hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

Compare commits

base: hostsharing:a4054b310da607ad45c0a9a2a9f74b11d1ea8a90
Branches Tags
hostsharing:master
hostsharing:feature/add-advanced-scenario-tests-for-coop-assets
hostsharing:feature/introduce-hasGlobalAdminRole-to-optimize-rbac-select-queries
hostsharing:office-rbac-revision
hostsharing:feature/introduce-global-agent-for-non-hostmaster-admins
hostsharing:spike/auto-build
hostsharing:java-for-gradlew
hostsharing:TP-202408-cors_webui
hostsharing:TP-202405-filtered_import
hostsharing:idea-bug-refactor-inline
hostsharing:api-vision
hostsharing:rbac-object-scope-to-replace-serial-id
hostsharing:office-related-spec-clarifications-and-amendmends
hostsharing:revert-upgrade-openapiprocessor-spring-back-to-2022-5
hostsharing:upgrade-io.openapiprocessoropenapi-processor-spring-to-2024.2
hostsharing:spike/JSonSerializerDeserializerForDTOs
hostsharing:spike/master-detail-for-customer-and-contacts
..
compare: hostsharing:ce40126e6b706eb32da48570231c844a41a89699
Branches Tags
hostsharing:feature/add-advanced-scenario-tests-for-coop-assets
hostsharing:feature/introduce-hasGlobalAdminRole-to-optimize-rbac-select-queries
hostsharing:master
hostsharing:office-rbac-revision
hostsharing:feature/introduce-global-agent-for-non-hostmaster-admins
hostsharing:spike/auto-build
hostsharing:java-for-gradlew
hostsharing:TP-202408-cors_webui
hostsharing:TP-202405-filtered_import
hostsharing:idea-bug-refactor-inline
hostsharing:api-vision
hostsharing:rbac-object-scope-to-replace-serial-id
hostsharing:office-related-spec-clarifications-and-amendmends
hostsharing:revert-upgrade-openapiprocessor-spring-back-to-2022-5
hostsharing:upgrade-io.openapiprocessoropenapi-processor-spring-to-2024.2
hostsharing:spike/JSonSerializerDeserializerForDTOs
hostsharing:spike/master-detail-for-customer-and-contacts

No commits in common. "a4054b310da607ad45c0a9a2a9f74b11d1ea8a90" and "ce40126e6b706eb32da48570231c844a41a89699" have entirely different histories.
a4054b310d ... ce40126e6b

19 changed files with 43 additions and 67 deletions
Show Stats Expand all files Collapse all files

2
src/main/java/net/hostsharing/hsadminng/rbac/test/cust/TestCustomerEntity.java
View File

@ -62,6 +62,6 @@ public class TestCustomerEntity implements BaseEntity<TestCustomerEntity> {
} }
public static void main(String[] args) throws IOException { public static void main(String[] args) throws IOException {
rbac().generateWithBaseFileName("2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac"); rbac().generateWithBaseFileName("2-test/201-test-customer/2013-test-customer-rbac");
} }
} }

2
src/main/java/net/hostsharing/hsadminng/rbac/test/dom/TestDomainEntity.java
View File

@ -68,6 +68,6 @@ public class TestDomainEntity implements BaseEntity<TestDomainEntity> {
} }
public static void main(String[] args) throws IOException { public static void main(String[] args) throws IOException {
rbac().generateWithBaseFileName("2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac"); rbac().generateWithBaseFileName("2-test/203-test-domain/2033-test-domain-rbac");
} }
} }

2
src/main/java/net/hostsharing/hsadminng/rbac/test/pac/TestPackageEntity.java
View File

@ -69,6 +69,6 @@ public class TestPackageEntity implements BaseEntity<TestPackageEntity> {
} }
public static void main(String[] args) throws IOException { public static void main(String[] args) throws IOException {
rbac().generateWithBaseFileName("2-rbactest/202-rbactest-package/2023-rbactest-package-rbac"); rbac().generateWithBaseFileName("2-test/202-test-package/2023-test-package-rbac");
} }
} }

8
src/main/resources/db/changelog/1-rbac/1050-rbac-base.sql
View File

@ -3,7 +3,9 @@
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbac-base-REFERENCE endDelimiter:--// --changeset michael.hoennig:rbac-base-REFERENCE endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/*
*/
create type rbac.ReferenceType as enum ('rbac.subject', 'rbac.role', 'rbac.permission'); create type rbac.ReferenceType as enum ('rbac.subject', 'rbac.role', 'rbac.permission');
create table rbac.reference create table rbac.reference
@ -118,20 +120,18 @@ create or replace function rbac.insert_related_object()
strict as $$ strict as $$
declare declare
objectUuid uuid; objectUuid uuid;
tableSchemaAndName text;
begin begin
tableSchemaAndName := base.combine_table_schema_and_name(TG_TABLE_SCHEMA, TG_TABLE_NAME);
if TG_OP = 'INSERT' then if TG_OP = 'INSERT' then
if NEW.uuid is null then if NEW.uuid is null then
insert insert
into rbac.object (objectTable) into rbac.object (objectTable)
values (tableSchemaAndName) values (TG_TABLE_NAME)
returning uuid into objectUuid; returning uuid into objectUuid;
NEW.uuid = objectUuid; NEW.uuid = objectUuid;
else else
insert insert
into rbac.object (uuid, objectTable) into rbac.object (uuid, objectTable)
values (NEW.uuid, tableSchemaAndName) values (NEW.uuid, TG_TABLE_NAME)
returning uuid into objectUuid; returning uuid into objectUuid;
end if; end if;
return NEW; return NEW;

54
src/main/resources/db/changelog/1-rbac/1058-rbac-generators.sql
View File

@ -8,40 +8,26 @@
create or replace procedure rbac.generateRelatedRbacObject(targetTable varchar) create or replace procedure rbac.generateRelatedRbacObject(targetTable varchar)
language plpgsql as $$ language plpgsql as $$
declare declare
targetTableName text;
targetSchemaPrefix text;
createInsertTriggerSQL text; createInsertTriggerSQL text;
createDeleteTriggerSQL text; createDeleteTriggerSQL text;
begin begin
if POSITION('.' IN targetTable) > 0 then
targetSchemaPrefix := SPLIT_PART(targetTable, '.', 1) || '.';
targetTableName := SPLIT_PART(targetTable, '.', 2);
else
targetSchemaPrefix := '';
targetTableName := targetTable;
end if;
if targetSchemaPrefix = '' and targetTableName = 'customer' then
raise exception 'missing targetShemaPrefix: %', targetTable;
end if;
createInsertTriggerSQL = format($sql$ createInsertTriggerSQL = format($sql$
create trigger createRbacObjectFor_%s_insert_tg_1058_25 create trigger createRbacObjectFor_%s_Trigger
before insert on %s%s before insert on %s
for each row for each row
execute procedure rbac.insert_related_object(); execute procedure rbac.insert_related_object();
$sql$, targetTableName, targetSchemaPrefix, targetTableName); $sql$, targetTable, targetTable);
execute createInsertTriggerSQL; execute createInsertTriggerSQL;
createDeleteTriggerSQL = format($sql$ createDeleteTriggerSQL = format($sql$
create trigger createRbacObjectFor_%s_delete_tg_1058_35 create trigger delete_related_rbac_rules_for_%s_tg
after delete on %s%s after delete
on %s
for each row for each row
execute procedure rbac.delete_related_rbac_rules_tf(); execute procedure rbac.delete_related_rbac_rules_tf();
$sql$, targetTableName, targetSchemaPrefix, targetTableName); $sql$, targetTable, targetTable);
execute createDeleteTriggerSQL; execute createDeleteTriggerSQL;
end; end; $$;
$$;
--// --//
@ -190,7 +176,7 @@ begin
*/ */
sql := format($sql$ sql := format($sql$
create or replace view %1$s_rv as create or replace view %1$s_rv as
with accessible_uuids as ( with accessible_%1$s_uuids as (
with recursive with recursive
recursive_grants as recursive_grants as
(select distinct rbac.grants.descendantuuid, (select distinct rbac.grants.descendantuuid,
@ -223,7 +209,7 @@ begin
) )
select target.* select target.*
from %1$s as target from %1$s as target
where target.uuid in (select * from accessible_uuids) where target.uuid in (select * from accessible_%1$s_uuids)
order by %2$s; order by %2$s;
grant all privileges on %1$s_rv to ${HSADMINNG_POSTGRES_RESTRICTED_USERNAME}; grant all privileges on %1$s_rv to ${HSADMINNG_POSTGRES_RESTRICTED_USERNAME};
@ -233,9 +219,9 @@ begin
/** /**
Instead of insert trigger function for the restricted view. Instead of insert trigger function for the restricted view.
*/ */
newColumns := 'new.' || replace(columnNames, ', ', ', new.'); newColumns := 'new.' || replace(columnNames, ',', ', new.');
sql := format($sql$ sql := format($sql$
create function %1$s_instead_of_insert_tf() create or replace function %1$sInsert()
returns trigger returns trigger
language plpgsql as $f$ language plpgsql as $f$
declare declare
@ -254,11 +240,11 @@ begin
Creates an instead of insert trigger for the restricted view. Creates an instead of insert trigger for the restricted view.
*/ */
sql := format($sql$ sql := format($sql$
create trigger instead_of_insert_tg create trigger %1$sInsert_tg
instead of insert instead of insert
on %1$s_rv on %1$s_rv
for each row for each row
execute function %1$s_instead_of_insert_tf(); execute function %1$sInsert();
$sql$, targetTable); $sql$, targetTable);
execute sql; execute sql;
@ -266,7 +252,7 @@ begin
Instead of delete trigger function for the restricted view. Instead of delete trigger function for the restricted view.
*/ */
sql := format($sql$ sql := format($sql$
create function %1$s_instead_of_delete_tf() create or replace function %1$sDelete()
returns trigger returns trigger
language plpgsql as $f$ language plpgsql as $f$
begin begin
@ -283,11 +269,11 @@ begin
Creates an instead of delete trigger for the restricted view. Creates an instead of delete trigger for the restricted view.
*/ */
sql := format($sql$ sql := format($sql$
create trigger instead_of_delete_tg create trigger %1$sDelete_tg
instead of delete instead of delete
on %1$s_rv on %1$s_rv
for each row for each row
execute function %1$s_instead_of_delete_tf(); execute function %1$sDelete();
$sql$, targetTable); $sql$, targetTable);
execute sql; execute sql;
@ -297,7 +283,7 @@ begin
*/ */
if columnUpdates is not null then if columnUpdates is not null then
sql := format($sql$ sql := format($sql$
create function %1$s_instead_of_update_tf() create or replace function %1$sUpdate()
returns trigger returns trigger
language plpgsql as $f$ language plpgsql as $f$
begin begin
@ -316,11 +302,11 @@ begin
Creates an instead of delete trigger for the restricted view. Creates an instead of delete trigger for the restricted view.
*/ */
sql = format($sql$ sql = format($sql$
create trigger instead_of_update_tg create trigger %1$sUpdate_tg
instead of update instead of update
on %1$s_rv on %1$s_rv
for each row for each row
execute function %1$s_instead_of_update_tf(); execute function %1$sUpdate();
$sql$, targetTable); $sql$, targetTable);
execute sql; execute sql;
end if; end if;

8
src/main/resources/db/changelog/2-rbactest/200-rbactest-schema.sql
View File

@ -1,8 +0,0 @@
--liquibase formatted sql
-- ============================================================================
--changeset michael.hoennig:rbactest-SCHEMA endDelimiter:--//
-- ----------------------------------------------------------------------------
CREATE SCHEMA rbactest; -- just 'test' does not work, databasechangelog gets emptied or deleted
--//

2
src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2010-rbactest-customer.sql → src/main/resources/db/changelog/2-test/201-test-customer/2010-test-customer.sql
View File

@ -1,7 +1,7 @@
--liquibase formatted sql --liquibase formatted sql
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-customer-MAIN-TABLE endDelimiter:--// --changeset michael.hoennig:test-customer-MAIN-TABLE endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create table if not exists test_customer create table if not exists test_customer

0
src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.md → src/main/resources/db/changelog/2-test/201-test-customer/2013-test-customer-rbac.md
View File

0
src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql → src/main/resources/db/changelog/2-test/201-test-customer/2013-test-customer-rbac.sql
View File

4
src/main/resources/db/changelog/2-rbactest/201-rbactest-customer/2018-rbactest-customer-test-data.sql → src/main/resources/db/changelog/2-test/201-test-customer/2018-test-customer-test-data.sql
View File

@ -2,7 +2,7 @@
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-customer-TEST-DATA-GENERATOR endDelimiter:--// --changeset michael.hoennig:test-customer-TEST-DATA-GENERATOR endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Generates a customer reference number for a given test data counter. Generates a customer reference number for a given test data counter.
@ -67,7 +67,7 @@ end; $$;
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-customer-TEST-DATA-GENERATION context=dev,tc endDelimiter:--// --changeset michael.hoennig:test-customer-TEST-DATA-GENERATION context=dev,tc endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
do language plpgsql $$ do language plpgsql $$

2
src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2020-rbactest-package.sql → src/main/resources/db/changelog/2-test/202-test-package/2020-test-package.sql
View File

@ -1,7 +1,7 @@
--liquibase formatted sql --liquibase formatted sql
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-package-MAIN-TABLE endDelimiter:--// --changeset michael.hoennig:test-package-MAIN-TABLE endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create table if not exists test_package create table if not exists test_package

0
src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.md → src/main/resources/db/changelog/2-test/202-test-package/2023-test-package-rbac.md
View File

0
src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql → src/main/resources/db/changelog/2-test/202-test-package/2023-test-package-rbac.sql
View File

4
src/main/resources/db/changelog/2-rbactest/202-rbactest-package/2028-rbactest-package-test-data.sql → src/main/resources/db/changelog/2-test/202-test-package/2028-test-package-test-data.sql
View File

@ -1,7 +1,7 @@
--liquibase formatted sql --liquibase formatted sql
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-package-TEST-DATA-GENERATOR endDelimiter:--// --changeset michael.hoennig:test-package-TEST-DATA-GENERATOR endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Creates the given number of test packages for the given customer. Creates the given number of test packages for the given customer.
@ -59,7 +59,7 @@ $$;
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-package-TEST-DATA-GENERATION context=dev,tc endDelimiter:--// --changeset michael.hoennig:test-package-TEST-DATA-GENERATION context=dev,tc endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
do language plpgsql $$ do language plpgsql $$

2
src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2030-rbactest-domain.sql → src/main/resources/db/changelog/2-test/203-test-domain/2030-test-domain.sql
View File

@ -1,7 +1,7 @@
--liquibase formatted sql --liquibase formatted sql
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:rbactest-domain-MAIN-TABLE endDelimiter:--// --changeset michael.hoennig:test-domain-MAIN-TABLE endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create table if not exists test_domain create table if not exists test_domain

0
src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.md → src/main/resources/db/changelog/2-test/203-test-domain/2033-test-domain-rbac.md
View File

0
src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql → src/main/resources/db/changelog/2-test/203-test-domain/2033-test-domain-rbac.sql
View File

0
src/main/resources/db/changelog/2-rbactest/203-rbactest-domain/2038-rbactest-domain-test-data.sql → src/main/resources/db/changelog/2-test/203-test-domain/2038-test-domain-test-data.sql
View File

20
src/main/resources/db/changelog/db.changelog-master.yaml
View File

@ -50,25 +50,23 @@ databaseChangeLog:
- include: - include:
file: db/changelog/1-rbac/1080-rbac-global.sql file: db/changelog/1-rbac/1080-rbac-global.sql
- include: - include:
file: db/changelog/2-rbactest/200-rbactest-schema.sql file: db/changelog/2-test/201-test-customer/2010-test-customer.sql
- include: - include:
file: db/changelog/2-rbactest/201-rbactest-customer/2010-rbactest-customer.sql file: db/changelog/2-test/201-test-customer/2013-test-customer-rbac.sql
- include: - include:
file: db/changelog/2-rbactest/201-rbactest-customer/2013-rbactest-customer-rbac.sql file: db/changelog/2-test/201-test-customer/2018-test-customer-test-data.sql
- include: - include:
file: db/changelog/2-rbactest/201-rbactest-customer/2018-rbactest-customer-test-data.sql file: db/changelog/2-test/202-test-package/2020-test-package.sql
- include: - include:
file: db/changelog/2-rbactest/202-rbactest-package/2020-rbactest-package.sql file: db/changelog/2-test/202-test-package/2023-test-package-rbac.sql
- include: - include:
file: db/changelog/2-rbactest/202-rbactest-package/2023-rbactest-package-rbac.sql file: db/changelog/2-test/202-test-package/2028-test-package-test-data.sql
- include: - include:
file: db/changelog/2-rbactest/202-rbactest-package/2028-rbactest-package-test-data.sql file: db/changelog/2-test/203-test-domain/2030-test-domain.sql
- include: - include:
file: db/changelog/2-rbactest/203-rbactest-domain/2030-rbactest-domain.sql file: db/changelog/2-test/203-test-domain/2033-test-domain-rbac.sql
- include: - include:
file: db/changelog/2-rbactest/203-rbactest-domain/2033-rbactest-domain-rbac.sql file: db/changelog/2-test/203-test-domain/2038-test-domain-test-data.sql
- include:
file: db/changelog/2-rbactest/203-rbactest-domain/2038-rbactest-domain-test-data.sql
- include: - include:
file: db/changelog/5-hs-office/501-contact/5010-hs-office-contact.sql file: db/changelog/5-hs-office/501-contact/5010-hs-office-contact.sql
- include: - include: