hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 3 Activity

Compare commits

base: hostsharing:de570c3dd425125ed6f9c0f98664d47db4967295
Branches Tags
hostsharing:master
hostsharing:TP-20240927-importfixes
hostsharing:add-hsoting-asset-to-booking-item-resource-and-created-event
hostsharing:spike/auto-build
hostsharing:office-rbac-revision
hostsharing:java-for-gradlew
hostsharing:TP-202408-cors_webui
hostsharing:TP-202405-filtered_import
hostsharing:idea-bug-refactor-inline
hostsharing:api-vision
hostsharing:rbac-object-scope-to-replace-serial-id
hostsharing:office-related-spec-clarifications-and-amendmends
hostsharing:revert-upgrade-openapiprocessor-spring-back-to-2022-5
hostsharing:upgrade-io.openapiprocessoropenapi-processor-spring-to-2024.2
hostsharing:spike/JSonSerializerDeserializerForDTOs
hostsharing:spike/master-detail-for-customer-and-contacts
..
compare: hostsharing:d1c8c30d8b6a40545d73bed405cf263e01dbc151
Branches Tags
hostsharing:TP-20240927-importfixes
hostsharing:add-hsoting-asset-to-booking-item-resource-and-created-event
hostsharing:master
hostsharing:spike/auto-build
hostsharing:office-rbac-revision
hostsharing:java-for-gradlew
hostsharing:TP-202408-cors_webui
hostsharing:TP-202405-filtered_import
hostsharing:idea-bug-refactor-inline
hostsharing:api-vision
hostsharing:rbac-object-scope-to-replace-serial-id
hostsharing:office-related-spec-clarifications-and-amendmends
hostsharing:revert-upgrade-openapiprocessor-spring-back-to-2022-5
hostsharing:upgrade-io.openapiprocessoropenapi-processor-spring-to-2024.2
hostsharing:spike/JSonSerializerDeserializerForDTOs
hostsharing:spike/master-detail-for-customer-and-contacts

No commits in common. "de570c3dd425125ed6f9c0f98664d47db4967295" and "d1c8c30d8b6a40545d73bed405cf263e01dbc151" have entirely different histories.
de570c3dd4 ... d1c8c30d8b

4 changed files with 12 additions and 13 deletions
Show Stats Expand all files Collapse all files

15
src/main/resources/db/changelog/1-rbac/1050-rbac-base.sql
View File

@ -142,9 +142,8 @@ end; $$;
/* /*
Deletes related rbac.object for use in the BEFORE DELETE TRIGGERs on the business objects. Deletes related rbac.object for use in the BEFORE DELETE TRIGGERs on the business objects.
Through cascades all related rbac roles and grants are going to be deleted as well.
*/ */
create or replace function rbac.delete_related_rbac_rules_tf() create or replace function deleteRelatedRbacObject()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
@ -165,13 +164,13 @@ end; $$;
*/ */
create type rbac.RoleType as enum ('OWNER', 'ADMIN', 'AGENT', 'TENANT', 'GUEST', 'REFERRER'); create type RbacRoleType as enum ('OWNER', 'ADMIN', 'AGENT', 'TENANT', 'GUEST', 'REFERRER');
create table rbac.role create table rbac.role
( (
uuid uuid primary key references rbac.reference (uuid) on delete cascade initially deferred, -- initially deferred uuid uuid primary key references rbac.reference (uuid) on delete cascade initially deferred, -- initially deferred
objectUuid uuid not null references rbac.object (uuid) initially deferred, objectUuid uuid not null references rbac.object (uuid) initially deferred,
roleType rbac.RoleType not null, roleType RbacRoleType not null,
unique (objectUuid, roleType) unique (objectUuid, roleType)
); );
@ -181,7 +180,7 @@ create type RbacRoleDescriptor as
( (
objectTable varchar(63), -- for human readability and easier debugging objectTable varchar(63), -- for human readability and easier debugging
objectUuid uuid, objectUuid uuid,
roleType rbac.RoleType, roleType RbacRoleType,
assumed boolean assumed boolean
); );
@ -201,13 +200,13 @@ $$;
create or replace function roleDescriptor( create or replace function roleDescriptor(
objectTable varchar(63), objectUuid uuid, roleType rbac.RoleType, objectTable varchar(63), objectUuid uuid, roleType RbacRoleType,
assumed boolean = true) -- just for DSL readability, belongs actually to the grant assumed boolean = true) -- just for DSL readability, belongs actually to the grant
returns RbacRoleDescriptor returns RbacRoleDescriptor
returns null on null input returns null on null input
stable -- leakproof stable -- leakproof
language sql as $$ language sql as $$
select objectTable, objectUuid, roleType::rbac.RoleType, assumed; select objectTable, objectUuid, roleType::RbacRoleType, assumed;
$$; $$;
create or replace function createRole(roleDescriptor RbacRoleDescriptor) create or replace function createRole(roleDescriptor RbacRoleDescriptor)
@ -243,7 +242,7 @@ create or replace function findRoleId(roleIdName varchar)
language plpgsql as $$ language plpgsql as $$
declare declare
roleParts text; roleParts text;
roleTypeFromRoleIdName rbac.RoleType; roleTypeFromRoleIdName RbacRoleType;
objectNameFromRoleIdName text; objectNameFromRoleIdName text;
objectTableFromRoleIdName text; objectTableFromRoleIdName text;
objectUuidOfRole uuid; objectUuidOfRole uuid;

2
src/main/resources/db/changelog/1-rbac/1054-rbac-context.sql
View File

@ -33,7 +33,7 @@ declare
objectTableToAssume varchar(63); objectTableToAssume varchar(63);
objectNameToAssume varchar(63); objectNameToAssume varchar(63);
objectUuidToAssume uuid; objectUuidToAssume uuid;
roleTypeToAssume rbac.RoleType; roleTypeToAssume RbacRoleType;
roleIdsToAssume uuid[]; roleIdsToAssume uuid[];
roleUuidToAssume uuid; roleUuidToAssume uuid;
begin begin

4
src/main/resources/db/changelog/1-rbac/1058-rbac-generators.sql
View File

@ -20,11 +20,11 @@ begin
execute createInsertTriggerSQL; execute createInsertTriggerSQL;
createDeleteTriggerSQL = format($sql$ createDeleteTriggerSQL = format($sql$
create trigger delete_related_rbac_rules_for_%s_tg create trigger deleteRbacRulesFor_%s_Trigger
after delete after delete
on %s on %s
for each row for each row
execute procedure rbac.delete_related_rbac_rules_tf(); execute procedure deleteRelatedRbacObject();
$sql$, targetTable, targetTable); $sql$, targetTable, targetTable);
execute createDeleteTriggerSQL; execute createDeleteTriggerSQL;
end; $$; end; $$;

4
src/main/resources/db/changelog/1-rbac/1080-rbac-global.sql
View File

@ -114,7 +114,7 @@ create or replace function globalAdmin(assumed boolean = true)
returns null on null input returns null on null input
stable -- leakproof stable -- leakproof
language sql as $$ language sql as $$
select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.global'), 'ADMIN'::rbac.RoleType, assumed; select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.global'), 'ADMIN'::RbacRoleType, assumed;
$$; $$;
begin transaction; begin transaction;
@ -135,7 +135,7 @@ create or replace function globalGuest(assumed boolean = true)
returns null on null input returns null on null input
stable -- leakproof stable -- leakproof
language sql as $$ language sql as $$
select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.global'), 'GUEST'::rbac.RoleType, assumed; select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.global'), 'GUEST'::RbacRoleType, assumed;
$$; $$;
begin transaction; begin transaction;