introduce-separate-database-schemas-hs-booking-and-hosting #106
@ -151,7 +151,7 @@ end transaction;
|
||||
|
||||
alter table rbacobject
|
||||
-- just for performance testing, we would need a joined enum or a varchar(16) which would make it slow
|
||||
add column type hs_hosting.hshostingassettype;
|
||||
add column type hs_hosting.AssetType;
|
||||
|
||||
-- and fill the type column with hs_hosting.asset types:
|
||||
|
||||
|
@ -24,7 +24,7 @@ public interface HsOfficeRelationRbacRepository extends Repository<HsOfficeRelat
|
||||
|
||||
@Query(value = """
|
||||
SELECT p.* FROM hs_office.relation_rv AS p
|
||||
WHERE (:relationType IS NULL OR p.type = cast(:relationType AS HsOfficeRelationType))
|
||||
WHERE (:relationType IS NULL OR p.type = cast(:relationType AS hs_office.RelationType))
|
||||
AND ( p.anchorUuid = :personUuid OR p.holderUuid = :personUuid)
|
||||
""", nativeQuery = true)
|
||||
List<HsOfficeRelationRbacEntity> findRelationRelatedToPersonUuidAndRelationTypeString(@NotNull UUID personUuid, String relationType);
|
||||
|
@ -24,7 +24,7 @@ public interface HsOfficeRelationRealRepository extends Repository<HsOfficeRelat
|
||||
|
||||
@Query(value = """
|
||||
SELECT p.* FROM hs_office.relation AS p
|
||||
WHERE (:relationType IS NULL OR p.type = cast(:relationType AS HsOfficeRelationType))
|
||||
WHERE (:relationType IS NULL OR p.type = cast(:relationType AS hs_office.RelationType))
|
||||
AND ( p.anchorUuid = :personUuid OR p.holderUuid = :personUuid)
|
||||
""", nativeQuery = true)
|
||||
List<HsOfficeRelationRealEntity> findRelationRelatedToPersonUuidAndRelationTypeString(@NotNull UUID personUuid, String relationType);
|
||||
|
@ -325,7 +325,7 @@ public class InsertTriggerGenerator {
|
||||
|
||||
|
||||
private String toRoleDescriptor(final RbacView.RbacRoleDefinition roleDef, final String ref) {
|
||||
final var functionName = toVar(roleDef);
|
||||
final var functionName = roleDef.descriptorFunctionName();
|
||||
if (roleDef.getEntityAlias().isGlobal()) {
|
||||
return functionName + "()";
|
||||
}
|
||||
|
@ -29,6 +29,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.RbacGrantDefinit
|
||||
import static net.hostsharing.hsadminng.rbac.generator.RbacView.RbacSubjectReference.UserRole.CREATOR;
|
||||
import static net.hostsharing.hsadminng.rbac.generator.RbacView.SQL.Part.AUTO_FETCH;
|
||||
import static org.apache.commons.collections4.SetUtils.hashSet;
|
||||
import static org.apache.commons.lang3.StringUtils.capitalize;
|
||||
import static org.apache.commons.lang3.StringUtils.uncapitalize;
|
||||
|
||||
@Getter
|
||||
@ -830,6 +831,10 @@ public class RbacView {
|
||||
public boolean isGlobal(final Role role) {
|
||||
return entityAlias.isGlobal() && this.role == role;
|
||||
}
|
||||
|
||||
public String descriptorFunctionName() {
|
||||
return entityAlias.getRawTableNameWithSchema() + "_" + capitalize(role.name());
|
||||
}
|
||||
}
|
||||
|
||||
public RbacSubjectReference findUserRef(final RbacSubjectReference.UserRole userRole) {
|
||||
|
@ -20,7 +20,6 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.RbacGrantDefinit
|
||||
import static net.hostsharing.hsadminng.rbac.generator.RbacView.Role.*;
|
||||
import static net.hostsharing.hsadminng.rbac.generator.StringWriter.with;
|
||||
import static org.apache.commons.lang3.StringUtils.capitalize;
|
||||
import static org.apache.commons.lang3.StringUtils.uncapitalize;
|
||||
|
||||
class RolesGrantsAndPermissionsGenerator {
|
||||
|
||||
@ -362,11 +361,10 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
System.out.println("null");
|
||||
}
|
||||
if (roleDef.getEntityAlias().isGlobal()) {
|
||||
return "rbac.globalAdmin()";
|
||||
return "rbac.global_ADMIN()";
|
||||
}
|
||||
final String entityRefVar = entityRefVar(rootRefVar, roleDef.getEntityAlias());
|
||||
return roleDef.getEntityAlias().simpleName() + capitalize(roleDef.getRole().name())
|
||||
+ "(" + entityRefVar + ")";
|
||||
return roleDef.descriptorFunctionName() + "(" + entityRefVar + ")";
|
||||
}
|
||||
|
||||
private String entityRefVar(
|
||||
@ -389,8 +387,8 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
plPgSql.writeLn();
|
||||
plPgSql.writeLn("perform rbac.defineRoleWithGrants(");
|
||||
plPgSql.indented(() -> {
|
||||
plPgSql.writeLn("${simpleVarName)${roleSuffix}(NEW),"
|
||||
.replace("${simpleVarName)", simpleEntityVarName)
|
||||
plPgSql.writeLn("${qualifiedRawTableName)_${roleSuffix}(NEW),"
|
||||
.replace("${qualifiedRawTableName)", qualifiedRawTableName)
|
||||
.replace("${roleSuffix}", capitalize(role.name())));
|
||||
|
||||
generatePermissionsForRole(plPgSql, role);
|
||||
@ -593,16 +591,12 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
final RbacView.RbacRoleDefinition roleDef,
|
||||
final boolean assumed) {
|
||||
final var assumedArg = assumed ? "" : ", rbac.unassumed()";
|
||||
return toRoleRef(roleDef) +
|
||||
return roleDef.descriptorFunctionName() +
|
||||
(roleDef.getEntityAlias().isGlobal() ? ( assumed ? "()" : "(rbac.unassumed())")
|
||||
: rbacDef.isRootEntityAlias(roleDef.getEntityAlias()) ? ("(" + triggerRef.name() + ")")
|
||||
: "(" + toTriggerReference(triggerRef, roleDef.getEntityAlias()) + assumedArg + ")");
|
||||
}
|
||||
|
||||
private static String toRoleRef(final RbacView.RbacRoleDefinition roleDef) {
|
||||
return uncapitalize(roleDef.getEntityAlias().simpleName()) + capitalize(roleDef.getRole().name());
|
||||
}
|
||||
|
||||
private static String toTriggerReference(
|
||||
final PostgresTriggerReference triggerRef,
|
||||
final RbacView.EntityAlias entityAlias) {
|
||||
|
@ -30,7 +30,7 @@ create or replace function rbac.isGlobalAdmin()
|
||||
returns boolean
|
||||
language plpgsql as $$
|
||||
begin
|
||||
return rbac.isGranted(rbac.currentSubjectOrAssumedRolesUuids(), rbac.findRoleId(rbac.globalAdmin()));
|
||||
return rbac.isGranted(rbac.currentSubjectOrAssumedRolesUuids(), rbac.findRoleId(rbac.global_ADMIN()));
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
@ -109,7 +109,7 @@ commit;
|
||||
/*
|
||||
A rbac.Global administrator role.
|
||||
*/
|
||||
create or replace function rbac.globalAdmin(assumed boolean = true)
|
||||
create or replace function rbac.global_ADMIN(assumed boolean = true)
|
||||
returns rbac.RoleDescriptor
|
||||
returns null on null input
|
||||
stable -- leakproof
|
||||
@ -119,7 +119,7 @@ $$;
|
||||
|
||||
begin transaction;
|
||||
call base.defineContext('creating role:rbac.global#global:ADMIN', null, null, null);
|
||||
select rbac.createRole(rbac.globalAdmin());
|
||||
select rbac.createRole(rbac.global_ADMIN());
|
||||
commit;
|
||||
--//
|
||||
|
||||
@ -157,7 +157,7 @@ do language plpgsql $$
|
||||
begin
|
||||
call base.defineContext('creating fake test-realm admin users', null, null, null);
|
||||
|
||||
admins = rbac.findRoleId(rbac.globalAdmin());
|
||||
admins = rbac.findRoleId(rbac.global_ADMIN());
|
||||
call rbac.grantRoleToSubjectUnchecked(admins, admins, rbac.create_subject('superuser-alex@hostsharing.net'));
|
||||
call rbac.grantRoleToSubjectUnchecked(admins, admins, rbac.create_subject('superuser-fran@hostsharing.net'));
|
||||
perform rbac.create_subject('selfregistered-user-drew@hostsharing.org');
|
||||
|
@ -37,7 +37,7 @@ begin
|
||||
perform rbac.defineRoleWithGrants(
|
||||
rbactest.customer_OWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[rbac.globalADMIN(rbac.unassumed())],
|
||||
incomingSuperRoles => array[rbac.global_ADMIN(rbac.unassumed())],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
@ -96,7 +96,7 @@ do language plpgsql $$
|
||||
LOOP
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(row.uuid, 'INSERT', 'rbactest.customer'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
END LOOP;
|
||||
end;
|
||||
$$;
|
||||
@ -112,7 +112,7 @@ begin
|
||||
-- unconditional for all rows in that table
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(NEW.uuid, 'INSERT', 'rbactest.customer'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
-- end.
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
@ -37,7 +37,7 @@ begin
|
||||
perform rbac.defineRoleWithGrants(
|
||||
hs_office.contact_OWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[rbac.globalADMIN()],
|
||||
incomingSuperRoles => array[rbac.global_ADMIN()],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
|
@ -4,7 +4,7 @@
|
||||
--changeset michael.hoennig:hs-office-person-MAIN-TABLE endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CREATE TYPE hs_office.HsOfficePersonType AS ENUM (
|
||||
CREATE TYPE hs_office.PersonType AS ENUM (
|
||||
'??', -- unknown
|
||||
'NP', -- natural person
|
||||
'LP', -- legal person
|
||||
@ -12,13 +12,13 @@ CREATE TYPE hs_office.HsOfficePersonType AS ENUM (
|
||||
'UF', -- unincorporated firm
|
||||
'PI'); -- public institution
|
||||
|
||||
CREATE CAST (character varying as hs_office.HsOfficePersonType) WITH INOUT AS IMPLICIT;
|
||||
CREATE CAST (character varying as hs_office.PersonType) WITH INOUT AS IMPLICIT;
|
||||
|
||||
create table if not exists hs_office.person
|
||||
(
|
||||
uuid uuid unique references rbac.object (uuid) initially deferred,
|
||||
version int not null default 0,
|
||||
personType hs_office.HsOfficePersonType not null,
|
||||
personType hs_office.PersonType not null,
|
||||
tradeName varchar(96),
|
||||
salutation varchar(30),
|
||||
title varchar(20),
|
||||
|
@ -37,7 +37,7 @@ begin
|
||||
perform rbac.defineRoleWithGrants(
|
||||
hs_office.person_OWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[rbac.globalADMIN()],
|
||||
incomingSuperRoles => array[rbac.global_ADMIN()],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
|
@ -9,7 +9,7 @@
|
||||
Creates a single person test record.
|
||||
*/
|
||||
create or replace procedure createHsOfficePersonTestData(
|
||||
newPersonType hs_office.HsOfficePersonType,
|
||||
newPersonType hs_office.PersonType,
|
||||
newTradeName varchar,
|
||||
newFamilyName varchar = null,
|
||||
newGivenName varchar = null
|
||||
|
@ -4,7 +4,7 @@
|
||||
--changeset michael.hoennig:hs-office-relation-MAIN-TABLE endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CREATE TYPE hs_office.HsOfficeRelationType AS ENUM (
|
||||
CREATE TYPE hs_office.RelationType AS ENUM (
|
||||
'UNKNOWN',
|
||||
'PARTNER',
|
||||
'EX_PARTNER',
|
||||
@ -14,7 +14,7 @@ CREATE TYPE hs_office.HsOfficeRelationType AS ENUM (
|
||||
'OPERATIONS',
|
||||
'SUBSCRIBER');
|
||||
|
||||
CREATE CAST (character varying as hs_office.HsOfficeRelationType) WITH INOUT AS IMPLICIT;
|
||||
CREATE CAST (character varying as hs_office.RelationType) WITH INOUT AS IMPLICIT;
|
||||
|
||||
create table if not exists hs_office.relation
|
||||
(
|
||||
@ -23,7 +23,7 @@ create table if not exists hs_office.relation
|
||||
anchorUuid uuid not null references hs_office.person(uuid),
|
||||
holderUuid uuid not null references hs_office.person(uuid),
|
||||
contactUuid uuid references hs_office.contact(uuid),
|
||||
type hs_office.HsOfficeRelationType not null,
|
||||
type hs_office.RelationType not null,
|
||||
mark varchar(24)
|
||||
);
|
||||
--//
|
||||
|
@ -50,7 +50,7 @@ begin
|
||||
perform rbac.defineRoleWithGrants(
|
||||
hs_office.relation_OWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[rbac.globalADMIN()],
|
||||
incomingSuperRoles => array[rbac.global_ADMIN()],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
|
@ -10,7 +10,7 @@
|
||||
*/
|
||||
create or replace procedure createHsOfficeRelationTestData(
|
||||
holderPersonName varchar,
|
||||
relationType hs_office.HsOfficeRelationType,
|
||||
relationType hs_office.RelationType,
|
||||
anchorPersonName varchar,
|
||||
contactCaption varchar,
|
||||
mark varchar default null)
|
||||
|
@ -173,7 +173,7 @@ do language plpgsql $$
|
||||
LOOP
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.partner'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
END LOOP;
|
||||
end;
|
||||
$$;
|
||||
@ -189,7 +189,7 @@ begin
|
||||
-- unconditional for all rows in that table
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.partner'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
-- end.
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
@ -77,7 +77,7 @@ do language plpgsql $$
|
||||
LOOP
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.partner_details'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
END LOOP;
|
||||
end;
|
||||
$$;
|
||||
@ -93,7 +93,7 @@ begin
|
||||
-- unconditional for all rows in that table
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.partner_details'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
-- end.
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
@ -37,7 +37,7 @@ begin
|
||||
perform rbac.defineRoleWithGrants(
|
||||
hs_office.bankaccount_OWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[rbac.globalADMIN()],
|
||||
incomingSuperRoles => array[rbac.global_ADMIN()],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
|
@ -146,7 +146,7 @@ do language plpgsql $$
|
||||
LOOP
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.debitor'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
END LOOP;
|
||||
end;
|
||||
$$;
|
||||
@ -162,7 +162,7 @@ begin
|
||||
-- unconditional for all rows in that table
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.debitor'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
-- end.
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
@ -50,7 +50,7 @@ begin
|
||||
perform rbac.defineRoleWithGrants(
|
||||
hs_office.sepamandate_OWNER(NEW),
|
||||
permissions => array['DELETE'],
|
||||
incomingSuperRoles => array[rbac.globalADMIN()],
|
||||
incomingSuperRoles => array[rbac.global_ADMIN()],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
|
@ -108,7 +108,7 @@ do language plpgsql $$
|
||||
LOOP
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(row.uuid, 'INSERT', 'hs_office.membership'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
END LOOP;
|
||||
end;
|
||||
$$;
|
||||
@ -124,7 +124,7 @@ begin
|
||||
-- unconditional for all rows in that table
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_office.membership'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
-- end.
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
@ -4,16 +4,16 @@
|
||||
--changeset michael.hoennig:hs-office-coopshares-MAIN-TABLE endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CREATE TYPE hs_office.HsOfficeCoopSharesTransactionType AS ENUM ('ADJUSTMENT', 'SUBSCRIPTION', 'CANCELLATION');
|
||||
CREATE TYPE hs_office.CoopSharesTransactionType AS ENUM ('ADJUSTMENT', 'SUBSCRIPTION', 'CANCELLATION');
|
||||
|
||||
CREATE CAST (character varying as hs_office.HsOfficeCoopSharesTransactionType) WITH INOUT AS IMPLICIT;
|
||||
CREATE CAST (character varying as hs_office.CoopSharesTransactionType) WITH INOUT AS IMPLICIT;
|
||||
|
||||
create table if not exists hs_office.coopsharestransaction
|
||||
(
|
||||
uuid uuid unique references rbac.object (uuid) initially deferred,
|
||||
version int not null default 0,
|
||||
membershipUuid uuid not null references hs_office.membership(uuid),
|
||||
transactionType hs_office.HsOfficeCoopSharesTransactionType not null,
|
||||
transactionType hs_office.CoopSharesTransactionType not null,
|
||||
valueDate date not null,
|
||||
shareCount integer not null,
|
||||
reference varchar(48) not null,
|
||||
|
@ -4,7 +4,7 @@
|
||||
--changeset michael.hoennig:hs-office-coopassets-MAIN-TABLE endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
CREATE TYPE hs_office.HsOfficeCoopAssetsTransactionType AS ENUM ('ADJUSTMENT',
|
||||
CREATE TYPE hs_office.CoopAssetsTransactionType AS ENUM ('ADJUSTMENT',
|
||||
'DEPOSIT',
|
||||
'DISBURSAL',
|
||||
'TRANSFER',
|
||||
@ -13,14 +13,14 @@ CREATE TYPE hs_office.HsOfficeCoopAssetsTransactionType AS ENUM ('ADJUSTMENT',
|
||||
'LOSS',
|
||||
'LIMITATION');
|
||||
|
||||
CREATE CAST (character varying as hs_office.HsOfficeCoopAssetsTransactionType) WITH INOUT AS IMPLICIT;
|
||||
CREATE CAST (character varying as hs_office.CoopAssetsTransactionType) WITH INOUT AS IMPLICIT;
|
||||
|
||||
create table if not exists hs_office.coopassetstransaction
|
||||
(
|
||||
uuid uuid unique references rbac.object (uuid) initially deferred,
|
||||
version int not null default 0,
|
||||
membershipUuid uuid not null references hs_office.membership(uuid),
|
||||
transactionType hs_office.HsOfficeCoopAssetsTransactionType not null,
|
||||
transactionType hs_office.CoopAssetsTransactionType not null,
|
||||
valueDate date not null,
|
||||
assetValue money not null,
|
||||
reference varchar(48) not null,
|
||||
|
@ -70,7 +70,7 @@ begin
|
||||
outgoingSubRoles => array[hs_office.relation_TENANT(newDebitorRel)]
|
||||
);
|
||||
|
||||
call rbac.grantPermissionToRole(rbac.createPermission(NEW.uuid, 'DELETE'), rbac.globalAdmin());
|
||||
call rbac.grantPermissionToRole(rbac.createPermission(NEW.uuid, 'DELETE'), rbac.global_ADMIN());
|
||||
|
||||
call rbac.leaveTriggerForObjectUuid(NEW.uuid);
|
||||
end; $$;
|
||||
|
@ -4,7 +4,7 @@
|
||||
--changeset michael.hoennig:booking-item-MAIN-TABLE endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create type hs_booking.HsBookingItemType as enum (
|
||||
create type hs_booking.ItemType as enum (
|
||||
'PRIVATE_CLOUD',
|
||||
'CLOUD_SERVER',
|
||||
'MANAGED_SERVER',
|
||||
@ -12,14 +12,14 @@ create type hs_booking.HsBookingItemType as enum (
|
||||
'DOMAIN_SETUP'
|
||||
);
|
||||
|
||||
CREATE CAST (character varying as hs_booking.HsBookingItemType) WITH INOUT AS IMPLICIT;
|
||||
CREATE CAST (character varying as hs_booking.ItemType) WITH INOUT AS IMPLICIT;
|
||||
|
||||
create table if not exists hs_booking.item
|
||||
(
|
||||
uuid uuid unique references rbac.object (uuid),
|
||||
version int not null default 0,
|
||||
projectUuid uuid null references hs_booking.project(uuid),
|
||||
type hs_booking.HsBookingItemType not null,
|
||||
type hs_booking.ItemType not null,
|
||||
parentItemUuid uuid null references hs_booking.item(uuid) initially deferred,
|
||||
validity daterange not null,
|
||||
caption varchar(80) not null,
|
||||
|
@ -69,7 +69,7 @@ begin
|
||||
|
||||
|
||||
|
||||
call rbac.grantPermissionToRole(rbac.createPermission(NEW.uuid, 'DELETE'), rbac.globalAdmin());
|
||||
call rbac.grantPermissionToRole(rbac.createPermission(NEW.uuid, 'DELETE'), rbac.global_ADMIN());
|
||||
|
||||
call rbac.leaveTriggerForObjectUuid(NEW.uuid);
|
||||
end; $$;
|
||||
@ -114,7 +114,7 @@ do language plpgsql $$
|
||||
LOOP
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(row.uuid, 'INSERT', 'hs_booking.item'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
END LOOP;
|
||||
end;
|
||||
$$;
|
||||
@ -130,7 +130,7 @@ begin
|
||||
-- unconditional for all rows in that table
|
||||
call rbac.grantPermissionToRole(
|
||||
rbac.createPermission(NEW.uuid, 'INSERT', 'hs_booking.item'),
|
||||
rbac.globalADMIN());
|
||||
rbac.global_ADMIN());
|
||||
-- end.
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
@ -4,7 +4,7 @@
|
||||
--changeset michael.hoennig:hosting-asset-MAIN-TABLE endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create type hs_hosting.HsHostingAssetType as enum (
|
||||
create type hs_hosting.AssetType as enum (
|
||||
'CLOUD_SERVER',
|
||||
'MANAGED_SERVER',
|
||||
'MANAGED_WEBSPACE',
|
||||
@ -26,14 +26,14 @@ create type hs_hosting.HsHostingAssetType as enum (
|
||||
'IPV6_NUMBER'
|
||||
);
|
||||
|
||||
CREATE CAST (character varying as hs_hosting.HsHostingAssetType) WITH INOUT AS IMPLICIT;
|
||||
CREATE CAST (character varying as hs_hosting.AssetType) WITH INOUT AS IMPLICIT;
|
||||
|
||||
create table if not exists hs_hosting.asset
|
||||
(
|
||||
uuid uuid unique references rbac.object (uuid),
|
||||
version int not null default 0,
|
||||
bookingItemUuid uuid null references hs_booking.item(uuid),
|
||||
type hs_hosting.HsHostingAssetType not null,
|
||||
type hs_hosting.AssetType not null,
|
||||
parentAssetUuid uuid null references hs_hosting.asset(uuid) initially deferred,
|
||||
assignedToAssetUuid uuid null references hs_hosting.asset(uuid) initially deferred,
|
||||
identifier varchar(80) not null,
|
||||
@ -58,8 +58,8 @@ create or replace function hs_hosting.asset_type_hierarchy_check_tf()
|
||||
returns trigger
|
||||
language plpgsql as $$
|
||||
declare
|
||||
actualParentType hs_hosting.HsHostingAssetType;
|
||||
expectedParentType hs_hosting.HsHostingAssetType;
|
||||
actualParentType hs_hosting.AssetType;
|
||||
expectedParentType hs_hosting.AssetType;
|
||||
begin
|
||||
if NEW.parentAssetUuid is not null then
|
||||
actualParentType := (select type
|
||||
@ -134,8 +134,8 @@ create or replace function hs_hosting.asset_booking_item_hierarchy_check_tf()
|
||||
returns trigger
|
||||
language plpgsql as $$
|
||||
declare
|
||||
actualBookingItemType hs_booking.HsBookingItemType;
|
||||
expectedBookingItemType hs_booking.HsBookingItemType;
|
||||
actualBookingItemType hs_booking.ItemType;
|
||||
expectedBookingItemType hs_booking.ItemType;
|
||||
begin
|
||||
actualBookingItemType := (select type
|
||||
from hs_booking.item
|
||||
|
@ -52,7 +52,7 @@ begin
|
||||
incomingSuperRoles => array[
|
||||
hs_booking.item_ADMIN(newBookingItem),
|
||||
hs_hosting.asset_ADMIN(newParentAsset),
|
||||
rbac.globalADMIN(rbac.unassumed())],
|
||||
rbac.global_ADMIN(rbac.unassumed())],
|
||||
subjectUuids => array[rbac.currentSubjectUuid()]
|
||||
);
|
||||
|
||||
|
@ -1145,7 +1145,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
|
||||
final int expectedCountInTestDataCount,
|
||||
final int minCountExpectedInProdData) {
|
||||
final var q = em.createNativeQuery(
|
||||
"select count(*) from hs_hosting.asset where type = cast(:type as hs_hosting.HsHostingAssetType)",
|
||||
"select count(*) from hs_hosting.asset where type = cast(:type as hs_hosting.AssetType)",
|
||||
Integer.class);
|
||||
q.setParameter("type", assetType.name());
|
||||
final var count = (Integer) q.getSingleResult();
|
||||
|
@ -39,9 +39,6 @@ class HsOfficeRelationControllerAcceptanceTest extends ContextBasedTestWithClean
|
||||
@Autowired
|
||||
Context context;
|
||||
|
||||
@Autowired
|
||||
Context contextMock;
|
||||
|
||||
@Autowired
|
||||
HsOfficeRelationRealRepository relationrealRepo;
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user