introduce separate database-schemas base+rbac #103

Merged
hsh-michaelhoennig merged 54 commits from introduce-separate-database-schemas-base-and-rbac into master 2024-09-16 15:36:38 +02:00
89 changed files with 196 additions and 196 deletions
Showing only changes of commit 8715ae484a - Show all commits

View File

@ -24,13 +24,13 @@ delete from hs_hosting_asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::
commit;
-- single version at point in time
-- set hsadminng.tx_history_txid to (select max(txid) from basis.tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
-- set hsadminng.tx_history_txid to (select max(txid) from base.tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
set hsadminng.tx_history_txid to '';
set hsadminng.tx_history_timestamp to '2024-08-29 12:42';
-- all versions
select tx_history_txid(), txc.txtimestamp, txc.currentSubject, txc.currentTask, haex.*
from hs_hosting_asset_ex haex
join basis.tx_context txc on haex.txid=txc.txid
join base.tx_context txc on haex.txid=txc.txid
where haex.identifier = 'test@thi.example.org';
select uuid, version, type, identifier, caption from hs_hosting_asset_hv p where identifier = 'test@thi.example.org';

View File

@ -54,7 +54,7 @@ public class Context {
final String currentSubject,
final String assumedRoles) {
final var query = em.createNativeQuery("""
call basis.defineContext(
call base.defineContext(
cast(:currentTask as varchar(127)),
cast(:currentRequest as text),
cast(:currentSubject as varchar(63)),
@ -72,7 +72,7 @@ public class Context {
}
public String fetchCurrentSubject() {
return String.valueOf(em.createNativeQuery("select basis.currentSubject()").getSingleResult());
return String.valueOf(em.createNativeQuery("select base.currentSubject()").getSingleResult());
}
public UUID fetchCurrentSubjectUuid() {
@ -80,7 +80,7 @@ public class Context {
}
public String[] fetchAssumedRoles() {
return (String[]) em.createNativeQuery("select basis.assumedRoles() as roles", String[].class).getSingleResult();
return (String[]) em.createNativeQuery("select base.assumedRoles() as roles", String[].class).getSingleResult();
}
public UUID[] fetchCurrentSubjectOrAssumedRolesUuids() {

View File

@ -67,7 +67,7 @@ public class InsertTriggerGenerator {
declare
row ${rawSuperTable};
begin
call basis.defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
call base.defineContext('create INSERT INTO ${rawSubTable} permissions for pre-exising ${rawSuperTable} rows');
FOR row IN SELECT * FROM ${rawSuperTable}
${whenCondition}

View File

@ -2,7 +2,7 @@
-- ============================================================================
--changeset basis-SCHEMA:1 endDelimiter:--//
--changeset base-SCHEMA:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CREATE SCHEMA basis;
CREATE SCHEMA base;
--//

View File

@ -8,7 +8,7 @@
Returns the row count from the result of the previous query.
Other than the native statement it's usable in an expression.
*/
create or replace function basis.lastRowCount()
create or replace function base.lastRowCount()
returns bigint
language plpgsql as $$
declare

View File

@ -8,10 +8,10 @@
Returns a textual representation of an integer number to be used as generated test data.
Examples :
basis.intToVarChar(0, 3) => 'aaa'
basis.intToVarChar(1, 3) => 'aab'
base.intToVarChar(0, 3) => 'aaa'
base.intToVarChar(1, 3) => 'aab'
*/
create or replace function basis.intToVarChar(i integer, len integer)
create or replace function base.intToVarChar(i integer, len integer)
returns varchar
language plpgsql as $$
declare
@ -19,7 +19,7 @@ declare
begin
select chr(ascii('a') + i % 26) into partial;
if len > 1 then
return basis.intToVarChar(i / 26, len - 1) || partial;
return base.intToVarChar(i / 26, len - 1) || partial;
else
return partial;
end if;

View File

@ -10,9 +10,9 @@
to be used for test data generation.
Example:
basis.randomInRange(0, 4) might return any of 0, 1, 2, 3, 4
base.randomInRange(0, 4) might return any of 0, 1, 2, 3, 4
*/
create or replace function basis.randomInRange(min integer, max integer)
create or replace function base.randomInRange(min integer, max integer)
returns integer
returns null on null input
language 'plpgsql' as $$

View File

@ -9,7 +9,7 @@
This is a kind of right sided json diff.
*/
create or replace function basis.jsonb_changes_delta(oldJson jsonb, newJson jsonb)
create or replace function base.jsonb_changes_delta(oldJson jsonb, newJson jsonb)
returns jsonb
called on null input
language plpgsql as $$
@ -31,7 +31,7 @@ begin
if jsonb_typeof(newJson -> (oldJsonElement.key)) = 'object' then
diffJson = diffJson ||
jsonb_build_object(oldJsonElement.key,
basis.jsonb_changes_delta(oldJsonElement.value, newJson -> (oldJsonElement.key)));
base.jsonb_changes_delta(oldJsonElement.value, newJson -> (oldJsonElement.key)));
end if;
else
diffJson = diffJson || jsonb_build_object(oldJsonElement.key, null);
@ -49,30 +49,30 @@ do language plpgsql $$
actual text;
begin
select basis.jsonb_changes_delta(null::jsonb, null::jsonb) into actual;
select base.jsonb_changes_delta(null::jsonb, null::jsonb) into actual;
if actual is not null then
raise exception 'jsonb_diff #1 failed:% expected: %,% actually: %', E'\n', expected, E'\n', actual;
end if;
select basis.jsonb_changes_delta(null::jsonb, '{"a": "new"}'::jsonb) into actual;
select base.jsonb_changes_delta(null::jsonb, '{"a": "new"}'::jsonb) into actual;
expected := '{"a": "new"}'::jsonb;
if actual <> expected then
raise exception 'jsonb_diff #2 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
end if;
select basis.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "new"}'::jsonb) into actual;
select base.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "new"}'::jsonb) into actual;
expected := '{"a": "new"}'::jsonb;
if actual <> expected then
raise exception 'jsonb_diff #3 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
end if;
select basis.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "old"}'::jsonb) into actual;
select base.jsonb_changes_delta('{"a": "old"}'::jsonb, '{"a": "old"}'::jsonb) into actual;
expected := '{}'::jsonb;
if actual <> expected then
raise exception 'jsonb_diff #4 failed:% expected: %,% actual: %', E'\n', expected, E'\n', actual;
end if;
select basis.jsonb_changes_delta(
select base.jsonb_changes_delta(
$json${
"a": "same",
"b": "old",

View File

@ -6,7 +6,7 @@
--changeset numeric-hash-functions:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create function basis.bigIntHash(text) returns bigint as $$
create function base.bigIntHash(text) returns bigint as $$
select ('x'||substr(md5($1),1,16))::bit(64)::bigint;
$$ language sql;
--//

View File

@ -6,7 +6,7 @@
--changeset table-columns-function:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create or replace function basis.tableColumnNames( tableName text )
create or replace function base.tableColumnNames( tableName text )
returns text
stable
language 'plpgsql' as $$

View File

@ -6,7 +6,7 @@
/*
Like `RAISE EXCEPTION` ... just as an expression instead of a statement.
*/
create or replace function basis.raiseException(msg text)
create or replace function base.raiseException(msg text)
returns varchar
language plpgsql as $$
begin
@ -21,7 +21,7 @@ end; $$;
/*
Like `ASSERT` but as an expression instead of a statement.
*/
create or replace function basis.assertTrue(expectedTrue boolean, msg text)
create or replace function base.assertTrue(expectedTrue boolean, msg text)
returns boolean
language plpgsql as $$
begin

View File

@ -9,7 +9,7 @@
Callback which is called after the context has been (re-) defined.
This function will be overwritten by later changesets.
*/
create procedure basis.contextDefined(
create procedure base.contextDefined(
currentTask varchar(127),
currentRequest text,
currentSubject varchar(63),
@ -22,7 +22,7 @@ end; $$;
/*
Defines the transaction context.
*/
create or replace procedure basis.defineContext(
create or replace procedure base.defineContext(
currentTask varchar(127),
currentRequest text = null,
currentSubject varchar(63) = null,
@ -46,7 +46,7 @@ begin
assert length(assumedRoles) <= 1023, FORMAT('assumedRoles must not be longer than 1023 characters: "%s"', assumedRoles);
execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
call basis.contextDefined(currentTask, currentRequest, currentSubject, assumedRoles);
call base.contextDefined(currentTask, currentRequest, currentSubject, assumedRoles);
end; $$;
--//
@ -58,7 +58,7 @@ end; $$;
Returns the current task as set by `hsadminng.currentTask`.
Raises exception if not set.
*/
create or replace function basis.currentTask()
create or replace function base.currentTask()
returns varchar(127)
stable -- leakproof
language plpgsql as $$
@ -72,7 +72,7 @@ begin
currentTask := null;
end;
if (currentTask is null or currentTask = '') then
raise exception '[401] currentTask must be defined, please call `basis.defineContext(...)`';
raise exception '[401] currentTask must be defined, please call `base.defineContext(...)`';
end if;
return currentTask;
end; $$;
@ -83,10 +83,10 @@ end; $$;
--changeset context-CURRENT-REQUEST:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Returns the current http request as set via `basis.defineContext(...)`.
Returns the current http request as set via `base.defineContext(...)`.
Raises exception if not set.
*/
create or replace function basis.currentRequest()
create or replace function base.currentRequest()
returns text
stable -- leakproof
language plpgsql as $$
@ -108,9 +108,9 @@ end; $$;
--changeset context-current-subject:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Returns the current user as defined by `basis.defineContext(...)`.
Returns the current user as defined by `base.defineContext(...)`.
*/
create or replace function basis.currentSubject() -- FIXME: move to schema rbac?
create or replace function base.currentSubject() -- FIXME: move to schema rbac?
returns varchar(63)
stable -- leakproof
language plpgsql as $$
@ -134,7 +134,7 @@ end; $$;
Returns assumed role names as set in `hsadminng.assumedRoles`
or empty array, if not set.
*/
create or replace function basis.assumedRoles()
create or replace function base.assumedRoles()
returns varchar(1023)[]
stable -- leakproof
language plpgsql as $$
@ -213,11 +213,11 @@ create or replace function currentSubjects()
declare
assumedRoles varchar(1023)[];
begin
assumedRoles := basis.assumedRoles();
assumedRoles := base.assumedRoles();
if array_length(assumedRoles, 1) > 0 then
return assumedRoles;
else
return array [basis.currentSubject()]::varchar(1023)[];
return array [base.currentSubject()]::varchar(1023)[];
end if;
end; $$;
@ -226,7 +226,7 @@ create or replace function hasAssumedRole()
stable -- leakproof
language plpgsql as $$
begin
return array_length(basis.assumedRoles(), 1) > 0;
return array_length(base.assumedRoles(), 1) > 0;
end; $$;
--//

View File

@ -21,7 +21,7 @@ do $$
/*
A table storing transactions with context data.
*/
create table basis.tx_context
create table base.tx_context
(
txId xid8 primary key not null,
txTimestamp timestamp not null,
@ -31,7 +31,7 @@ create table basis.tx_context
currentRequest text not null
);
create index on basis.tx_context using brin (txTimestamp);
create index on base.tx_context using brin (txTimestamp);
--//
-- ============================================================================
@ -40,28 +40,28 @@ create index on basis.tx_context using brin (txTimestamp);
/*
A table storing the transaction audit journal for all target tables it's configured for.
*/
create table basis.tx_journal
create table base.tx_journal
(
txId xid8 not null references basis.tx_context (txId),
txId xid8 not null references base.tx_context (txId),
targetTable text not null,
targetUuid uuid not null, -- Assumes that all audited tables have a uuid column.
targetOp operation not null,
targetDelta jsonb
);
create index on basis.tx_journal (targetTable, targetUuid);
create index on base.tx_journal (targetTable, targetUuid);
--//
-- ============================================================================
--changeset audit-TX-JOURNAL-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
A view combining basis.tx_journal with basis.tx_context.
A view combining base.tx_journal with base.tx_context.
*/
create view basis.tx_journal_v as
create view base.tx_journal_v as
select txc.*, txj.targettable, txj.targetop, txj.targetuuid, txj.targetdelta
from basis.tx_journal txj
left join basis.tx_context txc using (txId)
from base.tx_journal txj
left join base.tx_context txc using (txId)
order by txc.txtimestamp;
--//
@ -71,35 +71,35 @@ select txc.*, txj.targettable, txj.targetop, txj.targetuuid, txj.targetdelta
/*
Trigger function for transaction audit journal.
*/
create or replace function basis.tx_journal_trigger()
create or replace function base.tx_journal_trigger()
returns trigger
language plpgsql as $$
declare
curTask text;
curTxId xid8;
begin
curTask := basis.currentTask();
curTask := base.currentTask();
curTxId := pg_current_xact_id();
insert
into basis.tx_context (txId, txTimestamp, currentSubject, assumedRoles, currentTask, currentRequest)
into base.tx_context (txId, txTimestamp, currentSubject, assumedRoles, currentTask, currentRequest)
values ( curTxId, now(),
basis.currentSubject(), basis.assumedRoles(), curTask, basis.currentRequest())
base.currentSubject(), base.assumedRoles(), curTask, base.currentRequest())
on conflict do nothing;
case tg_op
when 'INSERT' then insert
into basis.tx_journal
into base.tx_journal
values (curTxId,
tg_table_name, new.uuid, tg_op::operation,
to_jsonb(new));
when 'UPDATE' then insert
into basis.tx_journal
into base.tx_journal
values (curTxId,
tg_table_name, old.uuid, tg_op::operation,
basis.jsonb_changes_delta(to_jsonb(old), to_jsonb(new)));
base.jsonb_changes_delta(to_jsonb(old), to_jsonb(new)));
when 'DELETE' then insert
into basis.tx_journal
into base.tx_journal
values (curTxId,
tg_table_name, old.uuid, 'DELETE'::operation,
null::jsonb);
@ -116,7 +116,7 @@ end; $$;
Trigger function for transaction audit journal.
*/
create or replace procedure basis.create_journal(targetTable varchar)
create or replace procedure base.create_journal(targetTable varchar)
language plpgsql as $$
declare
createTriggerSQL varchar;
@ -126,7 +126,7 @@ begin
-- "-0-" to put the trigger execution before any alphabetically greater tx-triggers
createTriggerSQL = 'CREATE TRIGGER tx_0_journal_tg' ||
' AFTER INSERT OR UPDATE OR DELETE ON ' || targetTable ||
' FOR EACH ROW EXECUTE PROCEDURE basis.tx_journal_trigger()';
' FOR EACH ROW EXECUTE PROCEDURE base.tx_journal_trigger()';
execute createTriggerSQL;
end; $$;
--//

View File

@ -3,7 +3,7 @@
-- ============================================================================
--changeset hs-global-historization-tx-history-txid:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create or replace function basis.tx_history_txid()
create or replace function base.tx_history_txid()
returns xid8 stable
language plpgsql as $$
declare
@ -23,11 +23,11 @@ begin
historicalTxIdSetting, historicalTimestampSetting;
end if;
-- just for debugging / making sure the function is only called once per query
-- raise notice 'basis.tx_history_txid() called with: (%, %)', historicalTxIdSetting, historicalTimestampSetting;
-- raise notice 'base.tx_history_txid() called with: (%, %)', historicalTxIdSetting, historicalTimestampSetting;
if historicalTxIdSetting is null or historicalTxIdSetting = '' then
select historicalTimestampSetting::timestamp into historicalTimestamp;
select max(txc.txid) from basis.tx_context txc where txc.txtimestamp <= historicalTimestamp into historicalTxId;
select max(txc.txid) from base.tx_context txc where txc.txtimestamp <= historicalTimestamp into historicalTxId;
else
historicalTxId = historicalTxIdSetting::xid8;
end if;
@ -40,7 +40,7 @@ end; $$;
--changeset hs-global-historization-tx-historicize-tf:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create type basis.tx_operation as enum ('INSERT', 'UPDATE', 'DELETE', 'TRUNCATE');
create type base.tx_operation as enum ('INSERT', 'UPDATE', 'DELETE', 'TRUNCATE');
create or replace function tx_historicize_tf()
returns trigger
@ -95,7 +95,7 @@ end; $$;
-- ----------------------------------------------------------------------------
create or replace procedure basis.tx_create_historicization(baseTable varchar)
create or replace procedure base.tx_create_historicization(baseTable varchar)
language plpgsql as $$
declare
createHistTableSql varchar;
@ -110,8 +110,8 @@ begin
createHistTableSql = '' ||
'CREATE TABLE ' || baseTable || '_ex (' ||
' version_id serial PRIMARY KEY,' ||
' txid xid8 NOT NULL REFERENCES basis.tx_context(txid),' ||
' trigger_op basis.tx_operation NOT NULL,' ||
' txid xid8 NOT NULL REFERENCES base.tx_context(txid),' ||
' trigger_op base.tx_operation NOT NULL,' ||
' alive boolean not null,' ||
' LIKE ' || baseTable ||
' EXCLUDING CONSTRAINTS' ||
@ -131,8 +131,8 @@ begin
createViewSQL = format(
'CREATE OR REPLACE VIEW %1$s AS' ||
'(' ||
-- make sure the function is only called once, not for every matching row in basis.tx_context
' WITH txh AS (SELECT basis.tx_history_txid() AS txid) ' ||
-- make sure the function is only called once, not for every matching row in base.tx_context
' WITH txh AS (SELECT base.tx_history_txid() AS txid) ' ||
' SELECT %2$s' ||
' FROM %3$s' ||
' WHERE alive = TRUE' ||
@ -140,7 +140,7 @@ begin
' (' ||
' SELECT max(ex.version_id) AS history_id' ||
' FROM %3$s AS ex' ||
' JOIN basis.tx_context as txc ON ex.txid = txc.txid' ||
' JOIN base.tx_context as txc ON ex.txid = txc.txid' ||
' WHERE txc.txid <= (SELECT txid FROM txh)' ||
' GROUP BY uuid' ||
' )' ||

View File

@ -44,7 +44,7 @@ create table rbac.subject
name varchar(63) not null unique
);
call basis.create_journal('rbac.subject');
call base.create_journal('rbac.subject');
create or replace function rbac.create_subject(subjectName varchar)
returns uuid
@ -102,7 +102,7 @@ create table rbac.object
unique (objectTable, uuid)
);
call basis.create_journal('rbac.object');
call base.create_journal('rbac.object');
--//
@ -174,7 +174,7 @@ create table RbacRole
unique (objectUuid, roleType)
);
call basis.create_journal('RbacRole');
call base.create_journal('RbacRole');
create type RbacRoleDescriptor as
(
@ -379,7 +379,7 @@ create index on RbacPermission (opTableName, op);
ALTER TABLE RbacPermission
ADD CONSTRAINT RbacPermission_uc UNIQUE NULLS NOT DISTINCT (objectUuid, op, opTableName);
call basis.create_journal('RbacPermission');
call base.create_journal('RbacPermission');
create or replace function createPermission(forObjectUuid uuid, forOp RbacOp, forOpTableName text = null)
returns uuid
@ -497,7 +497,7 @@ create table RbacGrants
create index on RbacGrants (ascendantUuid);
create index on RbacGrants (descendantUuid);
call basis.create_journal('RbacGrants');
call base.create_journal('RbacGrants');
create or replace function findGrantees(grantedId uuid)
returns setof rbac.reference
returns null on null input
@ -741,7 +741,7 @@ begin
AND obj.objectTable = forObjectTable
LIMIT maxObjects+1;
foundRows = basis.lastRowCount();
foundRows = base.lastRowCount();
if foundRows > maxObjects then
raise exception '[400] Too many accessible objects, limit is %, found %.', maxObjects, foundRows
using

View File

@ -12,8 +12,8 @@ declare
currentSubjectOrAssumedRolesUuids uuid[];
begin
-- exactly one role must be assumed, not none not more than one
if cardinality(basis.assumedRoles()) <> 1 then
raise exception '[400] Granting roles to user is only possible if exactly one role is assumed, given: %', basis.assumedRoles();
if cardinality(base.assumedRoles()) <> 1 then
raise exception '[400] Granting roles to user is only possible if exactly one role is assumed, given: %', base.assumedRoles();
end if;
currentSubjectOrAssumedRolesUuids := rbac.currentSubjectOrAssumedRolesUuids();

View File

@ -18,7 +18,7 @@ begin
select uuid from rbac.subject where name = currentSubject into currentSubjectUuid;
if currentSubjectUuid is null then
raise exception '[401] subject % given in `basis.defineContext(...)` does not exist', currentSubject;
raise exception '[401] subject % given in `base.defineContext(...)` does not exist', currentSubject;
end if;
return currentSubjectUuid;
end; $$;
@ -66,10 +66,10 @@ begin
and r.roleType = roleTypeToAssume
into roleUuidToAssume;
if roleUuidToAssume is null then
raise exception '[403] role % does not exist or is not accessible for subject %', roleName, basis.currentSubject();
raise exception '[403] role % does not exist or is not accessible for subject %', roleName, base.currentSubject();
end if;
if not isGranted(currentSubjectOrAssumedRolesUuids, roleUuidToAssume) then
raise exception '[403] subject % has no permission to assume role %', basis.currentSubject(), roleName;
raise exception '[403] subject % has no permission to assume role %', base.currentSubject(), roleName;
end if;
roleIdsToAssume := roleIdsToAssume || roleUuidToAssume;
end loop;
@ -84,7 +84,7 @@ end; $$;
Callback which is called after the context has been (re-) defined.
This function will be overwritten by later changesets.
*/
create or replace procedure basis.contextDefined(
create or replace procedure base.contextDefined(
currentTask varchar(127),
currentRequest text,
currentSubject varchar(63),
@ -114,7 +114,7 @@ end; $$;
--changeset rbac-context-current-subject-ID:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Returns the uuid of the current subject as set via `basis.defineContext(...)`.
Returns the uuid of the current subject as set via `base.defineContext(...)`.
*/
create or replace function rbac.currentSubjectUuid()
@ -132,11 +132,11 @@ begin
currentSubjectUuid := null;
end;
if (currentSubjectUuid is null or currentSubjectUuid = '') then
currentSubjectName := basis.currentSubject();
currentSubjectName := base.currentSubject();
if (length(currentSubjectName) > 0) then
raise exception '[401] currentSubjectUuid cannot be determined, unknown subject name "%"', currentSubjectName;
else
raise exception '[401] currentSubjectUuid cannot be determined, please call `basis.defineContext(...)` first;"';
raise exception '[401] currentSubjectUuid cannot be determined, please call `base.defineContext(...)` first;"';
end if;
end if;
return currentSubjectUuid::uuid;
@ -147,8 +147,8 @@ end; $$;
--changeset rbac-context-CURRENT-SUBJECT-UUIDS:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Returns the uuid of the current subject as set via `basis.defineContext(...)`,
or, if any, the uuids of all assumed roles as set via `basis.defineContext(...)`
Returns the uuid of the current subject as set via `base.defineContext(...)`,
or, if any, the uuids of all assumed roles as set via `base.defineContext(...)`
or empty array, if context is not defined.
*/
create or replace function rbac.currentSubjectOrAssumedRolesUuids()
@ -166,11 +166,11 @@ begin
currentSubjectOrAssumedRolesUuids := null;
end;
if (currentSubjectOrAssumedRolesUuids is null or length(currentSubjectOrAssumedRolesUuids) = 0 ) then
currentSubjectName := basis.currentSubject();
currentSubjectName := base.currentSubject();
if (length(currentSubjectName) > 0) then
raise exception '[401] currentSubjectOrAssumedRolesUuids (%) cannot be determined, unknown subject name "%"', currentSubjectOrAssumedRolesUuids, currentSubjectName;
else
raise exception '[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `basis.defineContext(...)` with a valid subject;"';
raise exception '[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `base.defineContext(...)` with a valid subject;"';
end if;
end if;
return string_to_array(currentSubjectOrAssumedRolesUuids, ';');

View File

@ -241,7 +241,7 @@ create or replace view rbac.subject_rv as
union
select users.*
from rbac.subject as users
where cardinality(basis.assumedRoles()) = 0 and
where cardinality(base.assumedRoles()) = 0 and
(rbac.currentSubjectUuid() = users.uuid or hasGlobalRoleGranted(rbac.currentSubjectUuid()))
) as unordered
@ -303,7 +303,7 @@ begin
delete from rbac.subject where uuid = old.uuid;
return old;
end if;
raise exception '[403] User % not allowed to delete user uuid %', basis.currentSubject(), old.uuid;
raise exception '[403] User % not allowed to delete user uuid %', base.currentSubject(), old.uuid;
end; $$;
/*
@ -354,7 +354,7 @@ begin
currentSubjectUuid := rbac.currentSubjectUuid();
if hasGlobalRoleGranted(targetSubjectUuid) and not hasGlobalRoleGranted(currentSubjectUuid) then
raise exception '[403] permissions of user "%" are not accessible to user "%"', targetSubjectUuid, basis.currentSubject();
raise exception '[403] permissions of user "%" are not accessible to user "%"', targetSubjectUuid, base.currentSubject();
end if;
return query select

View File

@ -168,7 +168,7 @@ declare
begin
targetTable := lower(targetTable);
if columnNames = '*' then
columnNames := basis.tableColumnNames(targetTable);
columnNames := base.tableColumnNames(targetTable);
end if;
/*
@ -190,14 +190,14 @@ begin
select distinct g.descendantuuid,
g.ascendantuuid,
grants.level + 1 as level,
basis.assertTrue(grants.level < 22, 'too many grant-levels: ' || grants.level)
base.assertTrue(grants.level < 22, 'too many grant-levels: ' || grants.level)
from rbacgrants g
join recursive_grants grants on grants.descendantuuid = g.ascendantuuid
where g.assumed),
grant_count AS (
SELECT COUNT(*) AS grant_count FROM recursive_grants
),
count_check as (select basis.assertTrue((select count(*) as grant_count from recursive_grants) < 400000,
count_check as (select base.assertTrue((select count(*) as grant_count from recursive_grants) < 400000,
'too many grants for current subjects: ' || (select count(*) as grant_count from recursive_grants))
as valid)
select distinct perm.objectuuid

View File

@ -94,7 +94,7 @@ $$;
A single row to be referenced as a rbac.Global object.
*/
begin transaction;
call basis.defineContext('initializing table "rbac.global"', null, null, null);
call base.defineContext('initializing table "rbac.global"', null, null, null);
insert
into rbac.object (objecttable) values ('rbac.global');
insert
@ -118,7 +118,7 @@ select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.gl
$$;
begin transaction;
call basis.defineContext('creating role:rbac.global#global:ADMIN', null, null, null);
call base.defineContext('creating role:rbac.global#global:ADMIN', null, null, null);
select createRole(globalAdmin());
commit;
--//
@ -139,7 +139,7 @@ select 'rbac.global', (select uuid from rbac.object where objectTable = 'rbac.gl
$$;
begin transaction;
call basis.defineContext('creating role:rbac.global#global:guest', null, null, null);
call base.defineContext('creating role:rbac.global#global:guest', null, null, null);
select createRole(globalGuest());
commit;
--//
@ -155,7 +155,7 @@ do language plpgsql $$
declare
admins uuid ;
begin
call basis.defineContext('creating fake test-realm admin users', null, null, null);
call base.defineContext('creating fake test-realm admin users', null, null, null);
admins = findRoleId(globalAdmin());
call rbac.grantRoleToUserUnchecked(admins, admins, rbac.create_subject('superuser-alex@hostsharing.net'));
hsh-michaelhoennig marked this conversation as resolved Outdated

müsste das nicht grantRoleToSubjectUnchecked heißen

müsste das nicht grantRoleToSubjectUnchecked heißen
@ -179,13 +179,13 @@ do language plpgsql $$
declare
userName varchar;
begin
call basis.defineContext('testing currentSubjectUuid', null, 'superuser-fran@hostsharing.net', null);
call base.defineContext('testing currentSubjectUuid', null, 'superuser-fran@hostsharing.net', null);
select userName from rbac.subject where uuid = rbac.currentSubjectUuid() into userName;
if userName <> 'superuser-fran@hostsharing.net' then
raise exception 'setting or fetching initial currentSubject failed, got: %', userName;
end if;
call basis.defineContext('testing currentSubjectUuid', null, 'superuser-alex@hostsharing.net', null);
call base.defineContext('testing currentSubjectUuid', null, 'superuser-alex@hostsharing.net', null);
select userName from rbac.subject where uuid = rbac.currentSubjectUuid() into userName;
if userName = 'superuser-alex@hostsharing.net' then
raise exception 'currentSubject should not change in one transaction, but did change, got: %', userName;

View File

@ -89,7 +89,7 @@ do language plpgsql $$
declare
row rbac.global%ROWTYPE;
begin
call basis.defineContext('create INSERT INTO test_customer permissions for pre-exising rbac.global rows');
call base.defineContext('create INSERT INTO test_customer permissions for pre-exising rbac.global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table

View File

@ -59,7 +59,7 @@ create or replace procedure createTestCustomerTestData(
begin
for t in startCount..endCount
loop
call createTestCustomerTestData(testCustomerReference(t), basis.intToVarChar(t, 3));
call createTestCustomerTestData(testCustomerReference(t), base.intToVarChar(t, 3));
commit;
end loop;
end; $$;
@ -72,7 +72,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating RBAC test customer', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createTestCustomerTestData(99901, 'xxx');
call createTestCustomerTestData(99902, 'yyy');

View File

@ -154,7 +154,7 @@ do language plpgsql $$
declare
row test_customer;
begin
call basis.defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
call base.defineContext('create INSERT INTO test_package permissions for pre-exising test_customer rows');
FOR row IN SELECT * FROM test_customer
-- unconditional for all rows in that table

View File

@ -22,7 +22,7 @@ begin
pacName = cust.prefix || to_char(t, 'fm00');
custAdminUser = 'customer-admin@' || cust.prefix || '.example.com';
custAdminRole = 'test_customer#' || cust.prefix || ':ADMIN';
call basis.defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
call base.defineContext('creating RBAC test package', null, 'superuser-fran@hostsharing.net', custAdminRole);
insert
into test_package (customerUuid, name, description)

View File

@ -153,7 +153,7 @@ do language plpgsql $$
declare
row test_package;
begin
call basis.defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
call base.defineContext('create INSERT INTO test_domain permissions for pre-exising test_package rows');
FOR row IN SELECT * FROM test_package
-- unconditional for all rows in that table

View File

@ -21,11 +21,11 @@ begin
for t in 0..(domainCount-1)
loop
pacAdmin = 'pac-admin-' || pac.name || '@' || pac.custPrefix || '.example.com';
call basis.defineContext('creating RBAC test domain', null, pacAdmin, null);
call base.defineContext('creating RBAC test domain', null, pacAdmin, null);
insert
into test_domain (name, packageUuid)
values (pac.name || '-' || basis.intToVarChar(t, 4), pac.uuid);
values (pac.name || '-' || base.intToVarChar(t, 4), pac.uuid);
end loop;
end; $$;

View File

@ -20,5 +20,5 @@ create table if not exists hs_office_contact
--changeset hs-office-contact-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_contact');
call base.create_journal('hs_office_contact');
--//

View File

@ -40,7 +40,7 @@ ALTER TABLE hs_office_contact_legacy_id
--changeset hs-office-contact-MIGRATION-insert:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CALL basis.defineContext('schema-migration');
CALL base.defineContext('schema-migration');
INSERT INTO hs_office_contact_legacy_id(uuid, contact_id)
SELECT uuid, nextVal('hs_office_contact_legacy_id_seq') FROM hs_office_contact;
--/

View File

@ -15,9 +15,9 @@ declare
emailAddr varchar;
begin
emailAddr = 'contact-admin@' || cleanIdentifier(contCaption) || '.example.com';
call basis.defineContext('creating contact test-data');
call base.defineContext('creating contact test-data');
perform rbac.create_subject(emailAddr);
call basis.defineContext('creating contact test-data', null, emailAddr);
call base.defineContext('creating contact test-data', null, emailAddr);
postalAddr := E'Vorname Nachname\nStraße Hnr\nPLZ Stadt';
@ -44,7 +44,7 @@ create or replace procedure createHsOfficeContactTestData(
begin
for t in startCount..endCount
loop
call createHsOfficeContactTestData(basis.intToVarChar(t, 4) || '#' || t);
call createHsOfficeContactTestData(base.intToVarChar(t, 4) || '#' || t);
commit;
end loop;
end; $$;

View File

@ -31,5 +31,5 @@ create table if not exists hs_office_person
--changeset hs-office-person-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_person');
call base.create_journal('hs_office_person');
--//

View File

@ -21,9 +21,9 @@ declare
begin
fullName := concat_ws(', ', newTradeName, newFamilyName, newGivenName);
emailAddr = 'person-' || left(cleanIdentifier(fullName), 32) || '@example.com';
call basis.defineContext('creating person test-data');
call base.defineContext('creating person test-data');
perform rbac.create_subject(emailAddr);
call basis.defineContext('creating person test-data', null, emailAddr);
call base.defineContext('creating person test-data', null, emailAddr);
raise notice 'creating test person: % by %', fullName, emailAddr;
insert
@ -43,7 +43,7 @@ create or replace procedure createTestPersonTestData(
begin
for t in startCount..endCount
loop
call createHsOfficePersonTestData('LP', basis.intToVarChar(t, 4));
call createHsOfficePersonTestData('LP', base.intToVarChar(t, 4));
commit;
end loop;
end; $$;

View File

@ -33,5 +33,5 @@ create table if not exists hs_office_relation
--changeset hs-office-relation-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_relation');
call base.create_journal('hs_office_relation');
--//

View File

@ -163,7 +163,7 @@ do language plpgsql $$
declare
row hs_office_person;
begin
call basis.defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
call base.defineContext('create INSERT INTO hs_office_relation permissions for pre-exising hs_office_person rows');
FOR row IN SELECT * FROM hs_office_person
-- unconditional for all rows in that table

View File

@ -69,8 +69,8 @@ declare
begin
for t in startCount..endCount
loop
select p.* from hs_office_person p where tradeName = basis.intToVarChar(t, 4) into person;
select c.* from hs_office_contact c where c.caption = basis.intToVarChar(t, 4) || '#' || t into contact;
select p.* from hs_office_person p where tradeName = base.intToVarChar(t, 4) into person;
select c.* from hs_office_contact c where c.caption = base.intToVarChar(t, 4) || '#' || t into contact;
call createHsOfficeRelationTestData(person.uuid, contact.uuid, 'REPRESENTATIVE');
commit;
@ -85,7 +85,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating relation test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsOfficeRelationTestData('First GmbH', 'PARTNER', 'Hostsharing eG', 'first contact');
call createHsOfficeRelationTestData('Firby', 'REPRESENTATIVE', 'First GmbH', 'first contact');

View File

@ -23,7 +23,7 @@ create table hs_office_partner_details
--changeset hs-office-partner-DETAILS-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_partner_details');
call base.create_journal('hs_office_partner_details');
--//
-- ============================================================================
@ -83,5 +83,5 @@ create trigger hs_office_partner_delete_dependents_trigger
--changeset hs-office-partner-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_partner');
call base.create_journal('hs_office_partner');
--//

View File

@ -166,7 +166,7 @@ do language plpgsql $$
declare
row rbac.global%ROWTYPE;
begin
call basis.defineContext('create INSERT INTO hs_office_partner permissions for pre-exising rbac.Global rows');
call base.defineContext('create INSERT INTO hs_office_partner permissions for pre-exising rbac.Global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table

View File

@ -70,7 +70,7 @@ do language plpgsql $$
declare
row rbac.global;
begin
call basis.defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
call base.defineContext('create INSERT INTO hs_office_partner_details permissions for pre-exising global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table

View File

@ -39,7 +39,7 @@ ALTER TABLE hs_office_partner_legacy_id
--changeset hs-office-partner-MIGRATION-insert:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CALL basis.defineContext('schema-migration');
CALL base.defineContext('schema-migration');
INSERT INTO hs_office_partner_legacy_id(uuid, bp_id)
SELECT uuid, nextVal('hs_office_partner_legacy_id_seq') FROM hs_office_partner;
--/

View File

@ -71,7 +71,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating partner test-data ', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsOfficePartnerTestData('Hostsharing eG', 10001, 'First GmbH', 'first contact');
call createHsOfficePartnerTestData('Hostsharing eG', 10002, 'Second e.K.', 'second contact');

View File

@ -18,5 +18,5 @@ create table hs_office_bankaccount
--changeset hs-office-bankaccount-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_bankaccount');
call base.create_journal('hs_office_bankaccount');
--//

View File

@ -15,7 +15,7 @@ declare
begin
emailAddr = 'bankaccount-admin@' || cleanIdentifier(givenHolder) || '.example.com';
perform rbac.create_subject(emailAddr);
call basis.defineContext('creating bankaccount test-data', null, emailAddr);
call base.defineContext('creating bankaccount test-data', null, emailAddr);
raise notice 'creating test bankaccount: %', givenHolder;
insert
@ -31,7 +31,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating bankaccount test-data');
call base.defineContext('creating bankaccount test-data');
-- IBANs+BICs taken from https://ibanvalidieren.de/beispiele.html
call createHsOfficeBankAccountTestData('First GmbH', 'DE02120300000000202051', 'BYLADEM1001');

View File

@ -61,5 +61,5 @@ execute procedure deleteHsOfficeDependentsOnDebitorDelete();
--changeset hs-office-debitor-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_debitor');
call base.create_journal('hs_office_debitor');
--//

View File

@ -139,7 +139,7 @@ do language plpgsql $$
declare
row rbac.global%ROWTYPE;
begin
call basis.defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising rbac.Global rows');
call base.defineContext('create INSERT INTO hs_office_debitor permissions for pre-exising rbac.Global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table

View File

@ -50,7 +50,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating debitor test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsOfficeDebitorTestData(11, 'First GmbH', 'first contact', 'fir');
call createHsOfficeDebitorTestData(12, 'Second e.K.', 'second contact', 'sec');

View File

@ -21,5 +21,5 @@ create table if not exists hs_office_sepamandate
--changeset hs-office-sepamandate-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_sepamandate');
call base.create_journal('hs_office_sepamandate');
--//

View File

@ -114,7 +114,7 @@ do language plpgsql $$
declare
row hs_office_relation;
begin
call basis.defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
call base.defineContext('create INSERT INTO hs_office_sepamandate permissions for pre-exising hs_office_relation rows');
FOR row IN SELECT * FROM hs_office_relation
WHERE type = 'DEBITOR'

View File

@ -41,7 +41,7 @@ ALTER TABLE hs_office_sepamandate_legacy_id
--changeset hs-office-sepamandate-MIGRATION-insert:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CALL basis.defineContext('schema-migration');
CALL base.defineContext('schema-migration');
INSERT INTO hs_office_sepamandate_legacy_id(uuid, sepa_mandate_id)
SELECT uuid, nextVal('hs_office_sepamandate_legacy_id_seq') FROM hs_office_sepamandate;
--/

View File

@ -43,7 +43,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating SEPA-mandate test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsOfficeSepaMandateTestData(10001, '11', 'DE02120300000000202051', 'ref-10001-11');
call createHsOfficeSepaMandateTestData(10002, '12', 'DE02100500000054540402', 'ref-10002-12');

View File

@ -36,5 +36,5 @@ create table if not exists hs_office_membership
--changeset hs-office-membership-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_membership');
call base.create_journal('hs_office_membership');
--//

View File

@ -101,7 +101,7 @@ do language plpgsql $$
declare
row rbac.global%ROWTYPE;
begin
call basis.defineContext('create INSERT INTO hs_office_membership permissions for pre-exising rbac.Global rows');
call base.defineContext('create INSERT INTO hs_office_membership permissions for pre-exising rbac.Global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table

View File

@ -33,7 +33,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating Membership test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsOfficeMembershipTestData(10001, '01');
call createHsOfficeMembershipTestData(10002, '02');

View File

@ -64,5 +64,5 @@ alter table hs_office_coopsharestransaction
--changeset hs-office-coopshares-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_coopsharestransaction');
call base.create_journal('hs_office_coopsharestransaction');
--//

View File

@ -77,7 +77,7 @@ do language plpgsql $$
declare
row hs_office_membership;
begin
call basis.defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
call base.defineContext('create INSERT INTO hs_office_coopsharestransaction permissions for pre-exising hs_office_membership rows');
FOR row IN SELECT * FROM hs_office_membership
-- unconditional for all rows in that table

View File

@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopsharestransaction_legacy_id
--changeset hs-office-coopshares-MIGRATION-insert:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CALL basis.defineContext('schema-migration');
CALL base.defineContext('schema-migration');
INSERT INTO hs_office_coopsharestransaction_legacy_id(uuid, member_share_id)
SELECT uuid, nextVal('hs_office_coopsharestransaction_legacy_id_seq') FROM hs_office_coopsharestransaction;
--/

View File

@ -43,7 +43,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating coopSharesTransaction test-data');
call base.defineContext('creating coopSharesTransaction test-data');
SET CONSTRAINTS ALL DEFERRED;
call createHsOfficeCoopSharesTransactionTestData(10001, '01');

View File

@ -72,5 +72,5 @@ alter table hs_office_coopassetstransaction
--changeset hs-office-coopassets-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_office_coopassetstransaction');
call base.create_journal('hs_office_coopassetstransaction');
--//

View File

@ -77,7 +77,7 @@ do language plpgsql $$
declare
row hs_office_membership;
begin
call basis.defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
call base.defineContext('create INSERT INTO hs_office_coopassetstransaction permissions for pre-exising hs_office_membership rows');
FOR row IN SELECT * FROM hs_office_membership
-- unconditional for all rows in that table

View File

@ -40,7 +40,7 @@ ALTER TABLE hs_office_coopassetstransaction_legacy_id
--changeset hs-office-coopassets-MIGRATION-insert:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CALL basis.defineContext('schema-migration');
CALL base.defineContext('schema-migration');
INSERT INTO hs_office_coopassetstransaction_legacy_id(uuid, member_asset_id)
SELECT uuid, nextVal('hs_office_coopassetstransaction_legacy_id_seq') FROM hs_office_coopassetstransaction;
--/

View File

@ -43,7 +43,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating coopAssetsTransaction test-data');
call base.defineContext('creating coopAssetsTransaction test-data');
SET CONSTRAINTS ALL DEFERRED;
call createHsOfficeCoopAssetsTransactionTestData(10001, '01');

View File

@ -18,12 +18,12 @@ create table if not exists hs_booking_project
--changeset hs-booking-project-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_booking_project');
call base.create_journal('hs_booking_project');
--//
-- ============================================================================
--changeset hs-booking-project-MAIN-TABLE-HISTORIZATION:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.tx_create_historicization('hs_booking_project');
call base.tx_create_historicization('hs_booking_project');
--//

View File

@ -108,7 +108,7 @@ do language plpgsql $$
declare
row hs_office_relation;
begin
call basis.defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
call base.defineContext('create INSERT INTO hs_booking_project permissions for pre-exising hs_office_relation rows');
FOR row IN SELECT * FROM hs_office_relation
WHERE type = 'DEBITOR'

View File

@ -39,7 +39,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating booking-project test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsBookingProjectTransactionTestData(10001, '11');
call createHsBookingProjectTransactionTestData(10002, '12');

View File

@ -35,13 +35,13 @@ create table if not exists hs_booking_item
--changeset hs-booking-item-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_booking_item');
call base.create_journal('hs_booking_item');
--//
-- ============================================================================
--changeset hs-booking-item-MAIN-TABLE-HISTORIZATION:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.tx_create_historicization('hs_booking_item');
call base.tx_create_historicization('hs_booking_item');
--//

View File

@ -107,7 +107,7 @@ do language plpgsql $$
declare
row rbac.global%ROWTYPE;
begin
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table
@ -150,7 +150,7 @@ do language plpgsql $$
declare
row hs_booking_project;
begin
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
FOR row IN SELECT * FROM hs_booking_project
-- unconditional for all rows in that table

View File

@ -47,7 +47,7 @@ do language plpgsql $$
declare
currentTask text;
begin
call basis.defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating booking-item test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsBookingItemTransactionTestData(10001, '11');
call createHsBookingItemTransactionTestData(10002, '12');

View File

@ -107,7 +107,7 @@ do language plpgsql $$
declare
row rbac.global%ROWTYPE;
begin
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising rbac.global rows');
FOR row IN SELECT * FROM rbac.global
-- unconditional for all rows in that table
@ -150,7 +150,7 @@ do language plpgsql $$
declare
row hs_booking_project;
begin
call basis.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
call base.defineContext('create INSERT INTO hs_booking_item permissions for pre-exising hs_booking_project rows');
FOR row IN SELECT * FROM hs_booking_project
-- unconditional for all rows in that table

View File

@ -91,7 +91,7 @@ begin
when 'IPV4_NUMBER' then null
when 'IPV6_NUMBER' then null
else basis.raiseException(format('[400] unknown asset type %s', NEW.type::text))
else base.raiseException(format('[400] unknown asset type %s', NEW.type::text))
end);
if expectedParentType is not null and actualParentType is null then
@ -166,14 +166,14 @@ execute procedure hs_hosting_asset_booking_item_hierarchy_check_tf();
-- ============================================================================
--changeset hs-hosting-asset-MAIN-TABLE-JOURNAL:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.create_journal('hs_hosting_asset');
call base.create_journal('hs_hosting_asset');
--//
-- ============================================================================
--changeset hs-hosting-asset-MAIN-TABLE-HISTORIZATION:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call basis.tx_create_historicization('hs_hosting_asset');
call base.tx_create_historicization('hs_hosting_asset');
--//

View File

@ -30,7 +30,7 @@ declare
pgSqlInstanceUuid uuid;
PgSqlSubjectUuid uuid;
begin
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
select project.* into relatedProject
from hs_booking_project project
@ -110,7 +110,7 @@ end; $$;
do language plpgsql $$
begin
call basis.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call base.defineContext('creating hosting-asset test-data', null, 'superuser-alex@hostsharing.net', 'rbac.global#global:ADMIN');
call createHsHostingAssetTestData('D-1000111 default project');
call createHsHostingAssetTestData('D-1000212 default project');

View File

@ -1,32 +1,32 @@
databaseChangeLog:
- include:
file: db/changelog/0-basis/000-basis-schema.sql
file: db/changelog/0-base/000-base-schema.sql
- include:
file: db/changelog/0-basis/001-last-row-count.sql
file: db/changelog/0-base/001-last-row-count.sql
- include:
file: db/changelog/0-basis/002-int-to-var.sql
file: db/changelog/0-base/002-int-to-var.sql
- include:
file: db/changelog/0-basis/003-random-in-range.sql
file: db/changelog/0-base/003-random-in-range.sql
- include:
file: db/changelog/0-basis/004-jsonb-changes-delta.sql
file: db/changelog/0-base/004-jsonb-changes-delta.sql
- include:
file: db/changelog/0-basis/005-uuid-ossp-extension.sql
file: db/changelog/0-base/005-uuid-ossp-extension.sql
- include:
file: db/changelog/0-basis/006-numeric-hash-functions.sql
file: db/changelog/0-base/006-numeric-hash-functions.sql
- include:
file: db/changelog/0-basis/007-table-columns.sql
file: db/changelog/0-base/007-table-columns.sql
- include:
file: db/changelog/0-basis/008-raise-functions.sql
file: db/changelog/0-base/008-raise-functions.sql
- include:
file: db/changelog/0-basis/009-check-environment.sql
file: db/changelog/0-base/009-check-environment.sql
- include:
file: db/changelog/0-basis/010-context.sql
file: db/changelog/0-base/010-context.sql
- include:
file: db/changelog/0-basis/020-audit-log.sql
file: db/changelog/0-base/020-audit-log.sql
- include:
file: db/changelog/0-basis/030-historization.sql
file: db/changelog/0-base/030-historization.sql
- include:
file: db/changelog/0-basis/090-log-slow-queries-extensions.sql
file: db/changelog/0-base/090-log-slow-queries-extensions.sql
- include:
file: db/changelog/1-rbac/1000-rbac-schema.sql
- include:

View File

@ -69,7 +69,7 @@ class HsBookingItemRepositoryIntegrationTest extends ContextBasedTestWithCleanup
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'caption'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_booking_item';
""");

View File

@ -64,7 +64,7 @@ class HsBookingProjectRepositoryIntegrationTest extends ContextBasedTestWithClea
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'caption'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_booking_project';
""");

View File

@ -77,7 +77,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'caption'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_hosting_asset';
""");

View File

@ -299,8 +299,8 @@ public class CsvDataImport extends ContextBasedTest {
jpaAttempt.transacted(() -> {
context(rbacSuperuser);
em.createNativeQuery("delete from rbac.subject_rv where name not like 'superuser-%'").executeUpdate();
em.createNativeQuery("delete from basis.tx_journal where true").executeUpdate();
em.createNativeQuery("delete from basis.tx_context where true").executeUpdate();
em.createNativeQuery("delete from base.tx_journal where true").executeUpdate();
em.createNativeQuery("delete from base.tx_context where true").executeUpdate();
}).assertSuccessful();
}

View File

@ -272,7 +272,7 @@ class HsOfficeBankAccountRepositoryIntegrationTest extends ContextBasedTestWithC
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'iban'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_bankaccount';
""");

View File

@ -257,7 +257,7 @@ class HsOfficeContactRbacRepositoryIntegrationTest extends ContextBasedTestWithC
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'caption'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_contact';
""");

View File

@ -221,7 +221,7 @@ class HsOfficeCoopAssetsTransactionRepositoryIntegrationTest extends ContextBase
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_coopassetstransaction';
""");

View File

@ -220,7 +220,7 @@ class HsOfficeCoopSharesTransactionRepositoryIntegrationTest extends ContextBase
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_coopsharestransaction';
""");

View File

@ -590,7 +590,7 @@ class HsOfficeDebitorRepositoryIntegrationTest extends ContextBasedTestWithClean
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'defaultprefix'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_debitor';
""");

View File

@ -337,7 +337,7 @@ class HsOfficeMembershipRepositoryIntegrationTest extends ContextBasedTestWithCl
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'membernumbersuffix'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_membership';
""");

View File

@ -434,7 +434,7 @@ class HsOfficePartnerRepositoryIntegrationTest extends ContextBasedTestWithClean
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'partnernumber'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_partner';
""");

View File

@ -261,7 +261,7 @@ class HsOfficePersonRepositoryIntegrationTest extends ContextBasedTestWithCleanu
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'tradename', targetdelta->>'lastname'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_person';
""");

View File

@ -395,7 +395,7 @@ class HsOfficeRelationRepositoryIntegrationTest extends ContextBasedTestWithClea
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'mark'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_relation';
""");

View File

@ -380,7 +380,7 @@ class HsOfficeSepaMandateRepositoryIntegrationTest extends ContextBasedTestWithC
// given
final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'reference'
from basis.tx_journal_v
from base.tx_journal_v
where targettable = 'hs_office_sepamandate';
""");

View File

@ -81,7 +81,7 @@ class ContextIntegrationTests {
// then
result.assertExceptionWithRootCauseMessage(
jakarta.persistence.PersistenceException.class,
"[401] subject unknown@example.org given in `basis.defineContext(...)` does not exist");
"[401] subject unknown@example.org given in `base.defineContext(...)` does not exist");
}
@Test

View File

@ -28,7 +28,7 @@ import static org.mockito.Mockito.verify;
class ContextUnitTest {
private static final String DEFINE_CONTEXT_QUERY_STRING = """
call basis.defineContext(
call base.defineContext(
cast(:currentTask as varchar(127)),
cast(:currentRequest as text),
cast(:currentSubject as varchar(63)),

View File

@ -146,7 +146,7 @@ class RbacRoleRepositoryIntegrationTest {
result.assertExceptionWithRootCauseMessage(
JpaSystemException.class,
"[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `basis.defineContext(...)` with a valid subject");
"[401] currentSubjectOrAssumedRolesUuids cannot be determined, please call `base.defineContext(...)` with a valid subject");
}
}