office.membership
-- unconditional for all rows in that table -- unconditional for all rows in that table
LOOP LOOP
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopsharetx'), rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopsharestransaction'),
hs_office.membership_ADMIN(row)); hs_office.membership_ADMIN(row));
END LOOP; END LOOP;
end; end;
$$; $$;
/** /**
Grants hs_office.coopsharetx INSERT permission to specified role of new membership rows. Grants hs_office.coopsharestransaction INSERT permission to specified role of new membership rows.
*/ */
create or replace function hs_office.new_coopsharetx_grants_insert_to_membership_tf() create or replace function hs_office.new_coopsharetx_grants_insert_to_membership_tf()
returns trigger returns trigger
@ -99,53 +99,53 @@ create or replace function hs_office.new_coopsharetx_grants_insert_to_membership
begin begin
-- unconditional for all rows in that table -- unconditional for all rows in that table
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopsharetx'), rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopsharestransaction'),
hs_office.membership_ADMIN(NEW)); hs_office.membership_ADMIN(NEW));
-- end. -- end.
return NEW; return NEW;
end; $$; end; $$;
-- z_... is to put it at the end of after insert triggers, to make sure the roles exist -- z_... is to put it at the end of after insert triggers, to make sure the roles exist
create trigger z_new_coopsharetx_grants_after_insert_tg create trigger z_new_coopsharestransaction_grants_after_insert_tg
after insert on hs_office.membership after insert on hs_office.membership
for each row for each row
execute procedure hs_office.new_coopsharetx_grants_insert_to_membership_tf(); execute procedure hs_office.new_coopsharetx_grants_insert_to_membership_tf();
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopsharetx-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopsharestransaction-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/** /**
Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopsharetx. Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopsharestransaction.
*/ */
create or replace function hs_office.coopsharetx_insert_permission_check_tf() create or replace function hs_office.coopsharestransaction_insert_permission_check_tf()
returns trigger returns trigger
language plpgsql as $$ language plpgsql as $$
declare declare
superObjectUuid uuid; superObjectUuid uuid;
begin begin
-- check INSERT permission via direct foreign key: NEW.membershipUuid -- check INSERT permission via direct foreign key: NEW.membershipUuid
if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopsharetx') then if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopsharestransaction') then
return NEW; return NEW;
end if; end if;
raise exception '[403] insert into hs_office.coopsharetx values(%) not allowed for current subjects % (%)', raise exception '[403] insert into hs_office.coopsharestransaction values(%) not allowed for current subjects % (%)',
NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids(); NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids();
end; $$; end; $$;
create trigger coopsharetx_insert_permission_check_tg create trigger coopsharestransaction_insert_permission_check_tg
before insert on hs_office.coopsharetx before insert on hs_office.coopsharestransaction
for each row for each row
execute procedure hs_office.coopsharetx_insert_permission_check_tf(); execute procedure hs_office.coopsharestransaction_insert_permission_check_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacIdentityViewGenerator:hs-office-coopsharetx-rbac-IDENTITY-VIEW endDelimiter:--// --changeset RbacIdentityViewGenerator:hs-office-coopsharestransaction-rbac-IDENTITY-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacIdentityViewFromProjection('hs_office.coopsharetx', call rbac.generateRbacIdentityViewFromProjection('hs_office.coopsharestransaction',
$idName$ $idName$
reference reference
$idName$); $idName$);
@ -153,9 +153,9 @@ call rbac.generateRbacIdentityViewFromProjection('hs_office.coopsharetx',
-- ============================================================================ -- ============================================================================
--changeset RbacRestrictedViewGenerator:hs-office-coopsharetx-rbac-RESTRICTED-VIEW endDelimiter:--// --changeset RbacRestrictedViewGenerator:hs-office-coopsharestransaction-rbac-RESTRICTED-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRestrictedView('hs_office.coopsharetx', call rbac.generateRbacRestrictedView('hs_office.coopsharestransaction',
$orderBy$ $orderBy$
reference reference
$orderBy$, $orderBy$,

8
src/main/resources/db/changelog/5-hs-office/511-coopshares/5116-hs-office-coopshares-migration.sql
View File

@ -9,7 +9,7 @@
CREATE TABLE hs_office.coopsharestransaction_legacy_id CREATE TABLE hs_office.coopsharestransaction_legacy_id
( (
uuid uuid NOT NULL REFERENCES hs_office.coopsharetx(uuid), uuid uuid NOT NULL REFERENCES hs_office.coopsharestransaction(uuid),
member_share_id integer NOT NULL member_share_id integer NOT NULL
); );
--// --//
@ -42,7 +42,7 @@ ALTER TABLE hs_office.coopsharestransaction_legacy_id
CALL base.defineContext('schema-migration'); CALL base.defineContext('schema-migration');
INSERT INTO hs_office.coopsharestransaction_legacy_id(uuid, member_share_id) INSERT INTO hs_office.coopsharestransaction_legacy_id(uuid, member_share_id)
SELECT uuid, nextVal('hs_office.coopsharestransaction_legacy_id_seq') FROM hs_office.coopsharetx; SELECT uuid, nextVal('hs_office.coopsharestransaction_legacy_id_seq') FROM hs_office.coopsharestransaction;
--/ --/
@ -65,7 +65,7 @@ begin
end; $$; end; $$;
create trigger insert_legacy_id_mapping_tg create trigger insert_legacy_id_mapping_tg
after insert on hs_office.coopsharetx after insert on hs_office.coopsharestransaction
for each row for each row
execute procedure hs_office.coopsharetx_insert_legacy_id_mapping_tf(); execute procedure hs_office.coopsharetx_insert_legacy_id_mapping_tf();
--/ --/
@ -90,7 +90,7 @@ begin
end; $$; end; $$;
create trigger delete_legacy_id_mapping_tg create trigger delete_legacy_id_mapping_tg
before delete on hs_office.coopsharetx before delete on hs_office.coopsharestransaction
for each row for each row
execute procedure hs_office.coopsharetx_delete_legacy_id_mapping_tf(); execute procedure hs_office.coopsharetx_delete_legacy_id_mapping_tf();
--/ --/

2
src/main/resources/db/changelog/5-hs-office/511-coopshares/5118-hs-office-coopshares-test-data.sql
View File

@ -27,7 +27,7 @@ begin
raise notice 'creating test coopSharesTransaction: %', givenPartnerNumber::text || givenMemberNumberSuffix; raise notice 'creating test coopSharesTransaction: %', givenPartnerNumber::text || givenMemberNumberSuffix;
subscriptionEntryUuid := uuid_generate_v4(); subscriptionEntryUuid := uuid_generate_v4();
insert insert
into hs_office.coopsharetx(uuid, membershipuuid, transactiontype, valuedate, sharecount, reference, comment, adjustedShareTxUuid) into hs_office.coopsharestransaction(uuid, membershipuuid, transactiontype, valuedate, sharecount, reference, comment, adjustedShareTxUuid)
values values
(uuid_generate_v4(), membership.uuid, 'SUBSCRIPTION', '2010-03-15', 4, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-1', 'initial subscription', null), (uuid_generate_v4(), membership.uuid, 'SUBSCRIPTION', '2010-03-15', 4, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-1', 'initial subscription', null),
(uuid_generate_v4(), membership.uuid, 'CANCELLATION', '2021-09-01', -2, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-2', 'cancelling some', null), (uuid_generate_v4(), membership.uuid, 'CANCELLATION', '2021-09-01', -2, 'ref '||givenPartnerNumber::text || givenMemberNumberSuffix||'-2', 'cancelling some', null),

12
src/main/resources/db/changelog/5-hs-office/512-coopassets/5120-hs-office-coopassets.sql
View File

@ -15,7 +15,7 @@ CREATE TYPE hs_office.CoopAssetsTransactionType AS ENUM ('ADJUSTMENT',
CREATE CAST (character varying as hs_office.CoopAssetsTransactionType) WITH INOUT AS IMPLICIT; CREATE CAST (character varying as hs_office.CoopAssetsTransactionType) WITH INOUT AS IMPLICIT;
create table if not exists hs_office.coopassettx create table if not exists hs_office.coopassetstransaction
( (
uuid uuid unique references rbac.object (uuid) initially deferred, uuid uuid unique references rbac.object (uuid) initially deferred,
version int not null default 0, version int not null default 0,
@ -24,7 +24,7 @@ create table if not exists hs_office.coopassettx
valueDate date not null, valueDate date not null,
assetValue money not null, assetValue money not null,
reference varchar(48) not null, reference varchar(48) not null,
adjustedAssetTxUuid uuid unique REFERENCES hs_office.coopassettx(uuid) DEFERRABLE INITIALLY DEFERRED, adjustedAssetTxUuid uuid unique REFERENCES hs_office.coopassetstransaction(uuid) DEFERRABLE INITIALLY DEFERRED,
comment varchar(512) comment varchar(512)
); );
--// --//
@ -34,7 +34,7 @@ create table if not exists hs_office.coopassettx
--changeset michael.hoennig:hs-office-coopassets-BUSINESS-RULES endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-BUSINESS-RULES endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
alter table hs_office.coopassettx alter table hs_office.coopassetstransaction
add constraint reverse_entry_missing add constraint reverse_entry_missing
check ( transactionType = 'ADJUSTMENT' and adjustedAssetTxUuid is not null check ( transactionType = 'ADJUSTMENT' and adjustedAssetTxUuid is not null
or transactionType <> 'ADJUSTMENT' and adjustedAssetTxUuid is null); or transactionType <> 'ADJUSTMENT' and adjustedAssetTxUuid is null);
@ -52,7 +52,7 @@ declare
totalAssetValue money; totalAssetValue money;
begin begin
select sum(cat.assetValue) select sum(cat.assetValue)
from hs_office.coopassettx cat from hs_office.coopassetstransaction cat
where cat.membershipUuid = forMembershipUuid where cat.membershipUuid = forMembershipUuid
into currentAssetValue; into currentAssetValue;
totalAssetValue := currentAssetValue + newAssetValue; totalAssetValue := currentAssetValue + newAssetValue;
@ -62,7 +62,7 @@ begin
return true; return true;
end; $$; end; $$;
alter table hs_office.coopassettx alter table hs_office.coopassetstransaction
add constraint check_positive_total add constraint check_positive_total
check ( hs_office.coopassetstx_check_positive_total(membershipUuid, assetValue) ); check ( hs_office.coopassetstx_check_positive_total(membershipUuid, assetValue) );
--// --//
@ -72,5 +72,5 @@ alter table hs_office.coopassettx
--changeset michael.hoennig:hs-office-coopassets-MAIN-TABLE-JOURNAL endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MAIN-TABLE-JOURNAL endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call base.create_journal('hs_office.coopassettx'); call base.create_journal('hs_office.coopassetstransaction');
--// --//

62
src/main/resources/db/changelog/5-hs-office/512-coopassets/5123-hs-office-coopassets-rbac.sql
View File

@ -3,29 +3,29 @@
-- ============================================================================ -- ============================================================================
--changeset RbacObjectGenerator:hs-office-coopassettx-rbac-OBJECT endDelimiter:--// --changeset RbacObjectGenerator:hs-office-coopassetstransaction-rbac-OBJECT endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRelatedRbacObject('hs_office.coopassettx'); call rbac.generateRelatedRbacObject('hs_office.coopassetstransaction');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacRoleDescriptorsGenerator:hs-office-coopassettx-rbac-ROLE-DESCRIPTORS endDelimiter:--// --changeset RbacRoleDescriptorsGenerator:hs-office-coopassetstransaction-rbac-ROLE-DESCRIPTORS endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRoleDescriptors('hs_office.coopassettx'); call rbac.generateRbacRoleDescriptors('hs_office.coopassetstransaction');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RolesGrantsAndPermissionsGenerator:hs-office-coopassettx-rbac-insert-trigger endDelimiter:--// --changeset RolesGrantsAndPermissionsGenerator:hs-office-coopassetstransaction-rbac-insert-trigger endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure hs_office.coopassettx_build_rbac_system( create or replace procedure hs_office.coopassetstransaction_build_rbac_system(
NEW hs_office.coopassettx NEW hs_office.coopassetstransaction
) )
language plpgsql as $$ language plpgsql as $$
@ -45,52 +45,52 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopassettx row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopassetstransaction row.
*/ */
create or replace function hs_office.coopassettx_build_rbac_system_after_insert_tf() create or replace function hs_office.coopassetstransaction_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call hs_office.coopassettx_build_rbac_system(NEW); call hs_office.coopassetstransaction_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger build_rbac_system_after_insert_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.coopassettx after insert on hs_office.coopassetstransaction
for each row for each row
execute procedure hs_office.coopassettx_build_rbac_system_after_insert_tf(); execute procedure hs_office.coopassetstransaction_build_rbac_system_after_insert_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopassettx-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopassetstransaction-rbac-GRANTING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
-- granting INSERT permission to hs_office.membership ---------------------------- -- granting INSERT permission to hs_office.membership ----------------------------
/* /*
Grants INSERT INTO hs_office.coopassettx permissions to specified role of pre-existing hs_office.membership rows. Grants INSERT INTO hs_office.coopassetstransaction permissions to specified role of pre-existing hs_office.membership rows.
*/ */
do language plpgsql $$ do language plpgsql $$
declare declare
row hs_office.membership; row hs_office.membership;
begin begin
call base.defineContext('create INSERT INTO hs_office.coopassettx permissions for pre-exising hs_office.membership rows'); call base.defineContext('create INSERT INTO hs_office.coopassetstransaction permissions for pre-exising hs_office.membership rows');
FOR row IN SELECT * FROM hs_office.membership FOR row IN SELECT * FROM hs_office.membership
-- unconditional for all rows in that table -- unconditional for all rows in that table
LOOP LOOP
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopassettx'), rbac.createPermission(row.uuid, 'INSERT', 'hs_office.coopassetstransaction'),
hs_office.membership_ADMIN(row)); hs_office.membership_ADMIN(row));
END LOOP; END LOOP;
end; end;
$$; $$;
/** /**
Grants hs_office.coopassettx INSERT permission to specified role of new membership rows. Grants hs_office.coopassetstransaction INSERT permission to specified role of new membership rows.
*/ */
create or replace function hs_office.new_coopassettx_grants_insert_to_membership_tf() create or replace function hs_office.new_coopassettx_grants_insert_to_membership_tf()
returns trigger returns trigger
@ -99,53 +99,53 @@ create or replace function hs_office.new_coopassettx_grants_insert_to_membership
begin begin
-- unconditional for all rows in that table -- unconditional for all rows in that table
call rbac.grantPermissionToRole( call rbac.grantPermissionToRole(
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopassettx'), rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.coopassetstransaction'),
hs_office.membership_ADMIN(NEW)); hs_office.membership_ADMIN(NEW));
-- end. -- end.
return NEW; return NEW;
end; $$; end; $$;
-- z_... is to put it at the end of after insert triggers, to make sure the roles exist -- z_... is to put it at the end of after insert triggers, to make sure the roles exist
create trigger z_new_coopassettx_grants_after_insert_tg create trigger z_new_coopassetstransaction_grants_after_insert_tg
after insert on hs_office.membership after insert on hs_office.membership
for each row for each row
execute procedure hs_office.new_coopassettx_grants_insert_to_membership_tf(); execute procedure hs_office.new_coopassettx_grants_insert_to_membership_tf();
-- ============================================================================ -- ============================================================================
--changeset InsertTriggerGenerator:hs-office-coopassettx-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--// --changeset InsertTriggerGenerator:hs-office-coopassetstransaction-rbac-CHECKING-INSERT-PERMISSION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/** /**
Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopassettx. Checks if the user respectively the assumed roles are allowed to insert a row to hs_office.coopassetstransaction.
*/ */
create or replace function hs_office.coopassettx_insert_permission_check_tf() create or replace function hs_office.coopassetstransaction_insert_permission_check_tf()
returns trigger returns trigger
language plpgsql as $$ language plpgsql as $$
declare declare
superObjectUuid uuid; superObjectUuid uuid;
begin begin
-- check INSERT permission via direct foreign key: NEW.membershipUuid -- check INSERT permission via direct foreign key: NEW.membershipUuid
if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopassettx') then if rbac.hasInsertPermission(NEW.membershipUuid, 'hs_office.coopassetstransaction') then
return NEW; return NEW;
end if; end if;
raise exception '[403] insert into hs_office.coopassettx values(%) not allowed for current subjects % (%)', raise exception '[403] insert into hs_office.coopassetstransaction values(%) not allowed for current subjects % (%)',
NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids(); NEW, base.currentSubjects(), rbac.currentSubjectOrAssumedRolesUuids();
end; $$; end; $$;
create trigger coopassettx_insert_permission_check_tg create trigger coopassetstransaction_insert_permission_check_tg
before insert on hs_office.coopassettx before insert on hs_office.coopassetstransaction
for each row for each row
execute procedure hs_office.coopassettx_insert_permission_check_tf(); execute procedure hs_office.coopassetstransaction_insert_permission_check_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacIdentityViewGenerator:hs-office-coopassettx-rbac-IDENTITY-VIEW endDelimiter:--// --changeset RbacIdentityViewGenerator:hs-office-coopassetstransaction-rbac-IDENTITY-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacIdentityViewFromProjection('hs_office.coopassettx', call rbac.generateRbacIdentityViewFromProjection('hs_office.coopassetstransaction',
$idName$ $idName$
reference reference
$idName$); $idName$);
@ -153,9 +153,9 @@ call rbac.generateRbacIdentityViewFromProjection('hs_office.coopassettx',
-- ============================================================================ -- ============================================================================
--changeset RbacRestrictedViewGenerator:hs-office-coopassettx-rbac-RESTRICTED-VIEW endDelimiter:--// --changeset RbacRestrictedViewGenerator:hs-office-coopassetstransaction-rbac-RESTRICTED-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRestrictedView('hs_office.coopassettx', call rbac.generateRbacRestrictedView('hs_office.coopassetstransaction',
$orderBy$ $orderBy$
reference reference
$orderBy$, $orderBy$,

26
src/main/resources/db/changelog/5-hs-office/512-coopassets/5126-hs-office-coopassets-migration.sql
View File

@ -7,9 +7,9 @@
--changeset michael.hoennig:hs-office-coopassets-MIGRATION-mapping endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MIGRATION-mapping endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE TABLE hs_office.coopassettx_legacy_id CREATE TABLE hs_office.coopassetstransaction_legacy_id
( (
uuid uuid NOT NULL REFERENCES hs_office.coopassettx(uuid), uuid uuid NOT NULL REFERENCES hs_office.coopassetstransaction(uuid),
member_asset_id integer NOT NULL member_asset_id integer NOT NULL
); );
--// --//
@ -19,10 +19,10 @@ CREATE TABLE hs_office.coopassettx_legacy_id
--changeset michael.hoennig:hs-office-coopassets-MIGRATION-sequence endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MIGRATION-sequence endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE SEQUENCE IF NOT EXISTS hs_office.coopassettx_legacy_id_seq CREATE SEQUENCE IF NOT EXISTS hs_office.coopassetstransaction_legacy_id_seq
AS integer AS integer
START 1000000000 START 1000000000
OWNED BY hs_office.coopassettx_legacy_id.member_asset_id; OWNED BY hs_office.coopassetstransaction_legacy_id.member_asset_id;
--// --//
@ -30,9 +30,9 @@ CREATE SEQUENCE IF NOT EXISTS hs_office.coopassettx_legacy_id_seq
--changeset michael.hoennig:hs-office-coopassets-MIGRATION-default endDelimiter:--// --changeset michael.hoennig:hs-office-coopassets-MIGRATION-default endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
ALTER TABLE hs_office.coopassettx_legacy_id ALTER TABLE hs_office.coopassetstransaction_legacy_id
ALTER COLUMN member_asset_id ALTER COLUMN member_asset_id
SET DEFAULT nextVal('hs_office.coopassettx_legacy_id_seq'); SET DEFAULT nextVal('hs_office.coopassetstransaction_legacy_id_seq');
--/ --/
@ -41,8 +41,8 @@ ALTER TABLE hs_office.coopassettx_legacy_id
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL base.defineContext('schema-migration'); CALL base.defineContext('schema-migration');
INSERT INTO hs_office.coopassettx_legacy_id(uuid, member_asset_id) INSERT INTO hs_office.coopassetstransaction_legacy_id(uuid, member_asset_id)
SELECT uuid, nextVal('hs_office.coopassettx_legacy_id_seq') FROM hs_office.coopassettx; SELECT uuid, nextVal('hs_office.coopassetstransaction_legacy_id_seq') FROM hs_office.coopassetstransaction;
--/ --/
@ -58,14 +58,14 @@ begin
raise exception 'invalid usage of trigger'; raise exception 'invalid usage of trigger';
end if; end if;
INSERT INTO hs_office.coopassettx_legacy_id VALUES INSERT INTO hs_office.coopassetstransaction_legacy_id VALUES
(NEW.uuid, nextVal('hs_office.coopassettx_legacy_id_seq')); (NEW.uuid, nextVal('hs_office.coopassetstransaction_legacy_id_seq'));
return NEW; return NEW;
end; $$; end; $$;
create trigger insert_legacy_id_mapping_tg create trigger insert_legacy_id_mapping_tg
after insert on hs_office.coopassettx after insert on hs_office.coopassetstransaction
for each row for each row
execute procedure hs_office.coopassettx_insert_legacy_id_mapping_tf(); execute procedure hs_office.coopassettx_insert_legacy_id_mapping_tf();
--/ --/
@ -83,14 +83,14 @@ begin
raise exception 'invalid usage of trigger'; raise exception 'invalid usage of trigger';
end if; end if;
DELETE FROM hs_office.coopassettx_legacy_id DELETE FROM hs_office.coopassetstransaction_legacy_id
WHERE uuid = OLD.uuid; WHERE uuid = OLD.uuid;
return OLD; return OLD;
end; $$; end; $$;
create trigger delete_legacy_id_mapping_tg create trigger delete_legacy_id_mapping_tg
before delete on hs_office.coopassettx before delete on hs_office.coopassetstransaction
for each row for each row
execute procedure hs_office.coopassettx_delete_legacy_id_mapping_tf(); execute procedure hs_office.coopassettx_delete_legacy_id_mapping_tf();
--/ --/

2
src/main/resources/db/changelog/5-hs-office/512-coopassets/5128-hs-office-coopassets-test-data.sql
View File

@ -27,7 +27,7 @@ begin
raise notice 'creating test coopAssetsTransaction: %', givenPartnerNumber || givenMemberNumberSuffix; raise notice 'creating test coopAssetsTransaction: %', givenPartnerNumber || givenMemberNumberSuffix;
lossEntryUuid := uuid_generate_v4(); lossEntryUuid := uuid_generate_v4();
insert insert
into hs_office.coopassettx(uuid, membershipuuid, transactiontype, valuedate, assetvalue, reference, comment, adjustedAssetTxUuid) into hs_office.coopassetstransaction(uuid, membershipuuid, transactiontype, valuedate, assetvalue, reference, comment, adjustedAssetTxUuid)
values values
(uuid_generate_v4(), membership.uuid, 'DEPOSIT', '2010-03-15', 320.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-1', 'initial deposit', null), (uuid_generate_v4(), membership.uuid, 'DEPOSIT', '2010-03-15', 320.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-1', 'initial deposit', null),
(uuid_generate_v4(), membership.uuid, 'DISBURSAL', '2021-09-01', -128.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-2', 'partial disbursal', null), (uuid_generate_v4(), membership.uuid, 'DISBURSAL', '2021-09-01', -128.00, 'ref '||givenPartnerNumber || givenMemberNumberSuffix||'-2', 'partial disbursal', null),

2
src/test/java/net/hostsharing/hsadminng/hs/migration/BaseOfficeDataImport.java
View File

@ -677,7 +677,7 @@ public abstract class BaseOfficeDataImport extends CsvDataImport {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context(rbacSuperuser); context(rbacSuperuser);
coopAssets.forEach(this::persist); coopAssets.forEach(this::persist);
updateLegacyIds(coopAssets, "hs_office.coopassettx_legacy_id", "member_asset_id"); updateLegacyIds(coopAssets, "hs_office.coopassetstransaction_legacy_id", "member_asset_id");
}).assertSuccessful(); }).assertSuccessful();
} }

8
src/test/java/net/hostsharing/hsadminng/hs/migration/CsvDataImport.java
View File

@ -254,9 +254,9 @@ public class CsvDataImport extends ContextBasedTest {
em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.project where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.project where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.project_ex where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.project_ex where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopassettx where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopassetstransaction where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopassettx_legacy_id where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopassetstransaction_legacy_id where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopsharetx where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopsharestransaction where true").executeUpdate();
em.createNativeQuery("delete from hs_office.coopsharestransaction_legacy_id where true").executeUpdate(); em.createNativeQuery("delete from hs_office.coopsharestransaction_legacy_id where true").executeUpdate();
em.createNativeQuery("delete from hs_office.membership where true").executeUpdate(); em.createNativeQuery("delete from hs_office.membership where true").executeUpdate();
em.createNativeQuery("delete from hs_office.sepamandate where true").executeUpdate(); em.createNativeQuery("delete from hs_office.sepamandate where true").executeUpdate();
@ -275,7 +275,7 @@ public class CsvDataImport extends ContextBasedTest {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context(rbacSuperuser); context(rbacSuperuser);
em.createNativeQuery("alter sequence hs_office.contact_legacy_id_seq restart with 1000000000;").executeUpdate(); em.createNativeQuery("alter sequence hs_office.contact_legacy_id_seq restart with 1000000000;").executeUpdate();
em.createNativeQuery("alter sequence hs_office.coopassettx_legacy_id_seq restart with 1000000000;") em.createNativeQuery("alter sequence hs_office.coopassetstransaction_legacy_id_seq restart with 1000000000;")
.executeUpdate(); .executeUpdate();
em.createNativeQuery("alter sequence public.hs_office.coopsharestransaction_legacy_id_seq restart with 1000000000;") em.createNativeQuery("alter sequence public.hs_office.coopsharestransaction_legacy_id_seq restart with 1000000000;")
.executeUpdate(); .executeUpdate();

4
src/test/java/net/hostsharing/hsadminng/hs/office/coopassets/HsOfficeCoopAssetsTransactionControllerAcceptanceTest.java
View File

@ -391,9 +391,9 @@ class HsOfficeCoopAssetsTransactionControllerAcceptanceTest extends ContextBased
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define("superuser-alex@hostsharing.net", null);
// HsOfficeCoopAssetsTransactionEntity respectively hs_office.coopassettx_rv // HsOfficeCoopAssetsTransactionEntity respectively hs_office.coopassetstransaction_rv
// cannot be deleted at all, but the underlying table record can be deleted. // cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office.coopassettx where reference like 'temp %'") em.createNativeQuery("delete from hs_office.coopassetstransaction where reference like 'temp %'")
.executeUpdate(); .executeUpdate();
}).assertSuccessful(); }).assertSuccessful();
} }

30
src/test/java/net/hostsharing/hsadminng/hs/office/coopassets/HsOfficeCoopAssetsTransactionRepositoryIntegrationTest.java
View File

@ -112,8 +112,8 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
.map(s -> s.replace("hs_office.", "")) .map(s -> s.replace("hs_office.", ""))
.containsExactlyInAnyOrder(Array.fromFormatted( .containsExactlyInAnyOrder(Array.fromFormatted(
initialGrantNames, initialGrantNames,
"{ grant perm:coopassettx#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }", "{ grant perm:coopassetstransaction#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }",
"{ grant perm:coopassettx#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }", "{ grant perm:coopassetstransaction#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }",
null)); null));
} }
@ -222,7 +222,7 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference' select currentTask, targetTable, targetOp, targetdelta->>'reference'
from base.tx_journal_v from base.tx_journal_v
where targettable = 'hs_office.coopassettx'; where targettable = 'hs_office.coopassetstransaction';
"""); """);
// when // when
@ -230,18 +230,18 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
// then // then
assertThat(customerLogEntries).map(Arrays::toString).contains( assertThat(customerLogEntries).map(Arrays::toString).contains(
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-1]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-1]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-2]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-2]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000101-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000101-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-1]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-1]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-2]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-2]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000202-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000202-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-1]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-1]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-2]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-2]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-3]", "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-3]",
"[creating coopAssetsTransaction test-data, hs_office.coopassettx, INSERT, ref 1000303-3]"); "[creating coopAssetsTransaction test-data, hs_office.coopassetstransaction, INSERT, ref 1000303-3]");
} }
@BeforeEach @BeforeEach

4
src/test/java/net/hostsharing/hsadminng/hs/office/coopshares/HsOfficeCoopSharesTransactionControllerAcceptanceTest.java
View File

@ -55,9 +55,9 @@ class HsOfficeCoopSharesTransactionControllerAcceptanceTest extends ContextBased
void cleanup() { void cleanup() {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context.define("superuser-alex@hostsharing.net", null); context.define("superuser-alex@hostsharing.net", null);
// HsOfficeCoopSharesTransactionEntity respectively hs_office.coopsharetx_rv // HsOfficeCoopSharesTransactionEntity respectively hs_office.coopsharestransaction_rv
// cannot be deleted at all, but the underlying table record can be deleted. // cannot be deleted at all, but the underlying table record can be deleted.
em.createNativeQuery("delete from hs_office.coopsharetx where reference like 'temp %'").executeUpdate(); em.createNativeQuery("delete from hs_office.coopsharestransaction where reference like 'temp %'").executeUpdate();
}).assertSuccessful(); }).assertSuccessful();
} }

30
src/test/java/net/hostsharing/hsadminng/hs/office/coopshares/HsOfficeCoopSharesTransactionRepositoryIntegrationTest.java
View File

@ -111,8 +111,8 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
.map(s -> s.replace("hs_office.", "")) .map(s -> s.replace("hs_office.", ""))
.containsExactlyInAnyOrder(Array.fromFormatted( .containsExactlyInAnyOrder(Array.fromFormatted(
initialGrantNames, initialGrantNames,
"{ grant perm:coopsharetx#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }", "{ grant perm:coopsharestransaction#temprefB:SELECT to role:membership#M-1000101:AGENT by system and assume }",
"{ grant perm:coopsharetx#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }", "{ grant perm:coopsharestransaction#temprefB:UPDATE to role:membership#M-1000101:ADMIN by system and assume }",
null)); null));
} }
@ -221,7 +221,7 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference' select currentTask, targetTable, targetOp, targetdelta->>'reference'
from base.tx_journal_v from base.tx_journal_v
where targettable = 'hs_office.coopsharetx'; where targettable = 'hs_office.coopsharestransaction';
"""); """);
// when // when
@ -229,18 +229,18 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
// then // then
assertThat(customerLogEntries).map(Arrays::toString).contains( assertThat(customerLogEntries).map(Arrays::toString).contains(
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-1]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-1]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-2]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-2]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-3]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-3]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000101-4]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000101-4]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-1]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-1]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-2]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-2]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-3]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-3]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000202-4]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000202-4]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-1]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-1]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-2]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-2]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-3]", "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-3]",
"[creating coopSharesTransaction test-data, hs_office.coopsharetx, INSERT, ref 1000303-4]"); "[creating coopSharesTransaction test-data, hs_office.coopsharestransaction, INSERT, ref 1000303-4]");
} }
@BeforeEach @BeforeEach

4
src/test/java/net/hostsharing/hsadminng/hs/office/membership/HsOfficeMembershipRepositoryIntegrationTest.java
View File

@ -118,8 +118,8 @@ class HsOfficeMembershipRepositoryIntegrationTest extends ContextBasedTestWithCl
.containsExactlyInAnyOrder(Array.fromFormatted( .containsExactlyInAnyOrder(Array.fromFormatted(
initialGrantNames, initialGrantNames,
// insert // insert
"{ grant perm:membership#M-1000117:INSERT>coopassettx to role:membership#M-1000117:ADMIN by system and assume }", "{ grant perm:membership#M-1000117:INSERT>coopassetstransaction to role:membership#M-1000117:ADMIN by system and assume }",
"{ grant perm:membership#M-1000117:INSERT>coopsharetx to role:membership#M-1000117:ADMIN by system and assume }", "{ grant perm:membership#M-1000117:INSERT>coopsharestransaction to role:membership#M-1000117:ADMIN by system and assume }",
// owner // owner
"{ grant perm:membership#M-1000117:DELETE to role:membership#M-1000117:ADMIN by system and assume }", "{ grant perm:membership#M-1000117:DELETE to role:membership#M-1000117:ADMIN by system and assume }",

2
src/test/java/net/hostsharing/hsadminng/rbac/grant/RbacGrantsDiagramServiceIntegrationTest.java
View File

@ -95,7 +95,7 @@ class RbacGrantsDiagramServiceIntegrationTest extends ContextBasedTestWithCleanu
//final var graph = grantsMermaidService.allGrantsTocurrentSubject(EnumSet.of(Include.NON_TEST_ENTITIES, Include.PERMISSIONS)); //final var graph = grantsMermaidService.allGrantsTocurrentSubject(EnumSet.of(Include.NON_TEST_ENTITIES, Include.PERMISSIONS));
final var targetObject = (UUID) em.createNativeQuery("SELECT uuid FROM hs_office.coopassettx WHERE reference='ref 1000101-1'").getSingleResult(); final var targetObject = (UUID) em.createNativeQuery("SELECT uuid FROM hs_office.coopassetstransaction WHERE reference='ref 1000101-1'").getSingleResult();
final var graph = grantsMermaidService.allGrantsFrom(targetObject, "view", EnumSet.of(Include.USERS)); final var graph = grantsMermaidService.allGrantsFrom(targetObject, "view", EnumSet.of(Include.USERS));
RbacGrantsDiagramService.writeToFile(join(";", context.fetchAssumedRoles()), graph, "doc/all-grants.md"); RbacGrantsDiagramService.writeToFile(join(";", context.fetchAssumedRoles()), graph, "doc/all-grants.md");

2
src/test/resources/application.yml
View File

@ -7,7 +7,7 @@ spring:
url-tc: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers url-tc: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers
url-tcx: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers?TC_REUSABLE=true&TC_DAEMON=true url-tcx: jdbc:tc:postgresql:15.5-bookworm:///spring_boot_testcontainers?TC_REUSABLE=true&TC_DAEMON=true
url-local: jdbc:postgresql://localhost:5432/postgres url-local: jdbc:postgresql://localhost:5432/postgres
url: ${spring.datasource.url-local} url: ${spring.datasource.url-tc}
username: postgres username: postgres
password: password password: password