introduce separate database-schemas base+rbac #103
@ -24,13 +24,13 @@ delete from hs_hosting_asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::
|
||||
commit;
|
||||
|
||||
-- single version at point in time
|
||||
-- set hsadminng.tx_history_txid to (select max(txid) from basis.tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
|
||||
-- set hsadminng.tx_history_txid to (select max(txid) from base.tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
|
||||
set hsadminng.tx_history_txid to '';
|
||||
set hsadminng.tx_history_timestamp to '2024-08-29 12:42';
|
||||
-- all versions
|
||||
select tx_history_txid(), txc.txtimestamp, txc.currentSubject, txc.currentTask, haex.*
|
||||
from hs_hosting_asset_ex haex
|
||||
join basis.tx_context txc on haex.txid=txc.txid
|
||||
join base.tx_context txc on haex.txid=txc.txid
|
||||
where haex.identifier = 'test@thi.example.org';
|
||||
|
||||
select uuid, version, type, identifier, caption from hs_hosting_asset_hv p where identifier = 'test@thi.example.org';
|
||||
|
||||
@ -54,7 +54,7 @@ public class Context {
|
||||
final String currentSubject,
|
||||
final String assumedRoles) {
|
||||
final var query = em.createNativeQuery("""
|
||||
call basis.defineContext(
|
||||
call base.defineContext(
|
||||
cast(:currentTask as varchar(127)),
|
||||
cast(:currentRequest as text),
|
||||
cast(:currentSubject as varchar(63)),
|
||||
@ -72,7 +72,7 @@ public class Context {
|
||||
}
|
||||
|
||||
public String fetchCurrentSubject() {
|
||||
return String.valueOf(em.createNativeQuery("select basis.currentSubject()").getSingleResult());
|
||||
return String.valueOf(em.createNativeQuery("select base.currentSubject()").getSingleResult());
|
||||
}
|
||||
|
||||
public UUID fetchCurrentSubjectUuid() {
|
||||
@ -80,7 +80,7 @@ public class Context {
|
||||
}
|
||||
|
||||
public String[] fetchAssumedRoles() {
|
||||
return (String[]) em.createNativeQuery("select basis.assumedRoles() as roles", String[].class).getSingleResult();
|
||||
return (String[]) em.createNativeQuery("select base.assumedRoles() as roles", String[].class).getSingleResult();
|
||||
}
|
||||
|
||||
public UUID[] fetchCurrentSubjectOrAssumedRolesUuids() {
|
||||
|
||||
@ -67,7 +67,7 @@ public class InsertTriggerGenerator {
|
||||
declare
|
||||
row ${rawSuperTable};
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
|
||||
call base.defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
|
||||
|
||||
FOR row IN SELECT * FROM ${rawSuperTable}
|
||||
${whenCondition}
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset basis-SCHEMA:1 endDelimiter:--//
|
||||
--changeset base-SCHEMA:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
CREATE SCHEMA basis;
|
||||
CREATE SCHEMA base;
|
||||
--//
|
||||
@ -8,7 +8,7 @@
|
||||
Returns the row count from the result of the previous query.
|
||||
Other than the native statement it's usable in an expression.
|
||||
*/
|
||||
create or replace function basis.lastRowCount()
|
||||
create or replace function base.lastRowCount()
|
||||
returns bigint
|
||||
language plpgsql as $$
|
||||
declare
|
||||
@ -8,10 +8,10 @@
|
||||
Returns a textual representation of an integer number to be used as generated test data.
|
||||
|
||||
Examples :
|
||||
basis.intToVarChar(0, 3) => 'aaa'
|
||||
basis.intToVarChar(1, 3) => 'aab'
|
||||
base.intToVarChar(0, 3) => 'aaa'
|
||||
base.intToVarChar(1, 3) => 'aab'
|
||||
*/
|
||||
create or replace function basis.intToVarChar(i integer, len integer)
|
||||
create or replace function base.intToVarChar(i integer, len integer)
|
||||
returns varchar
|
||||
language plpgsql as $$
|
||||
declare
|
||||
@ -19,7 +19,7 @@ declare
|
||||
begin
|
||||
select chr(ascii('a') + i % 26) into partial;
|
||||
if len > 1 then
|
||||
return basis.intToVarChar(i / 26, len - 1) || partial;
|
||||
return base.intToVarChar(i / 26, len - 1) || partial;
|
||||
else
|
||||
return partial;
|
||||
end if;
|
||||
@ -10,9 +10,9 @@
|
||||
to be used for test data generation.
|
||||
|
||||
Example:
|
||||
basis.randomInRange(0, 4) might return any of 0, 1, 2, 3, 4
|
||||
base.randomInRange(0, 4) might return any of 0, 1, 2, 3, 4
|
||||
*/
|
||||
create or replace function basis.randomInRange(min integer, max integer)
|
||||
create or replace function base.randomInRange(min integer, max integer)
|
||||
returns integer
|
||||
returns null on null input
|
||||
language 'plpgsql' as $$
|
||||
@ -9,7 +9,7 @@
|
||||
This is a kind of right sided json diff.
|
||||
*/
|
||||
|
||||
create or replace function basis.jsonb_changes_delta(oldJson jsonb, newJson jsonb)
|
||||
create or replace function base.jsonb_changes_delta(oldJson jsonb, newJson jsonb)
|
||||
returns jsonb
|
||||
called on null input
|
||||
language plpgsql as $$
|
||||
@ -31,7 +31,7 @@ begin
|
||||
if jsonb_typeof(newJson -> (oldJsonElement.key)) = 'object' then
|
||||
diffJson = diffJson ||
|
||||
jsonb_build_object(oldJsonElement.key,
|
||||
basis.jsonb_changes_delta(oldJsonElement.value, newJson -> (oldJsonElement.key)));
|
||||
base.jsonb_changes_delta(oldJsonElement.value, newJson -> (oldJsonElement.key)));
|
||||
end if;
|
||||
else
|
||||
diffJson = diffJson || jsonb_build_object(oldJsonElement.key, null);
|
||||
@ -49,30 +49,30 @@ do language plpgsql $$
|
||||
actual text;
|
||||
begin
|
||||
|
||||
select basis.jsonb_changes_delta(null::jsonb, null::jsonb) into actual;
|
||||
select base.jsonb_changes_delta(null::jsonb, null::jsonb) into actual;
|
||||
if actual is not null then
|
||||
raise exception 'jsonb_diff #1 failed:% expected: %,% actually: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select basis.jsonb_changes_delta(null::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
select base.jsonb_changes_delta(null::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
expected := '{"a": "new"}'::jsonb;
|
||||
if actual <> expected then
|
||||
raise exception 'jsonb_diff #2 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select basis.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
select base.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "new"}'::jsonb) into actual;
|
||||
expected := '{"a": "new"}'::jsonb;
|
||||
if actual <> expected then
|
||||
raise exception 'jsonb_diff #3 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select basis.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "old"}'::jsonb) into actual;
|
||||
select base.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "old"}'::jsonb) into actual;
|
||||
expected := '{}'::jsonb;
|
||||
if actual <> expected then
|
||||
raise exception 'jsonb_diff #4 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
|
||||
end if;
|
||||
|
||||
select basis.jsonb_changes_delta(
|
||||
select base.jsonb_changes_delta(
|
||||
$json${
|
||||
"a": "same",
|
||||
"b": "old",
|
||||
@ -6,7 +6,7 @@
|
||||
--changeset numeric-hash-functions:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create function basis.bigIntHash(text) returns bigint as $$
|
||||
create function base.bigIntHash(text) returns bigint as $$
|
||||
select ('x'||substr(md5($1),1,16))::bit(64)::bigint;
|
||||
$$ language sql;
|
||||
--//
|
||||
@ -6,7 +6,7 @@
|
||||
--changeset table-columns-function:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create or replace function basis.tableColumnNames( tableName text )
|
||||
create or replace function base.tableColumnNames( tableName text )
|
||||
returns text
|
||||
stable
|
||||
language 'plpgsql' as $$
|
||||
@ -6,7 +6,7 @@
|
||||
/*
|
||||
Like `RAISE EXCEPTION` ... just as an expression instead of a statement.
|
||||
*/
|
||||
create or replace function basis.raiseException(msg text)
|
||||
create or replace function base.raiseException(msg text)
|
||||
returns varchar
|
||||
language plpgsql as $$
|
||||
begin
|
||||
@ -21,7 +21,7 @@ end; $$;
|
||||
/*
|
||||
Like `ASSERT` but as an expression instead of a statement.
|
||||
*/
|
||||
create or replace function basis.assertTrue(expectedTrue boolean, msg text)
|
||||
create or replace function base.assertTrue(expectedTrue boolean, msg text)
|
||||
returns boolean
|
||||
language plpgsql as $$
|
||||
begin
|
||||
@ -9,7 +9,7 @@
|
||||
Callback which is called after the context has been (re-) defined.
|
||||
This function will be overwritten by later changesets.
|
||||
*/
|
||||
create procedure basis.contextDefined(
|
||||
create procedure base.contextDefined(
|
||||
currentTask varchar(127),
|
||||
currentRequest text,
|
||||
currentSubject varchar(63),
|
||||
@ -22,7 +22,7 @@ end; $$;
|
||||
/*
|
||||
Defines the transaction context.
|
||||
*/
|
||||
create or replace procedure basis.defineContext(
|
||||
create or replace procedure base.defineContext(
|
||||
currentTask varchar(127),
|
||||
currentRequest text = null,
|
||||
currentSubject varchar(63) = null,
|
||||
@ -46,7 +46,7 @@ begin
|
||||
assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles);
|
||||
execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
|
||||
|
||||
call basis.contextDefined(currentTask, currentRequest, currentSubject, assumedRoles);
|
||||
call base.contextDefined(currentTask, currentRequest, currentSubject, assumedRoles);
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
@ -58,7 +58,7 @@ end; $$;
|
||||
Returns the current task as set by `hsadminng.currentTask`.
|
||||
Raises exception if not set.
|
||||
*/
|
||||
create or replace function basis.currentTask()
|
||||
create or replace function base.currentTask()
|
||||
returns varchar(127)
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
@ -72,7 +72,7 @@ begin
|
||||
currentTask := null;
|
||||
end;
|
||||
if (currentTask is null or currentTask = '') then
|
||||
raise exception '[401] currentTask must be defined, please call `basis.defineContext(...)`';
|
||||
raise exception '[401] currentTask must be defined, please call `base.defineContext(...)`';
|
||||
end if;
|
||||
return currentTask;
|
||||
end; $$;
|
||||
@ -83,10 +83,10 @@ end; $$;
|
||||
--changeset context-CURRENT-REQUEST:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the current http request as set via `basis.defineContext(...)`.
|
||||
Returns the current http request as set via `base.defineContext(...)`.
|
||||
Raises exception if not set.
|
||||
*/
|
||||
create or replace function basis.currentRequest()
|
||||
create or replace function base.currentRequest()
|
||||
returns text
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
@ -108,9 +108,9 @@ end; $$;
|
||||
--changeset context-current-subject:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the current user as defined by `basis.defineContext(...)`.
|
||||
Returns the current user as defined by `base.defineContext(...)`.
|
||||
*/
|
||||
create or replace function basis.currentSubject() -- FIXME: move to schema rbac?
|
||||
create or replace function base.currentSubject() -- FIXME: move to schema rbac?
|
||||
returns varchar(63)
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
@ -134,7 +134,7 @@ end; $$;
|
||||
Returns assumed role names as set in `hsadminng.assumedRoles`
|
||||
or empty array, if not set.
|
||||
*/
|
||||
create or replace function basis.assumedRoles()
|
||||
create or replace function base.assumedRoles()
|
||||
returns varchar(1023)[]
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
@ -213,11 +213,11 @@ create or replace function currentSubjects()
|
||||
declare
|
||||
assumedRoles varchar(1023)[];
|
||||
begin
|
||||
assumedRoles := basis.assumedRoles();
|
||||
assumedRoles := base.assumedRoles();
|
||||
if array_length(assumedRoles, 1) > 0 then
|
||||
return assumedRoles;
|
||||
else
|
||||
return array [basis.currentSubject()]::varchar(1023)[];
|
||||
return array [base.currentSubject()]::varchar(1023)[];
|
||||
end if;
|
||||
end; $$;
|
||||
|
||||
@ -226,7 +226,7 @@ create or replace function hasAssumedRole()
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
begin
|
||||
return array_length(basis.assumedRoles(), 1) > 0;
|
||||
return array_length(base.assumedRoles(), 1) > 0;
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
@ -21,7 +21,7 @@ do $$
|
||||
/*
|
||||
A table storing transactions with context data.
|
||||
*/
|
||||
create table basis.tx_context
|
||||
create table base.tx_context
|
||||
(
|
||||
txId xid8 primary key not null,
|
||||
txTimestamp timestamp not null,
|
||||
@ -31,7 +31,7 @@ create table basis.tx_context
|
||||
currentRequest text not null
|
||||
);
|
||||
|
||||
create index on basis.tx_context using brin (txTimestamp);
|
||||
create index on base.tx_context using brin (txTimestamp);
|
||||
--//
|
||||
|
||||
-- ============================================================================
|
||||
@ -40,28 +40,28 @@ create index on basis.tx_context using brin (txTimestamp);
|
||||
/*
|
||||
A table storing the transaction audit journal for all target tables it's configured for.
|
||||
*/
|
||||
create table basis.tx_journal
|
||||
create table base.tx_journal
|
||||
(
|
||||
txId xid8 not null references basis.tx_context (txId),
|
||||
txId xid8 not null references base.tx_context (txId),
|
||||
targetTable text not null,
|
||||
targetUuid uuid not null, -- Assumes that all audited tables have a uuid column.
|
||||
targetOp operation not null,
|
||||
targetDelta jsonb
|
||||
);
|
||||
|
||||
create index on basis.tx_journal (targetTable, targetUuid);
|
||||
create index on base.tx_journal (targetTable, targetUuid);
|
||||
--//
|
||||
|
||||
-- ============================================================================
|
||||
--changeset audit-TX-JOURNAL-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
A view combining basis.tx_journal with basis.tx_context.
|
||||
A view combining base.tx_journal with base.tx_context.
|
||||
*/
|
||||
create view basis.tx_journal_v as
|
||||
create view base.tx_journal_v as
|
||||
select txc.*, txj.targettable, txj.targetop, txj.targetuuid, txj.targetdelta
|
||||
from basis.tx_journal txj
|
||||
left join basis.tx_context txc using (txId)
|
||||
from base.tx_journal txj
|
||||
left join base.tx_context txc using (txId)
|
||||
order by txc.txtimestamp;
|
||||
--//
|
||||
|
||||
@ -71,35 +71,35 @@ select txc.*, txj.targettable, txj.targetop, txj.targetuuid, txj.targetdelta
|
||||
/*
|
||||
Trigger function for transaction audit journal.
|
||||
*/
|
||||
create or replace function basis.tx_journal_trigger()
|
||||
create or replace function base.tx_journal_trigger()
|
||||
returns trigger
|
||||
language plpgsql as $$
|
||||
declare
|
||||
curTask text;
|
||||
curTxId xid8;
|
||||
begin
|
||||
curTask := basis.currentTask();
|
||||
curTask := base.currentTask();
|
||||
curTxId := pg_current_xact_id();
|
||||
|
||||
insert
|
||||
into basis.tx_context (txId, txTimestamp, currentSubject, assumedRoles, currentTask, currentRequest)
|
||||
into base.tx_context (txId, txTimestamp, currentSubject, assumedRoles, currentTask, currentRequest)
|
||||
values ( curTxId, now(),
|
||||
basis.currentSubject(), basis.assumedRoles(), curTask, basis.currentRequest())
|
||||
base.currentSubject(), base.assumedRoles(), curTask, base.currentRequest())
|
||||
on conflict do nothing;
|
||||
|
||||
case tg_op
|
||||
when 'INSERT' then insert
|
||||
into basis.tx_journal
|
||||
into base.tx_journal
|
||||
values (curTxId,
|
||||
tg_table_name, new.uuid, tg_op::operation,
|
||||
to_jsonb(new));
|
||||
when 'UPDATE' then insert
|
||||
into basis.tx_journal
|
||||
into base.tx_journal
|
||||
values (curTxId,
|
||||
tg_table_name, old.uuid, tg_op::operation,
|
||||
basis.jsonb_changes_delta(to_jsonb(old), to_jsonb(new)));
|
||||
base.jsonb_changes_delta(to_jsonb(old), to_jsonb(new)));
|
||||
when 'DELETE' then insert
|
||||
into basis.tx_journal
|
||||
into base.tx_journal
|
||||
values (curTxId,
|
||||
tg_table_name, old.uuid, 'DELETE'::operation,
|
||||
null::jsonb);
|
||||
@ -116,7 +116,7 @@ end; $$;
|
||||
Trigger function for transaction audit journal.
|
||||
*/
|
||||
|
||||
create or replace procedure basis.create_journal(targetTable varchar)
|
||||
create or replace procedure base.create_journal(targetTable varchar)
|
||||
language plpgsql as $$
|
||||
declare
|
||||
createTriggerSQL varchar;
|
||||
@ -126,7 +126,7 @@ begin
|
||||
-- "-0-" to put the trigger execution before any alphabetically greater tx-triggers
|
||||
createTriggerSQL = 'CREATE TRIGGER tx_0_journal_tg' ||
|
||||
' AFTER INSERT OR UPDATE OR DELETE ON ' || targetTable ||
|
||||
' FOR EACH ROW EXECUTE PROCEDURE basis.tx_journal_trigger()';
|
||||
' FOR EACH ROW EXECUTE PROCEDURE base.tx_journal_trigger()';
|
||||
execute createTriggerSQL;
|
||||
end; $$;
|
||||
--//
|
||||
@ -3,7 +3,7 @@
|
||||
-- ============================================================================
|
||||
--changeset hs-global-historization-tx-history-txid:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
create or replace function basis.tx_history_txid()
|
||||
create or replace function base.tx_history_txid()
|
||||
returns xid8 stable
|
||||
language plpgsql as $$
|
||||
declare
|
||||
@ -23,11 +23,11 @@ begin
|
||||
historicalTxIdSetting, historicalTimestampSetting;
|
||||
end if;
|
||||
-- just for debugging / making sure the function is only called once per query
|
||||
-- raise notice 'basis.tx_history_txid() called with: (%, %)', historicalTxIdSetting, historicalTimestampSetting;
|
||||
-- raise notice 'base.tx_history_txid() called with: (%, %)', historicalTxIdSetting, historicalTimestampSetting;
|
||||
|
||||
if historicalTxIdSetting is null or historicalTxIdSetting = '' then
|
||||
select historicalTimestampSetting::timestamp into historicalTimestamp;
|
||||
select max(txc.txid) from basis.tx_context txc where txc.txtimestamp <= historicalTimestamp into historicalTxId;
|
||||
select max(txc.txid) from base.tx_context txc where txc.txtimestamp <= historicalTimestamp into historicalTxId;
|
||||
else
|
||||
historicalTxId = historicalTxIdSetting::xid8;
|
||||
end if;
|
||||
@ -40,7 +40,7 @@ end; $$;
|
||||
--changeset hs-global-historization-tx-historicize-tf:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create type basis.tx_operation as enum ('INSERT', 'UPDATE', 'DELETE', 'TRUNCATE');
|
||||
create type base.tx_operation as enum ('INSERT', 'UPDATE', 'DELETE', 'TRUNCATE');
|
||||
|
||||
create or replace function tx_historicize_tf()
|
||||
returns trigger
|
||||
@ -95,7 +95,7 @@ end; $$;
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
|
||||
create or replace procedure basis.tx_create_historicization(baseTable varchar)
|
||||
create or replace procedure base.tx_create_historicization(baseTable varchar)
|
||||
language plpgsql as $$
|
||||
declare
|
||||
createHistTableSql varchar;
|
||||
@ -110,8 +110,8 @@ begin
|
||||
createHistTableSql = '' ||
|
||||
'CREATE TABLE ' || baseTable || '_ex (' ||
|
||||
' version_id serial PRIMARY KEY,' ||
|
||||
' txid xid8 NOT NULL REFERENCES basis.tx_context(txid),' ||
|
||||
' trigger_op basis.tx_operation NOT NULL,' ||
|
||||
' txid xid8 NOT NULL REFERENCES base.tx_context(txid),' ||
|
||||
' trigger_op base.tx_operation NOT NULL,' ||
|
||||
' alive boolean not null,' ||
|
||||
' LIKE ' || baseTable ||
|
||||
' EXCLUDING CONSTRAINTS' ||
|
||||
@ -131,8 +131,8 @@ begin
|
||||
createViewSQL = format(
|
||||
'CREATE OR REPLACE VIEW %1$s AS' ||
|
||||
'(' ||
|
||||
-- make sure the function is only called once, not for every matching row in basis.tx_context
|
||||
' WITH txh AS (SELECT basis.tx_history_txid() AS txid) ' ||
|
||||
-- make sure the function is only called once, not for every matching row in base.tx_context
|
||||
' WITH txh AS (SELECT base.tx_history_txid() AS txid) ' ||
|
||||
' SELECT %2$s' ||
|
||||
' FROM %3$s' ||
|
||||
' WHERE alive = TRUE' ||
|
||||
@ -140,7 +140,7 @@ begin
|
||||
' (' ||
|
||||
' SELECT max(ex.version_id) AS history_id' ||
|
||||
' FROM %3$s AS ex' ||
|
||||
' JOIN basis.tx_context as txc ON ex.txid = txc.txid' ||
|
||||
' JOIN base.tx_context as txc ON ex.txid = txc.txid' ||
|
||||
' WHERE txc.txid <= (SELECT txid FROM txh)' ||
|
||||
' GROUP BY uuid' ||
|
||||
' )' ||
|
||||
@ -44,7 +44,7 @@ create table rbac.subject
|
||||
name varchar(63) not null unique
|
||||
);
|
||||
|
||||
call basis.create_journal('rbac.subject');
|
||||
call base.create_journal('rbac.subject');
|
||||
|
||||
create or replace function rbac.create_subject(subjectName varchar)
|
||||
returns uuid
|
||||
@ -102,7 +102,7 @@ create table rbac.object
|
||||
unique (objectTable, uuid)
|
||||
);
|
||||
|
||||
call basis.create_journal('rbac.object');
|
||||
call base.create_journal('rbac.object');
|
||||
|
||||
--//
|
||||
|
||||
@ -174,7 +174,7 @@ create table RbacRole
|
||||
unique (objectUuid, roleType)
|
||||
);
|
||||
|
||||
call basis.create_journal('RbacRole');
|
||||
call base.create_journal('RbacRole');
|
||||
|
||||
create type RbacRoleDescriptor as
|
||||
(
|
||||
@ -379,7 +379,7 @@ create index on RbacPermission (opTableName, op);
|
||||
ALTER TABLE RbacPermission
|
||||
ADD CONSTRAINT RbacPermission_uc UNIQUE NULLS NOT DISTINCT (objectUuid, op, opTableName);
|
||||
|
||||
call basis.create_journal('RbacPermission');
|
||||
call base.create_journal('RbacPermission');
|
||||
|
||||
create or replace function createPermission(forObjectUuid uuid, forOp RbacOp, forOpTableName text = null)
|
||||
returns uuid
|
||||
@ -497,7 +497,7 @@ create table RbacGrants
|
||||
create index on RbacGrants (ascendantUuid);
|
||||
create index on RbacGrants (descendantUuid);
|
||||
|
||||
call basis.create_journal('RbacGrants');
|
||||
call base.create_journal('RbacGrants');
|
||||
create or replace function findGrantees(grantedId uuid)
|
||||
returns setof rbac.reference
|
||||
returns null on null input
|
||||
@ -741,7 +741,7 @@ begin
|
||||
AND obj.objectTable = forObjectTable
|
||||
LIMIT maxObjects+1;
|
||||
|
||||
foundRows = basis.lastRowCount();
|
||||
foundRows = base.lastRowCount();
|
||||
if foundRows > maxObjects then
|
||||
raise exception '[400] Too many accessible objects, limit is %, found %.', maxObjects, foundRows
|
||||
using
|
||||
|
||||
@ -12,8 +12,8 @@ declare
|
||||
currentSubjectOrAssumedRolesUuids uuid[];
|
||||
begin
|
||||
-- exactly one role must be assumed, not none not more than one
|
||||
if cardinality(basis.assumedRoles()) <> 1 then
|
||||
raise exception '[400] Granting roles to user is only possible if exactly one role is assumed, given: %', basis.assumedRoles();
|
||||
if cardinality(base.assumedRoles()) <> 1 then
|
||||
raise exception '[400] Granting roles to user is only possible if exactly one role is assumed, given: %', base.assumedRoles();
|
||||
end if;
|
||||
|
||||
currentSubjectOrAssumedRolesUuids := rbac.currentSubjectOrAssumedRolesUuids();
|
||||
|
||||
@ -18,7 +18,7 @@ begin
|
||||
|
||||
select uuid from rbac.subject where name = currentSubject into currentSubjectUuid;
|
||||
if currentSubjectUuid is null then
|
||||
raise exception '[401] subject % given in `basis.defineContext(...)` does not exist', currentSubject;
|
||||
raise exception '[401] subject % given in `base.defineContext(...)` does not exist', currentSubject;
|
||||
end if;
|
||||
return currentSubjectUuid;
|
||||
end; $$;
|
||||
@ -66,10 +66,10 @@ begin
|
||||
and r.roleType = roleTypeToAssume
|
||||
into roleUuidToAssume;
|
||||
if roleUuidToAssume is null then
|
||||
raise exception '[403] role % does not exist or is not accessible for subject %', roleName, basis.currentSubject();
|
||||
raise exception '[403] role % does not exist or is not accessible for subject %', roleName, base.currentSubject();
|
||||
end if;
|
||||
if not isGranted(currentSubjectOrAssumedRolesUuids, roleUuidToAssume) then
|
||||
raise exception '[403] subject % has no permission to assume role %', basis.currentSubject(), roleName;
|
||||
raise exception '[403] subject % has no permission to assume role %', base.currentSubject(), roleName;
|
||||
end if;
|
||||
roleIdsToAssume := roleIdsToAssume || roleUuidToAssume;
|
||||
end loop;
|
||||
@ -84,7 +84,7 @@ end; $$;
|
||||
Callback which is called after the context has been (re-) defined.
|
||||
This function will be overwritten by later changesets.
|
||||
*/
|
||||
create or replace procedure basis.contextDefined(
|
||||
create or replace procedure base.contextDefined(
|
||||
currentTask varchar(127),
|
||||
currentRequest text,
|
||||
currentSubject varchar(63),
|
||||
@ -114,7 +114,7 @@ end; $$;
|
||||
--changeset rbac-context-current-subject-ID:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the uuid of the current subject as set via `basis.defineContext(...)`.
|
||||
Returns the uuid of the current subject as set via `base.defineContext(...)`.
|
||||
*/
|
||||
|
||||
create or replace function rbac.currentSubjectUuid()
|
||||
@ -132,11 +132,11 @@ begin
|
||||
currentSubjectUuid := null;
|
||||
end;
|
||||
if (currentSubjectUuid is null or currentSubjectUuid = '') then
|
||||
currentSubjectName := basis.currentSubject();
|
||||
currentSubjectName := base.currentSubject();
|
||||
if (length(currentSubjectName) > 0) then
|
||||
raise exception '[401] currentSubjectUuid cannot be determined, unknown subject name "%"', currentSubjectName;
|
||||
else
|
||||
raise exception '[401] currentSubjectUuid cannot be determined, please call `basis.defineContext(...)` first;"';
|
||||
raise exception '[401] currentSubjectUuid cannot be determined, please call `base.defineContext(...)` first;"';
|
||||
end if;
|
||||
end if;
|
||||
return currentSubjectUuid::uuid;
|
||||
@ -147,8 +147,8 @@ end; $$;
|
||||
--changeset rbac-context-CURRENT-SUBJECT-UUIDS:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
/*
|
||||
Returns the uuid of the current subject as set via `basis.defineContext(...)`,
|
||||
or, if any, the uuids of all assumed roles as set via `basis.defineContext(...)`
|
||||
Returns the uuid of the current subject as set via `base.defineContext(...)`,
|
||||
or, if any, the uuids of all assumed roles as set via `base.defineContext(...)`
|
||||
or empty array, if context is not defined.
|
||||
*/
|
||||
create or replace function rbac.currentSubjectOrAssumedRolesUuids()
|
||||
@ -166,11 +166,11 @@ begin
|
||||
currentSubjectOrAssumedRolesUuids := null;
|
||||
end;
|
||||
if (currentSubjectOrAssumedRolesUuids is null or length(currentSubjectOrAssumedRolesUuids) = 0 ) then
|
||||
currentSubjectName := basis.currentSubject();
|
||||
currentSubjectName := base.currentSubject();
|
||||
if (length(currentSubjectName) > 0) then
|
||||
raise exception '[401] currentSubjectOrAssumedRolesUuids (%) cannot be determined, unknown subject name "%"', currentSubjectOrAssumedRolesUuids, currentSubjectName;
|
||||
else
|
||||
raise exception '[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `basis.defineContext(...)` with a valid subject;"';
|
||||
raise exception '[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `base.defineContext(...)` with a valid subject;"';
|
||||
end if;
|
||||
end if;
|
||||
return string_to_array(currentSubjectOrAssumedRolesUuids, ';');
|
||||
|
||||
@ -241,7 +241,7 @@ create or replace view rbac.subject_rv as
|
||||
union
|
||||
select users.*
|
||||
from rbac.subject as users
|
||||
where cardinality(basis.assumedRoles()) = 0 and
|
||||
where cardinality(base.assumedRoles()) = 0 and
|
||||
(rbac.currentSubjectUuid() = users.uuid or hasGlobalRoleGranted(rbac.currentSubjectUuid()))
|
||||
|
||||
) as unordered
|
||||
@ -303,7 +303,7 @@ begin
|
||||
delete from rbac.subject where uuid = old.uuid;
|
||||
return old;
|
||||
end if;
|
||||
raise exception '[403] User % not allowed to delete user uuid %', basis.currentSubject(), old.uuid;
|
||||
raise exception '[403] User % not allowed to delete user uuid %', base.currentSubject(), old.uuid;
|
||||
end; $$;
|
||||
|
||||
/*
|
||||
@ -354,7 +354,7 @@ begin
|
||||
currentSubjectUuid := rbac.currentSubjectUuid();
|
||||
|
||||
if hasGlobalRoleGranted(targetSubjectUuid) and not hasGlobalRoleGranted(currentSubjectUuid) then
|
||||
raise exception '[403] permissions of user "%" are not accessible to user "%"', targetSubjectUuid, basis.currentSubject();
|
||||
raise exception '[403] permissions of user "%" are not accessible to user "%"', targetSubjectUuid, base.currentSubject();
|
||||
end if;
|
||||
|
||||
return query select
|
||||
|
||||
@ -168,7 +168,7 @@ declare
|
||||
begin
|
||||
targetTable := lower(targetTable);
|
||||
if columnNames = '*' then
|
||||
columnNames := basis.tableColumnNames(targetTable);
|
||||
columnNames := base.tableColumnNames(targetTable);
|
||||
end if;
|
||||
|
||||
/*
|
||||
@ -190,14 +190,14 @@ begin
|
||||
select distinct g.descendantuuid,
|
||||
g.ascendantuuid,
|
||||
grants.level + 1 as level,
|
||||
basis.assertTrue(grants.level < 22, 'too many grant-levels: ' || grants.level)
|
||||
base.assertTrue(grants.level < 22, 'too many grant-levels: ' || grants.level)
|
||||
from rbacgrants g
|
||||
join recursive_grants grants on grants.descendantuuid = g.ascendantuuid
|
||||
where g.assumed),
|
||||
grant_count AS (
|
||||
SELECT COUNT(*) AS grant_count FROM recursive_grants
|
||||
),
|
||||
count_check as (select basis.assertTrue((select count(*) as grant_count from recursive_grants) < 400000,
|
||||
count_check as (select base.assertTrue((select count(*) as grant_count from recursive_grants) < 400000,
|
||||
'too many grants for current subjects: ' || (select count(*) as grant_count from recursive_grants))
|
||||
as valid)
|
||||
select distinct perm.objectuuid
|
||||
|
||||
@ -94,7 +94,7 @@ $$;
|
||||
A single row to be referenced as a rbac.Global object.
|
||||
*/
|
||||
begin transaction;
|
||||
call basis.defineContext('initializing table "rbac.global"', null, null, null);
|
||||
call base.defineContext('initializing table "rbac.global"', null, null, null);
|
||||
insert
|
||||
into rbac.object (objecttable) values ('rbac.global');
|
||||
insert
|
||||
@ -118,7 +118,7 @@ select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.gl
|
||||
$$;
|
||||
|
||||
begin transaction;
|
||||
call basis.defineContext('creating role:rbac.global#global:ADMIN', null, null, null);
|
||||
call base.defineContext('creating role:rbac.global#global:ADMIN', null, null, null);
|
||||
select createRole(globalAdmin());
|
||||
commit;
|
||||
--//
|
||||
@ -139,7 +139,7 @@ select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.gl
|
||||
$$;
|
||||
|
||||
begin transaction;
|
||||
call basis.defineContext('creating role:rbac.global#global:guest', null, null, null);
|
||||
call base.defineContext('creating role:rbac.global#global:guest', null, null, null);
|
||||
select createRole(globalGuest());
|
||||
commit;
|
||||
--//
|
||||
@ -155,7 +155,7 @@ do language plpgsql $$
|
||||
declare
|
||||
admins uuid ;
|
||||
begin
|
||||
call basis.defineContext('creating fake test-realm admin users', null, null, null);
|
||||
call base.defineContext('creating fake test-realm admin users', null, null, null);
|
||||
|
||||
admins = findRoleId(globalAdmin());
|
||||
call rbac.grantRoleToUserUnchecked(admins, admins, rbac.create_subject('superuser-alex@hostsharing.net'));
|
||||
|
hsh-michaelhoennig marked this conversation as resolved
Outdated
|
||||
@ -179,13 +179,13 @@ do language plpgsql $$
|
||||
declare
|
||||
userName varchar;
|
||||
begin
|
||||
call basis.defineContext('testing currentSubjectUuid', null, 'superuser-fran@hostsharing.net', null);
|
||||
call base.defineContext('testing currentSubjectUuid', null, 'superuser-fran@hostsharing.net', null);
|
||||
select userName from rbac.subject where uuid = rbac.currentSubjectUuid() into userName;
|
||||
if userName <> 'superuser-fran@hostsharing.net' then
|
||||
raise exception 'setting or fetching initial currentSubject failed, got: %', userName;
|
||||
end if;
|
||||
|
||||
call basis.defineContext('testing currentSubjectUuid', null, 'superuser-alex@hostsharing.net', null);
|
||||
call base.defineContext('testing currentSubjectUuid', null, 'superuser-alex@hostsharing.net', null);
|
||||
select userName from rbac.subject where uuid = rbac.currentSubjectUuid() into userName;
|
||||
if userName = 'superuser-alex@hostsharing.net' then
|
||||
raise exception 'currentSubject should not change in one transaction, but did change, got: %', userName;
|
||||
|
||||
@ -89,7 +89,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global%ROWTYPE;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO test_customer permissions for pre-exising rbac.global rows');
|
||||
call base.defineContext('create INSERT INTO test_customer permissions for pre-exising rbac.global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -59,7 +59,7 @@ create or replace procedure createTestCustomerTestData(
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
call createTestCustomerTestData(testCustomerReference(t), basis.intToVarChar(t, 3));
|
||||
call createTestCustomerTestData(testCustomerReference(t), base.intToVarChar(t, 3));
|
||||
commit;
|
||||
end loop;
|
||||
end; $$;
|
||||
@ -72,7 +72,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createTestCustomerTestData(99901, 'xxx');
|
||||
call createTestCustomerTestData(99902, 'yyy');
|
||||
|
||||
@ -154,7 +154,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row test_customer;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
|
||||
call base.defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
|
||||
|
||||
FOR row IN SELECT * FROM test_customer
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -22,7 +22,7 @@ begin
|
||||
pacName = cust.prefix || to_char(t, 'fm00');
|
||||
custAdminUser = 'customer-admin@' || cust.prefix || '.example.com';
|
||||
custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN';
|
||||
call basis.defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
|
||||
call base.defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
|
||||
|
||||
insert
|
||||
into test_package (customerUuid, name, description)
|
||||
|
||||
@ -153,7 +153,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row test_package;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
|
||||
call base.defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
|
||||
|
||||
FOR row IN SELECT * FROM test_package
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -21,11 +21,11 @@ begin
|
||||
for t in 0..(domainCount-1)
|
||||
loop
|
||||
pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com';
|
||||
call basis.defineContext('creating RBAC test domain', null, pacAdmin, null);
|
||||
call base.defineContext('creating RBAC test domain', null, pacAdmin, null);
|
||||
|
||||
insert
|
||||
into test_domain (name, packageUuid)
|
||||
values (pac.name || '-' || basis.intToVarChar(t, 4), pac.uuid);
|
||||
values (pac.name || '-' || base.intToVarChar(t, 4), pac.uuid);
|
||||
end loop;
|
||||
end; $$;
|
||||
|
||||
|
||||
@ -20,5 +20,5 @@ create table if not exists hs_office_contact
|
||||
--changeset hs-office-contact-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_contact');
|
||||
call base.create_journal('hs_office_contact');
|
||||
--//
|
||||
|
||||
@ -40,7 +40,7 @@ ALTER TABLE hs_office_contact_legacy_id
|
||||
--changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL basis.defineContext('schema-migration');
|
||||
CALL base.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_contact_legacy_id(uuid, contact_id)
|
||||
SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact;
|
||||
--/
|
||||
|
||||
@ -15,9 +15,9 @@ declare
|
||||
emailAddr varchar;
|
||||
begin
|
||||
emailAddr = 'contact-admin@' || cleanIdentifier(contCaption) || '.example.com';
|
||||
call basis.defineContext('creating contact test-data');
|
||||
call base.defineContext('creating contact test-data');
|
||||
perform rbac.create_subject(emailAddr);
|
||||
call basis.defineContext('creating contact test-data', null, emailAddr);
|
||||
call base.defineContext('creating contact test-data', null, emailAddr);
|
||||
|
||||
postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt';
|
||||
|
||||
@ -44,7 +44,7 @@ create or replace procedure createHsOfficeContactTestData(
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
call createHsOfficeContactTestData(basis.intToVarChar(t, 4) || '#' || t);
|
||||
call createHsOfficeContactTestData(base.intToVarChar(t, 4) || '#' || t);
|
||||
commit;
|
||||
end loop;
|
||||
end; $$;
|
||||
|
||||
@ -31,5 +31,5 @@ create table if not exists hs_office_person
|
||||
--changeset hs-office-person-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_person');
|
||||
call base.create_journal('hs_office_person');
|
||||
--//
|
||||
|
||||
@ -21,9 +21,9 @@ declare
|
||||
begin
|
||||
fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName);
|
||||
emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com';
|
||||
call basis.defineContext('creating person test-data');
|
||||
call base.defineContext('creating person test-data');
|
||||
perform rbac.create_subject(emailAddr);
|
||||
call basis.defineContext('creating person test-data', null, emailAddr);
|
||||
call base.defineContext('creating person test-data', null, emailAddr);
|
||||
|
||||
raise notice 'creating test person: % by %', fullName, emailAddr;
|
||||
insert
|
||||
@ -43,7 +43,7 @@ create or replace procedure createTestPersonTestData(
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
call createHsOfficePersonTestData('LP', basis.intToVarChar(t, 4));
|
||||
call createHsOfficePersonTestData('LP', base.intToVarChar(t, 4));
|
||||
commit;
|
||||
end loop;
|
||||
end; $$;
|
||||
|
||||
@ -33,5 +33,5 @@ create table if not exists hs_office_relation
|
||||
--changeset hs-office-relation-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_relation');
|
||||
call base.create_journal('hs_office_relation');
|
||||
--//
|
||||
|
||||
@ -163,7 +163,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_person;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_person
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -69,8 +69,8 @@ declare
|
||||
begin
|
||||
for t in startCount..endCount
|
||||
loop
|
||||
select p.* from hs_office_person p where tradeName = basis.intToVarChar(t, 4) into person;
|
||||
select c.* from hs_office_contact c where c.caption = basis.intToVarChar(t, 4) || '#' || t into contact;
|
||||
select p.* from hs_office_person p where tradeName = base.intToVarChar(t, 4) into person;
|
||||
select c.* from hs_office_contact c where c.caption = base.intToVarChar(t, 4) || '#' || t into contact;
|
||||
|
||||
call createHsOfficeRelationTestData(person.uuid, contact.uuid, 'REPRESENTATIVE');
|
||||
commit;
|
||||
@ -85,7 +85,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsOfficeRelationTestData('First GmbH', 'PARTNER', 'Hostsharing eG', 'first contact');
|
||||
call createHsOfficeRelationTestData('Firby', 'REPRESENTATIVE', 'First GmbH', 'first contact');
|
||||
|
||||
@ -23,7 +23,7 @@ create table hs_office_partner_details
|
||||
--changeset hs-office-partner-DETAILS-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_partner_details');
|
||||
call base.create_journal('hs_office_partner_details');
|
||||
--//
|
||||
|
||||
-- ============================================================================
|
||||
@ -83,5 +83,5 @@ create trigger hs_office_partner_delete_dependents_trigger
|
||||
--changeset hs-office-partner-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_partner');
|
||||
call base.create_journal('hs_office_partner');
|
||||
--//
|
||||
|
||||
@ -166,7 +166,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global%ROWTYPE;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_partner permissions for pre-exising rbac.Global rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_partner permissions for pre-exising rbac.Global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -70,7 +70,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -39,7 +39,7 @@ ALTER TABLE hs_office_partner_legacy_id
|
||||
--changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL basis.defineContext('schema-migration');
|
||||
CALL base.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_partner_legacy_id(uuid, bp_id)
|
||||
SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner;
|
||||
--/
|
||||
|
||||
@ -71,7 +71,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsOfficePartnerTestData('Hostsharing eG', 10001, 'First GmbH', 'first contact');
|
||||
call createHsOfficePartnerTestData('Hostsharing eG', 10002, 'Second e.K.', 'second contact');
|
||||
|
||||
@ -18,5 +18,5 @@ create table hs_office_bankaccount
|
||||
--changeset hs-office-bankaccount-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_bankaccount');
|
||||
call base.create_journal('hs_office_bankaccount');
|
||||
--//
|
||||
|
||||
@ -15,7 +15,7 @@ declare
|
||||
begin
|
||||
emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com';
|
||||
perform rbac.create_subject(emailAddr);
|
||||
call basis.defineContext('creating bankaccount test-data', null, emailAddr);
|
||||
call base.defineContext('creating bankaccount test-data', null, emailAddr);
|
||||
|
||||
raise notice 'creating test bankaccount: %', givenHolder;
|
||||
insert
|
||||
@ -31,7 +31,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating bankaccount test-data');
|
||||
call base.defineContext('creating bankaccount test-data');
|
||||
|
||||
-- IBANs+BICs taken from https://ibanvalidieren.de/beispiele.html
|
||||
call createHsOfficeBankAccountTestData('First GmbH', 'DE02120300000000202051', 'BYLADEM1001');
|
||||
|
||||
@ -61,5 +61,5 @@ execute procedure deleteHsOfficeDependentsOnDebitorDelete();
|
||||
--changeset hs-office-debitor-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_debitor');
|
||||
call base.create_journal('hs_office_debitor');
|
||||
--//
|
||||
|
||||
@ -139,7 +139,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global%ROWTYPE;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising rbac.Global rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising rbac.Global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -50,7 +50,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsOfficeDebitorTestData(11, 'First GmbH', 'first contact', 'fir');
|
||||
call createHsOfficeDebitorTestData(12, 'Second e.K.', 'second contact', 'sec');
|
||||
|
||||
@ -21,5 +21,5 @@ create table if not exists hs_office_sepamandate
|
||||
--changeset hs-office-sepamandate-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_sepamandate');
|
||||
call base.create_journal('hs_office_sepamandate');
|
||||
--//
|
||||
|
||||
@ -114,7 +114,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_relation;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_relation
|
||||
WHERE type = 'DEBITOR'
|
||||
|
||||
@ -41,7 +41,7 @@ ALTER TABLE hs_office_sepamandate_legacy_id
|
||||
--changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL basis.defineContext('schema-migration');
|
||||
CALL base.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id)
|
||||
SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate;
|
||||
--/
|
||||
|
||||
@ -43,7 +43,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsOfficeSepaMandateTestData(10001, '11', 'DE02120300000000202051', 'ref-10001-11');
|
||||
call createHsOfficeSepaMandateTestData(10002, '12', 'DE02100500000054540402', 'ref-10002-12');
|
||||
|
||||
@ -36,5 +36,5 @@ create table if not exists hs_office_membership
|
||||
--changeset hs-office-membership-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_membership');
|
||||
call base.create_journal('hs_office_membership');
|
||||
--//
|
||||
|
||||
@ -101,7 +101,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global%ROWTYPE;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_membership permissions for pre-exising rbac.Global rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_membership permissions for pre-exising rbac.Global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -33,7 +33,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsOfficeMembershipTestData(10001, '01');
|
||||
call createHsOfficeMembershipTestData(10002, '02');
|
||||
|
||||
@ -64,5 +64,5 @@ alter table hs_office_coopsharestransaction
|
||||
--changeset hs-office-coopshares-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_coopsharestransaction');
|
||||
call base.create_journal('hs_office_coopsharestransaction');
|
||||
--//
|
||||
|
||||
@ -77,7 +77,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_membership;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_membership
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopsharestransaction_legacy_id
|
||||
--changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL basis.defineContext('schema-migration');
|
||||
CALL base.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id)
|
||||
SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction;
|
||||
--/
|
||||
|
||||
@ -43,7 +43,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating coopSharesTransaction test-data');
|
||||
call base.defineContext('creating coopSharesTransaction test-data');
|
||||
SET CONSTRAINTS ALL DEFERRED;
|
||||
|
||||
call createHsOfficeCoopSharesTransactionTestData(10001, '01');
|
||||
|
||||
@ -72,5 +72,5 @@ alter table hs_office_coopassetstransaction
|
||||
--changeset hs-office-coopassets-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_office_coopassetstransaction');
|
||||
call base.create_journal('hs_office_coopassetstransaction');
|
||||
--//
|
||||
|
||||
@ -77,7 +77,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_membership;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
|
||||
call base.defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_membership
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopassetstransaction_legacy_id
|
||||
--changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CALL basis.defineContext('schema-migration');
|
||||
CALL base.defineContext('schema-migration');
|
||||
INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id)
|
||||
SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction;
|
||||
--/
|
||||
|
||||
@ -43,7 +43,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating coopAssetsTransaction test-data');
|
||||
call base.defineContext('creating coopAssetsTransaction test-data');
|
||||
SET CONSTRAINTS ALL DEFERRED;
|
||||
|
||||
call createHsOfficeCoopAssetsTransactionTestData(10001, '01');
|
||||
|
||||
@ -18,12 +18,12 @@ create table if not exists hs_booking_project
|
||||
--changeset hs-booking-project-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_booking_project');
|
||||
call base.create_journal('hs_booking_project');
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-booking-project-MAIN-TABLE-HISTORIZATION:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call basis.tx_create_historicization('hs_booking_project');
|
||||
call base.tx_create_historicization('hs_booking_project');
|
||||
--//
|
||||
|
||||
@ -108,7 +108,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_office_relation;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
|
||||
call base.defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_office_relation
|
||||
WHERE type = 'DEBITOR'
|
||||
|
||||
@ -39,7 +39,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsBookingProjectTransactionTestData(10001, '11');
|
||||
call createHsBookingProjectTransactionTestData(10002, '12');
|
||||
|
||||
@ -35,13 +35,13 @@ create table if not exists hs_booking_item
|
||||
--changeset hs-booking-item-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call basis.create_journal('hs_booking_item');
|
||||
call base.create_journal('hs_booking_item');
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-booking-item-MAIN-TABLE-HISTORIZATION:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call basis.tx_create_historicization('hs_booking_item');
|
||||
call base.tx_create_historicization('hs_booking_item');
|
||||
--//
|
||||
|
||||
|
||||
@ -107,7 +107,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global%ROWTYPE;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
|
||||
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
@ -150,7 +150,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_booking_project;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_booking_project
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -47,7 +47,7 @@ do language plpgsql $$
|
||||
declare
|
||||
currentTask text;
|
||||
begin
|
||||
call basis.defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsBookingItemTransactionTestData(10001, '11');
|
||||
call createHsBookingItemTransactionTestData(10002, '12');
|
||||
|
||||
@ -107,7 +107,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row rbac.global%ROWTYPE;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
|
||||
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
|
||||
|
||||
FOR row IN SELECT * FROM rbac.global
|
||||
-- unconditional for all rows in that table
|
||||
@ -150,7 +150,7 @@ do language plpgsql $$
|
||||
declare
|
||||
row hs_booking_project;
|
||||
begin
|
||||
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
|
||||
|
||||
FOR row IN SELECT * FROM hs_booking_project
|
||||
-- unconditional for all rows in that table
|
||||
|
||||
@ -91,7 +91,7 @@ begin
|
||||
when 'IPV4_NUMBER' then null
|
||||
when 'IPV6_NUMBER' then null
|
||||
|
||||
else basis.raiseException(format('[400] unknown asset type %s', NEW.type::text))
|
||||
else base.raiseException(format('[400] unknown asset type %s', NEW.type::text))
|
||||
end);
|
||||
|
||||
if expectedParentType is not null and actualParentType is null then
|
||||
@ -166,14 +166,14 @@ execute procedure hs_hosting_asset_booking_item_hierarchy_check_tf();
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call basis.create_journal('hs_hosting_asset');
|
||||
call base.create_journal('hs_hosting_asset');
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset hs-hosting-asset-MAIN-TABLE-HISTORIZATION:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call basis.tx_create_historicization('hs_hosting_asset');
|
||||
call base.tx_create_historicization('hs_hosting_asset');
|
||||
--//
|
||||
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ declare
|
||||
pgSqlInstanceUuid uuid;
|
||||
PgSqlSubjectUuid uuid;
|
||||
begin
|
||||
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
select project.* into relatedProject
|
||||
from hs_booking_project project
|
||||
@ -110,7 +110,7 @@ end; $$;
|
||||
|
||||
do language plpgsql $$
|
||||
begin
|
||||
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
call base.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
|
||||
|
||||
call createHsHostingAssetTestData('D-1000111 default project');
|
||||
call createHsHostingAssetTestData('D-1000212 default project');
|
||||
|
||||
@ -1,32 +1,32 @@
|
||||
databaseChangeLog:
|
||||
- include:
|
||||
file: db/changelog/0-basis/000-basis-schema.sql
|
||||
file: db/changelog/0-base/000-base-schema.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/001-last-row-count.sql
|
||||
file: db/changelog/0-base/001-last-row-count.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/002-int-to-var.sql
|
||||
file: db/changelog/0-base/002-int-to-var.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/003-random-in-range.sql
|
||||
file: db/changelog/0-base/003-random-in-range.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/004-jsonb-changes-delta.sql
|
||||
file: db/changelog/0-base/004-jsonb-changes-delta.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/005-uuid-ossp-extension.sql
|
||||
file: db/changelog/0-base/005-uuid-ossp-extension.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/006-numeric-hash-functions.sql
|
||||
file: db/changelog/0-base/006-numeric-hash-functions.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/007-table-columns.sql
|
||||
file: db/changelog/0-base/007-table-columns.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/008-raise-functions.sql
|
||||
file: db/changelog/0-base/008-raise-functions.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/009-check-environment.sql
|
||||
file: db/changelog/0-base/009-check-environment.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/010-context.sql
|
||||
file: db/changelog/0-base/010-context.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/020-audit-log.sql
|
||||
file: db/changelog/0-base/020-audit-log.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/030-historization.sql
|
||||
file: db/changelog/0-base/030-historization.sql
|
||||
- include:
|
||||
file: db/changelog/0-basis/090-log-slow-queries-extensions.sql
|
||||
file: db/changelog/0-base/090-log-slow-queries-extensions.sql
|
||||
- include:
|
||||
file: db/changelog/1-rbac/1000-rbac-schema.sql
|
||||
- include:
|
||||
|
||||
@ -69,7 +69,7 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'caption'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_booking_item';
|
||||
""");
|
||||
|
||||
|
||||
@ -64,7 +64,7 @@ class HsBookingProjectRepositoryIntegrationTest extends ContextBasedTestWithClea
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'caption'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_booking_project';
|
||||
""");
|
||||
|
||||
|
||||
@ -77,7 +77,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'caption'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_hosting_asset';
|
||||
""");
|
||||
|
||||
|
||||
@ -299,8 +299,8 @@ public class CsvDataImport extends ContextBasedTest {
|
||||
jpaAttempt.transacted(() -> {
|
||||
context(rbacSuperuser);
|
||||
em.createNativeQuery("delete from rbac.subject_rv where name not like 'superuser-%'").executeUpdate();
|
||||
em.createNativeQuery("delete from basis.tx_journal where true").executeUpdate();
|
||||
em.createNativeQuery("delete from basis.tx_context where true").executeUpdate();
|
||||
em.createNativeQuery("delete from base.tx_journal where true").executeUpdate();
|
||||
em.createNativeQuery("delete from base.tx_context where true").executeUpdate();
|
||||
}).assertSuccessful();
|
||||
}
|
||||
|
||||
|
||||
@ -272,7 +272,7 @@ class HsOfficeBankAccountRepositoryIntegrationTest extends ContextBasedTestWithC
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'iban'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_bankaccount';
|
||||
""");
|
||||
|
||||
|
||||
@ -257,7 +257,7 @@ class HsOfficeContactRbacRepositoryIntegrationTest extends ContextBasedTestWithC
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'caption'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_contact';
|
||||
""");
|
||||
|
||||
|
||||
@ -221,7 +221,7 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'reference'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_coopassetstransaction';
|
||||
""");
|
||||
|
||||
|
||||
@ -220,7 +220,7 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'reference'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_coopsharestransaction';
|
||||
""");
|
||||
|
||||
|
||||
@ -590,7 +590,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTestWithClean
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'defaultprefix'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_debitor';
|
||||
""");
|
||||
|
||||
|
||||
@ -337,7 +337,7 @@ class HsOfficeMembershipRepositoryIntegrationTest extends ContextBasedTestWithCl
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'membernumbersuffix'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_membership';
|
||||
""");
|
||||
|
||||
|
||||
@ -434,7 +434,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTestWithClean
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'partnernumber'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_partner';
|
||||
""");
|
||||
|
||||
|
||||
@ -261,7 +261,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTestWithCleanu
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'tradename', targetdelta->>'lastname'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_person';
|
||||
""");
|
||||
|
||||
|
||||
@ -395,7 +395,7 @@ class HsOfficeRelationRepositoryIntegrationTest extends ContextBasedTestWithClea
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'mark'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_relation';
|
||||
""");
|
||||
|
||||
|
||||
@ -380,7 +380,7 @@ class HsOfficeSepaMandateRepositoryIntegrationTest extends ContextBasedTestWithC
|
||||
// given
|
||||
final var query = em.createNativeQuery("""
|
||||
select currentTask, targetTable, targetOp, targetdelta->>'reference'
|
||||
from basis.tx_journal_v
|
||||
from base.tx_journal_v
|
||||
where targettable = 'hs_office_sepamandate';
|
||||
""");
|
||||
|
||||
|
||||
@ -81,7 +81,7 @@ class ContextIntegrationTests {
|
||||
// then
|
||||
result.assertExceptionWithRootCauseMessage(
|
||||
jakarta.persistence.PersistenceException.class,
|
||||
"[401] subject unknown@example.org given in `basis.defineContext(...)` does not exist");
|
||||
"[401] subject unknown@example.org given in `base.defineContext(...)` does not exist");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
@ -28,7 +28,7 @@ import static org.mockito.Mockito.verify;
|
||||
class ContextUnitTest {
|
||||
|
||||
private static final String DEFINE_CONTEXT_QUERY_STRING = """
|
||||
call basis.defineContext(
|
||||
call base.defineContext(
|
||||
cast(:currentTask as varchar(127)),
|
||||
cast(:currentRequest as text),
|
||||
cast(:currentSubject as varchar(63)),
|
||||
|
||||
@ -146,7 +146,7 @@ class RbacRoleRepositoryIntegrationTest {
|
||||
|
||||
result.assertExceptionWithRootCauseMessage(
|
||||
JpaSystemException.class,
|
||||
"[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `basis.defineContext(...)` with a valid subject");
|
||||
"[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `base.defineContext(...)` with a valid subject");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user
müsste das nicht grantRoleToSubjectUnchecked heißen