Compare commits
6 Commits
860df4c69f
...
a4c2cd3edd
| Author | SHA1 | Date | |
|---|---|---|---|
|
a4c2cd3edd | ||
|
|
90d3db1e3e | ||
|
|
2f59e762c5 | ||
|
|
ffd20a6764 | ||
|
|
e3292b7049 | ||
|
|
1c27eae5f7 |
@ -24,13 +24,13 @@ delete from hs_hosting_asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::
|
||||
commit;
|
||||
|
||||
-- single version at point in time
|
||||
-- set hsadminng.tx_history_txid to (select max(txid) from tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
|
||||
-- set hsadminng.tx_history_txid to (select max(txid) from basis.tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
|
||||
set hsadminng.tx_history_txid to '';
|
||||
set hsadminng.tx_history_timestamp to '2024-08-29 12:42';
|
||||
-- all versions
|
||||
select tx_history_txid(), txc.txtimestamp, txc.currentUser, txc.currentTask, haex.*
|
||||
from hs_hosting_asset_ex haex
|
||||
join tx_context txc on haex.txid=txc.txid
|
||||
join basis.tx_context txc on haex.txid=txc.txid
|
||||
where haex.identifier = 'test@thi.example.org';
|
||||
|
||||
select uuid, version, type, identifier, caption from hs_hosting_asset_hv p where identifier = 'test@thi.example.org';
|
||||
|
||||
@ -54,7 +54,7 @@ public class Context {
|
||||
final String currentUser,
|
||||
final String assumedRoles) {
|
||||
final var query = em.createNativeQuery("""
|
||||
call defineContext(
|
||||
call basis.defineContext(
|
||||
cast(:currentTask as varchar(127)),
|
||||
cast(:currentRequest as text),
|
||||
cast(:currentUser as varchar(63)),
|
||||
|
||||
@ -67,7 +67,7 @@ public class InsertTriggerGenerator {
|
||||
declare
|
||||
row ${rawSuperTable};
|
||||
begin
|
||||
call defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
|
||||
call basis.defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
|
||||
|
||||
FOR row IN SELECT * FROM ${rawSuperTable}
|
||||
${whenCondition}
|
||||
|
||||
@ -2,11 +2,7 @@
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset prefix-TEMPLATE:1 endDelimiter:--//
|
||||
--changeset basis-schema:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
/*
|
||||
|
||||
*/
|
||||
|
||||
CREATE SCHEMA basis;
|
||||
--//
|
||||
@ -8,13 +8,13 @@
|
||||
Returns the row count from the result of the previous query.
|
||||
Other than the native statement it's usable in an expression.
|
||||
*/
|
||||
create or replace function lastRowCount()
|
||||
create or replace function basis.lastRowCount()
|
||||
returns bigint
|
||||
language plpgsql as $$
|
||||
declare
|
||||
lastRowCount bigint;
|
||||
begin
|
||||
get diagnostics lastrowCount = row_count;
|
||||
get diagnostics lastRowCount = row_count;
|
||||
return lastRowCount;
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
@ -8,10 +8,10 @@
|
||||
Returns a textual representation of an integer number to be used as generated test data.
|
||||
|
||||
Examples :
|
||||
intToVarChar(0, 3) => 'aaa'
|
||||
intToVarChar(1, 3) => 'aab'
|
||||
basis.intToVarChar(0, 3) => 'aaa'
|
||||
basis.intToVarChar(1, 3) => 'aab'
|
||||
*/
|
||||
create or replace function intToVarChar(i integer, len integer)
|
||||
create or replace function basis.intToVarChar(i integer, len integer)
|
||||
returns varchar
|
||||
language plpgsql as $$
|
||||
declare
|
||||
@ -19,7 +19,7 @@ declare
|
||||
begin
|
||||
select chr(ascii('a') + i % 26) into partial;
|
||||
if len > 1 then
|
||||
return intToVarChar(i / 26, len - 1) || partial;
|
||||
return basis.intToVarChar(i / 26, len - 1) || partial;
|
||||
else
|
||||
return partial;
|
||||
end if;
|
||||
|
||||
@ -10,9 +10,9 @@
|
||||
to be used for test data generation.
|
||||
|
||||
Example:
|
||||
randomInRange(0, 4) might return any of 0, 1, 2, 3, 4
|
||||
basis.randomInRange(0, 4) might return any of 0, 1, 2, 3, 4
|
||||
*/
|
||||
create or replace function randomInRange(min integer, max integer)
|
||||
create or replace function basis.randomInRange(min integer, max integer)
|
||||
returns integer
|
||||
returns null on null input
|
||||
language 'plpgsql' as $$
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
This is a kind of right sided json diff.
|
||||
*/
|
||||
|
||||
create or replace function jsonb_changes_delta(oldJson jsonb, newJson jsonb)
|
||||
create or replace function basis.jsonb_changes_delta(oldJson jsonb, newJson jsonb)
|
||||
returns jsonb
|
||||
called on null input
|
||||
language plpgsql as $$
|
||||
@ -31,7 +31,7 @@ begin
|
||||
if jsonb_typeof(newJson -> (oldJsonElement.key)) = 'object' then
|
||||
diffJson = diffJson ||
|
||||
jsonb_build_object(oldJsonElement.key,
|
||||
jsonb_changes_delta(oldJsonElement.value, newJson -> (oldJsonElement.key)));
|
||||
basis.jsonb_changes_delta(oldJsonElement.value, newJson -> (oldJsonElement.key)));
|
||||
end if;
|
||||
else
|
||||
diffJson = diffJson || jsonb_build_object(oldJsonElement.key, null);
|
||||
@ -49,30 +49,30 @@ do language plpgsql $$
|
||||
actual text;
|
||||
begin
|
||||
|
||||
select jsonb_changes_delta(null::jsonb, null::jsonb) into actual;
|
||||
select basis.jsonb_changes_delta(null::jsonb, null::jsonb) into actual;
|
||||
if actual is not null then
|
||||
raise exception 'jsonb_diff #1 failed:% expected: %,% actually: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select jsonb_changes_delta(null::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
select basis.jsonb_changes_delta(null::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
expected := '{"a": "new"}'::jsonb;
|
||||
if actual <> expected then
|
||||
raise exception 'jsonb_diff #2 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
select basis.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
expected := '{"a": "new"}'::jsonb;
|
||||
if actual <> expected then
|
||||
raise exception 'jsonb_diff #3 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "old"}'::jsonb) into actual;
|
||||
select basis.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "old"}'::jsonb) into actual;
|
||||
expected := '{}'::jsonb;
|
||||
if actual <> expected then
|
||||
raise exception 'jsonb_diff #4 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select jsonb_changes_delta(
|
||||
select basis.jsonb_changes_delta(
|
||||
$json${
|
||||
"a": "same",
|
||||
"b": "old",
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
--changeset numeric-hash-functions:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create function bigIntHash(text) returns bigint as $$
|
||||
create function basis.bigIntHash(text) returns bigint as $$
|
||||
select ('x'||substr(md5($1),1,16))::bit(64)::bigint;
|
||||
$$ language sql;
|
||||
--//
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
--changeset table-columns-function:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create or replace function columnsNames( tableName text )
|
||||
create or replace function basis.tableColumnNames( tableName text )
|
||||
returns text
|
||||
stable
|
||||
language 'plpgsql' as $$
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
/*
|
||||
Like `RAISE EXCEPTION` ... just as an expression instead of a statement.
|
||||
*/
|
||||
create or replace function raiseException(msg text)
|
||||
create or replace function basis.raiseException(msg text)
|
||||
returns varchar
|
||||
language plpgsql as $$
|
||||
begin
|
||||
@ -21,7 +21,7 @@ end; $$;
|
||||
/*
|
||||
Like `ASSERT` but as an expression instead of a statement.
|
||||
*/
|
||||
create or replace function assertTrue(expectedTrue boolean, msg text)
|
||||
create or replace function basis.assertTrue(expectedTrue boolean, msg text)
|
||||
returns boolean
|
||||
language plpgsql as $$
|
||||
begin
|
||||
|
||||
@ -9,7 +9,7 @@
|
||||
Callback which is called after the context has been (re-) defined.
|
||||
This function will be overwritten by later changesets.
|
||||
*/
|
||||
create procedure contextDefined(
|
||||
create procedure basis.contextDefined(
|
||||
currentTask varchar(127),
|
||||
currentRequest text,
|
||||
currentUser varchar(63),
|
||||
@ -22,7 +22,7 @@ end; $$;
|
||||
/*
|
||||
Defines the transaction context.
|
||||
*/
|
||||
create or replace procedure defineContext(
|
||||
create or replace procedure basis.defineContext(
|
||||
currentTask varchar(127),
|
||||
currentRequest text = null,
|
||||
currentUser varchar(63) = null,
|
||||
@ -46,7 +46,7 @@ begin
|
||||
assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles);
|
||||
execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
|
||||
|
||||
call contextDefined(currentTask, currentRequest, currentUser, assumedRoles);
|
||||
call basis.contextDefined(currentTask, currentRequest, currentUser, assumedRoles);
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
@ -58,7 +58,7 @@ end; $$;
|
||||
Returns the current task as set by `hsadminng.currentTask`.
|
||||
Raises exception if not set.
|
||||
*/
|
||||
create or replace function currentTask()
|
||||
create or replace function basis.currentTask()
|
||||
returns varchar(127)
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
@ -72,7 +72,7 @@ begin
|
||||
currentTask := null;
|
||||
end;
|
||||
if (currentTask is null or currentTask = '') then
|
||||
raise exception '[401] currentTask must be defined, please call `defineContext(...)`';
|
||||
raise exception '[401] currentTask must be defined, please call `basis.defineContext(...)`';
|
||||
end if;
|
||||
return currentTask;
|
||||
end; $$;
|
||||
@ -83,7 +83,7 @@ end; $$;
|
||||
--changeset context-CURRENT-REQUEST:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the current http request as set via `defineContext(...)`.
|
||||
Returns the current http request as set via `basis.defineContext(...)`.
|
||||
Raises exception if not set.
|
||||
*/
|
||||
create or replace function currentRequest()
|
||||
@ -108,7 +108,7 @@ end; $$;
|
||||
--changeset context-CURRENT-USER:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the current user as defined by `defineContext(...)`.
|
||||
Returns the current user as defined by `basis.defineContext(...)`.
|
||||
*/
|
||||
create or replace function currentUser()
|
||||
returns varchar(63)
|
||||
|
||||
@ -78,7 +78,7 @@ declare
|
||||
curTask text;
|
||||
curTxId xid8;
|
||||
begin
|
||||
curTask := currentTask();
|
||||
curTask := basis.currentTask();
|
||||
curTxId := pg_current_xact_id();
|
||||
|
||||
insert
|
||||
@ -97,7 +97,7 @@ begin
|
||||
into tx_journal
|
||||
values (curTxId,
|
||||
tg_table_name, old.uuid, tg_op::operation,
|
||||
jsonb_changes_delta(to_jsonb(old), to_jsonb(new)));
|
||||
basis.jsonb_changes_delta(to_jsonb(old), to_jsonb(new)));
|
||||
when 'DELETE' then insert
|
||||
into tx_journal
|
||||
values (curTxId,
|
||||
|
||||
@ -741,7 +741,7 @@ begin
|
||||
AND obj.objectTable = forObjectTable
|
||||
LIMIT maxObjects+1;
|
||||
|
||||
foundRows = lastRowCount();
|
||||
foundRows = basis.lastRowCount();
|
||||
if foundRows > maxObjects then
|
||||
raise exception '[400] Too many accessible objects, limit is %, found %.', maxObjects, foundRows
|
||||
using
|
||||
|
||||
@ -18,7 +18,7 @@ begin
|
||||
|
||||
select uuid from RbacUser where name = currentUser into currentUserUuid;
|
||||
if currentUserUuid is null then
|
||||
raise exception '[401] user % given in `defineContext(...)` does not exist', currentUser;
|
||||
raise exception '[401] user % given in `basis.defineContext(...)` does not exist', currentUser;
|
||||
end if;
|
||||
return currentUserUuid;
|
||||
end; $$;
|
||||
@ -84,7 +84,7 @@ end; $$;
|
||||
Callback which is called after the context has been (re-) defined.
|
||||
This function will be overwritten by later changesets.
|
||||
*/
|
||||
create or replace procedure contextDefined(
|
||||
create or replace procedure basis.contextDefined(
|
||||
currentTask varchar(127),
|
||||
currentRequest text,
|
||||
currentUser varchar(63),
|
||||
@ -114,7 +114,7 @@ end; $$;
|
||||
--changeset rbac-context-CURRENT-USER-ID:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the uuid of the current user as set via `defineContext(...)`.
|
||||
Returns the uuid of the current user as set via `basis.defineContext(...)`.
|
||||
*/
|
||||
|
||||
create or replace function currentUserUuid()
|
||||
@ -136,7 +136,7 @@ begin
|
||||
if (length(currentUserName) > 0) then
|
||||
raise exception '[401] currentUserUuid cannot be determined, unknown user name "%"', currentUserName;
|
||||
else
|
||||
raise exception '[401] currentUserUuid cannot be determined, please call `defineContext(...)` first;"';
|
||||
raise exception '[401] currentUserUuid cannot be determined, please call `basis.defineContext(...)` first;"';
|
||||
end if;
|
||||
end if;
|
||||
return currentUserUuid::uuid;
|
||||
@ -147,8 +147,8 @@ end; $$;
|
||||
--changeset rbac-context-CURRENT-SUBJECT-UUIDS:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the uuid of the current user as set via `defineContext(...)`,
|
||||
or, if any, the uuids of all assumed roles as set via `defineContext(...)`
|
||||
Returns the uuid of the current user as set via `basis.defineContext(...)`,
|
||||
or, if any, the uuids of all assumed roles as set via `basis.defineContext(...)`
|
||||
or empty array, if context is not defined.
|
||||
*/
|
||||
create or replace function currentSubjectsUuids()
|
||||
@ -170,7 +170,7 @@ begin
|
||||
if (length(currentUserName) > 0) then
|
||||
raise exception '[401] currentSubjectsUuids (%) cannot be determined, unknown user name "%"', currentSubjectsUuids, currentUserName;
|
||||
else
|
||||
raise exception '[401] currentSubjectsUuids cannot be determined, please call `defineContext(...)` with a valid user;"';
|
||||
raise exception '[401] currentSubjectsUuids cannot be determined, please call `basis.defineContext(...)` with a valid user;"';
|
||||
end if;
|
||||
end if;
|
||||
return string_to_array(currentSubjectsUuids, ';');
|
||||
|
||||
@ -168,7 +168,7 @@ declare
|
||||
begin
|
||||
targetTable := lower(targetTable);
|
||||
if columnNames = '*' then
|
||||
columnNames := columnsNames(targetTable);
|
||||
columnNames := basis.tableColumnNames(targetTable);
|
||||
end if;
|
||||
|
||||
/*
|
||||
@ -190,14 +190,14 @@ begin
|
||||
select distinct g.descendantuuid,
|
||||
g.ascendantuuid,
|
||||
grants.level + 1 as level,
|
||||
assertTrue(grants.level < 22, 'too many grant-levels: ' || grants.level)
|
||||
basis.assertTrue(grants.level < 22, 'too many grant-levels: ' || grants.level)
|
||||
from rbacgrants g
|
||||
join recursive_grants grants on grants.descendantuuid = g.ascendantuuid
|
||||
where g.assumed),
|
||||
grant_count AS (
|
||||
SELECT COUNT(*) AS grant_count FROM recursive_grants
|
||||
),
|
||||
count_check as (select assertTrue((select count(*) as grant_count from recursive_grants) < 400000,
|
||||
count_check as (select basis.assertTrue((select count(*) as grant_count from recursive_grants) < 400000,
|
||||
'too many grants for current subjects: ' || (select count(*) as grant_count from recursive_grants))
|
||||
as valid)
|
||||
select distinct perm.objectuuid
|
||||
|
||||
@ -94,7 +94,7 @@ $$;
|
||||
A single row to be referenced as a global object.
|
||||
*/
|
||||
begin transaction;
|
||||
call defineContext('initializing table "global"', null, null, null);
|
||||
call basis.defineContext('initializing table "global"', null, null, null);
|
||||
insert
|
||||
into RbacObject (objecttable) values ('global');
|
||||
insert
|
||||
@ -118,7 +118,7 @@ select 'global', (select uuid from RbacObject where objectTable = 'global'), 'AD
|
||||
$$;
|
||||
|
||||
begin transaction;
|
||||
call defineContext('creating role:global#global:ADMIN', null, null, null);
|
||||
call basis.defineContext('creating role:global#global:ADMIN', null, null, null);
|
||||
select createRole(globalAdmin());
|
||||
commit;
|
||||
--//
|
||||
@ -139,7 +139,7 @@ select 'global', (select uuid from RbacObject where objectTable = 'global'), 'GU
|
||||
$$;
|
||||
|
||||
begin transaction;
|
||||
call defineContext('creating role:global#global:guest', null, null, null);
|
||||
call basis.defineContext('creating role:global#global:guest', null, null, null);
|
||||
select createRole(globalGuest());
|
||||
commit;
|
||||
--//
|
||||
@ -155,7 +155,7 @@ do language plpgsql $$
|
||||
declare
|
||||
admins uuid ;
|
||||
begin
|
||||
call defineContext('creating fake test-realm admin users', null, null, null);
|
||||
call basis.defineContext('creating fake test-realm admin users', null, null, null);
|
||||
|
||||
admins = findRoleId(globalAdmin());
|
||||
call grantRoleToUserUnchecked(admins, admins, createRbacUser('superuser-alex@hostsharing.net'));
|
||||
@ -179,13 +179,13 @@ do language plpgsql $$
|
||||
declare
|
||||
userName varchar;
|
||||
begin
|
||||
call defineContext('testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null);
|
||||
call basis.defineContext('testing currentUserUuid', null, 'superuser-fran@hostsharing.net', null);
|
||||
select userName from RbacUser where uuid = currentUserUuid() into userName;
|
||||
if userName <> 'superuser-fran@hostsharing.net' then
|
||||
raise exception 'setting or fetching initial currentUser failed, got: %', userName;
|
||||
end if;
|
||||
|
||||
call defineContext('testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null);
|
||||
call basis.defineContext('testing currentUserUuid', null, 'superuser-alex@hostsharing.net', null);
|
||||
select userName from RbacUser where uuid = currentUserUuid() into userName;
|
||||
if userName = 'superuser-alex@hostsharing.net' then
|
||||
raise exception 'currentUser should not change in one transaction, but did change, got: %', userName;
|
||||
|
||||
@ -89,7 +89,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO test_customer permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO test_customer permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -59,7 +59,7 @@ create or replace procedure createTestCustomerTestData(
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
call createTestCustomerTestData(testCustomerReference(t), intToVarChar(t, 3));
|
||||
call createTestCustomerTestData(testCustomerReference(t), basis.intToVarChar(t, 3));
|
||||
commit;
|
||||
end loop;
|
||||
end; $$;
|
||||
@ -72,7 +72,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createTestCustomerTestData(99901, 'xxx');
|
||||
call createTestCustomerTestData(99902, 'yyy');
|
||||
|
||||
@ -154,7 +154,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row test_customer;
|
||||
begin
|
||||
call defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
|
||||
call basis.defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
|
||||
|
||||
FOR row IN SELECT * FROM test_customer
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -22,7 +22,7 @@ begin
|
||||
pacName = cust.prefix || to_char(t, 'fm00');
|
||||
custAdminUser = 'customer-admin@' || cust.prefix || '.example.com';
|
||||
custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN';
|
||||
call defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
|
||||
call basis.defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
|
||||
|
||||
insert
|
||||
into test_package (customerUuid, name, description)
|
||||
|
||||
@ -153,7 +153,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row test_package;
|
||||
begin
|
||||
call defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
|
||||
call basis.defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
|
||||
|
||||
FOR row IN SELECT * FROM test_package
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -21,11 +21,11 @@ begin
|
||||
for t in 0..(domainCount-1)
|
||||
loop
|
||||
pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com';
|
||||
call defineContext('creating RBAC test domain', null, pacAdmin, null);
|
||||
call basis.defineContext('creating RBAC test domain', null, pacAdmin, null);
|
||||
|
||||
insert
|
||||
into test_domain (name, packageUuid)
|
||||
values (pac.name || '-' || intToVarChar(t, 4), pac.uuid);
|
||||
values (pac.name || '-' || basis.intToVarChar(t, 4), pac.uuid);
|
||||
end loop;
|
||||
end; $$;
|
||||
|
||||
|
||||
@ -40,7 +40,7 @@ ALTER TABLE hs_office_contact_legacy_id
|
||||
--changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL defineContext('schema-migration');
|
||||
CALL basis.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_contact_legacy_id(uuid, contact_id)
|
||||
SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact;
|
||||
--/
|
||||
|
||||
@ -15,9 +15,9 @@ declare
|
||||
emailAddr varchar;
|
||||
begin
|
||||
emailAddr = 'contact-admin@' || cleanIdentifier(contCaption) || '.example.com';
|
||||
call defineContext('creating contact test-data');
|
||||
call basis.defineContext('creating contact test-data');
|
||||
perform createRbacUser(emailAddr);
|
||||
call defineContext('creating contact test-data', null, emailAddr);
|
||||
call basis.defineContext('creating contact test-data', null, emailAddr);
|
||||
|
||||
postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt';
|
||||
|
||||
@ -44,7 +44,7 @@ create or replace procedure createHsOfficeContactTestData(
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
call createHsOfficeContactTestData(intToVarChar(t, 4) || '#' || t);
|
||||
call createHsOfficeContactTestData(basis.intToVarChar(t, 4) || '#' || t);
|
||||
commit;
|
||||
end loop;
|
||||
end; $$;
|
||||
|
||||
@ -21,9 +21,9 @@ declare
|
||||
begin
|
||||
fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName);
|
||||
emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com';
|
||||
call defineContext('creating person test-data');
|
||||
call basis.defineContext('creating person test-data');
|
||||
perform createRbacUser(emailAddr);
|
||||
call defineContext('creating person test-data', null, emailAddr);
|
||||
call basis.defineContext('creating person test-data', null, emailAddr);
|
||||
|
||||
raise notice 'creating test person: % by %', fullName, emailAddr;
|
||||
insert
|
||||
@ -43,7 +43,7 @@ create or replace procedure createTestPersonTestData(
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
call createHsOfficePersonTestData('LP', intToVarChar(t, 4));
|
||||
call createHsOfficePersonTestData('LP', basis.intToVarChar(t, 4));
|
||||
commit;
|
||||
end loop;
|
||||
end; $$;
|
||||
|
||||
@ -163,7 +163,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_person;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_person
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -69,8 +69,8 @@ declare
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
select p.* from hs_office_person p where tradeName = intToVarChar(t, 4) into person;
|
||||
select c.* from hs_office_contact c where c.caption = intToVarChar(t, 4) || '#' || t into contact;
|
||||
select p.* from hs_office_person p where tradeName = basis.intToVarChar(t, 4) into person;
|
||||
select c.* from hs_office_contact c where c.caption = basis.intToVarChar(t, 4) || '#' || t into contact;
|
||||
|
||||
call createHsOfficeRelationTestData(person.uuid, contact.uuid, 'REPRESENTATIVE');
|
||||
commit;
|
||||
@ -85,7 +85,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsOfficeRelationTestData('First GmbH', 'PARTNER', 'Hostsharing eG', 'first contact');
|
||||
call createHsOfficeRelationTestData('Firby', 'REPRESENTATIVE', 'First GmbH', 'first contact');
|
||||
|
||||
@ -166,7 +166,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_partner permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_partner permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -70,7 +70,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -39,7 +39,7 @@ ALTER TABLE hs_office_partner_legacy_id
|
||||
--changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL defineContext('schema-migration');
|
||||
CALL basis.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_partner_legacy_id(uuid, bp_id)
|
||||
SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner;
|
||||
--/
|
||||
|
||||
@ -71,7 +71,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsOfficePartnerTestData('Hostsharing eG', 10001, 'First GmbH', 'first contact');
|
||||
call createHsOfficePartnerTestData('Hostsharing eG', 10002, 'Second e.K.', 'second contact');
|
||||
|
||||
@ -15,7 +15,7 @@ declare
|
||||
begin
|
||||
emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com';
|
||||
perform createRbacUser(emailAddr);
|
||||
call defineContext('creating bankaccount test-data', null, emailAddr);
|
||||
call basis.defineContext('creating bankaccount test-data', null, emailAddr);
|
||||
|
||||
raise notice 'creating test bankaccount: %', givenHolder;
|
||||
insert
|
||||
@ -31,7 +31,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating bankaccount test-data');
|
||||
call basis.defineContext('creating bankaccount test-data');
|
||||
|
||||
-- IBANs+BICs taken from https://ibanvalidieren.de/beispiele.html
|
||||
call createHsOfficeBankAccountTestData('First GmbH', 'DE02120300000000202051', 'BYLADEM1001');
|
||||
|
||||
@ -139,7 +139,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -50,7 +50,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsOfficeDebitorTestData(11, 'First GmbH', 'first contact', 'fir');
|
||||
call createHsOfficeDebitorTestData(12, 'Second e.K.', 'second contact', 'sec');
|
||||
|
||||
@ -114,7 +114,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_relation;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_relation
|
||||
WHERE type = 'DEBITOR'
|
||||
|
||||
@ -41,7 +41,7 @@ ALTER TABLE hs_office_sepamandate_legacy_id
|
||||
--changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL defineContext('schema-migration');
|
||||
CALL basis.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id)
|
||||
SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate;
|
||||
--/
|
||||
|
||||
@ -43,7 +43,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsOfficeSepaMandateTestData(10001, '11', 'DE02120300000000202051', 'ref-10001-11');
|
||||
call createHsOfficeSepaMandateTestData(10002, '12', 'DE02100500000054540402', 'ref-10002-12');
|
||||
|
||||
@ -101,7 +101,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_membership permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_membership permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -33,7 +33,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsOfficeMembershipTestData(10001, '01');
|
||||
call createHsOfficeMembershipTestData(10002, '02');
|
||||
|
||||
@ -77,7 +77,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_membership;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_membership
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopsharestransaction_legacy_id
|
||||
--changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL defineContext('schema-migration');
|
||||
CALL basis.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id)
|
||||
SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction;
|
||||
--/
|
||||
|
||||
@ -43,7 +43,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating coopSharesTransaction test-data');
|
||||
call basis.defineContext('creating coopSharesTransaction test-data');
|
||||
SET CONSTRAINTS ALL DEFERRED;
|
||||
|
||||
call createHsOfficeCoopSharesTransactionTestData(10001, '01');
|
||||
|
||||
@ -77,7 +77,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_membership;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
|
||||
call basis.defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_membership
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopassetstransaction_legacy_id
|
||||
--changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL defineContext('schema-migration');
|
||||
CALL basis.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id)
|
||||
SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction;
|
||||
--/
|
||||
|
||||
@ -43,7 +43,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating coopAssetsTransaction test-data');
|
||||
call basis.defineContext('creating coopAssetsTransaction test-data');
|
||||
SET CONSTRAINTS ALL DEFERRED;
|
||||
|
||||
call createHsOfficeCoopAssetsTransactionTestData(10001, '01');
|
||||
|
||||
@ -108,7 +108,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_relation;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
|
||||
call basis.defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_relation
|
||||
WHERE type = 'DEBITOR'
|
||||
|
||||
@ -39,7 +39,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsBookingProjectTransactionTestData(10001, '11');
|
||||
call createHsBookingProjectTransactionTestData(10002, '12');
|
||||
|
||||
@ -107,7 +107,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
@ -150,7 +150,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_booking_project;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_booking_project
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -47,7 +47,7 @@ do language plpgsql $$
|
||||
declare
|
||||
currentTask text;
|
||||
begin
|
||||
call defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsBookingItemTransactionTestData(10001, '11');
|
||||
call createHsBookingItemTransactionTestData(10002, '12');
|
||||
|
||||
@ -107,7 +107,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row global;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM global
|
||||
-- unconditional for all rows in that table
|
||||
@ -150,7 +150,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_booking_project;
|
||||
begin
|
||||
call defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_booking_project
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -91,7 +91,7 @@ begin
|
||||
when 'IPV4_NUMBER' then null
|
||||
when 'IPV6_NUMBER' then null
|
||||
|
||||
else raiseException(format('[400] unknown asset type %s', NEW.type::text))
|
||||
else basis.raiseException(format('[400] unknown asset type %s', NEW.type::text))
|
||||
end);
|
||||
|
||||
if expectedParentType is not null and actualParentType is null then
|
||||
|
||||
@ -30,7 +30,7 @@ declare
|
||||
pgSqlInstanceUuid uuid;
|
||||
PgSqlUserUuid uuid;
|
||||
begin
|
||||
call defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
select project.* into relatedProject
|
||||
from hs_booking_project project
|
||||
@ -110,7 +110,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'global#global:ADMIN');
|
||||
|
||||
call createHsHostingAssetTestData('D-1000111 default project');
|
||||
call createHsHostingAssetTestData('D-1000212 default project');
|
||||
|
||||
@ -1,4 +1,6 @@
|
||||
databaseChangeLog:
|
||||
- include:
|
||||
file: db/changelog/0-basis/000-basis-schema.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/001-last-row-count.sql
|
||||
- include:
|
||||
|
||||
@ -81,7 +81,7 @@ class ContextIntegrationTests {
|
||||
// then
|
||||
result.assertExceptionWithRootCauseMessage(
|
||||
jakarta.persistence.PersistenceException.class,
|
||||
"[401] user unknown@example.org given in `defineContext(...)` does not exist");
|
||||
"[401] user unknown@example.org given in `basis.defineContext(...)` does not exist");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -28,7 +28,7 @@ import static org.mockito.Mockito.verify;
|
||||
class ContextUnitTest {
|
||||
|
||||
private static final String DEFINE_CONTEXT_QUERY_STRING = """
|
||||
call defineContext(
|
||||
call basis.defineContext(
|
||||
cast(:currentTask as varchar(127)),
|
||||
cast(:currentRequest as text),
|
||||
cast(:currentUser as varchar(63)),
|
||||
|
||||
@ -146,7 +146,7 @@ class RbacRoleRepositoryIntegrationTest {
|
||||
|
||||
result.assertExceptionWithRootCauseMessage(
|
||||
JpaSystemException.class,
|
||||
"[401] currentSubjectsUuids cannot be determined, please call `defineContext(...)` with a valid user");
|
||||
"[401] currentSubjectsUuids cannot be determined, please call `basis.defineContext(...)` with a valid user");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user