introduce-separate-database-schemas-hs-booking-and-hosting #106

Merged
hsh-michaelhoennig merged 14 commits from introduce-separate-database-schemas-hs-booking-and-hosting into master 2024-09-23 10:52:39 +02:00
24 changed files with 185 additions and 175 deletions
Showing only changes of commit 87671f310c - Show all commits

View File

@ -199,7 +199,7 @@ Limit (cost=6549.08..6549.35 rows=54 width=16)
Group Key: grants.descendantuuid Group Key: grants.descendantuuid
-> CTE Scan on grants (cost=0.00..22.06 rows=1103 width=16) -> CTE Scan on grants (cost=0.00..22.06 rows=1103 width=16)
-> Index Only Scan using rbacobject_objecttable_uuid_key on rbacobject obj (cost=0.28..0.31 rows=1 width=16) -> Index Only Scan using rbacobject_objecttable_uuid_key on rbacobject obj (cost=0.28..0.31 rows=1 width=16)
Index Cond: ((objecttable = 'hs_hosting_asset'::text) AND (uuid = perm.objectuuid)) Index Cond: ((objecttable = 'hs_hosting.asset'::text) AND (uuid = perm.objectuuid))
``` ```
### Office-Relation-Query ### Office-Relation-Query
@ -276,8 +276,8 @@ At this point, the import took 21mins with these statistics:
| call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) | 31316 | 0 | 1 | | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) | 31316 | 0 | 1 |
| call buildRbacSystemForHsHostingAsset(NEW) | 2258 | 0 | 7 | | call buildRbacSystemForHsHostingAsset(NEW) | 2258 | 0 | 7 |
| select * from rbac.isGranted(array[granteeId], grantedId) | 44613 | 0 | 0 | | select * from rbac.isGranted(array[granteeId], grantedId) | 44613 | 0 | 0 |
| insert into public.hs_hosting_asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10) | 2207 | 0 | 7 | | insert into public.hs_hosting.asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10) | 2207 | 0 | 7 |
| insert into hs_hosting_asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning * | 2207 | 0 | 7 | | insert into hs_hosting.asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning * | 2207 | 0 | 7 |
| insert into public.hs_office.relation_rv (anchoruuid,contactuuid,holderuuid,mark,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7) | 1261 | 0 | 9 | | insert into public.hs_office.relation_rv (anchoruuid,contactuuid,holderuuid,mark,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7) | 1261 | 0 | 9 |
| insert into hs_office.relation (uuid, version, anchoruuid, holderuuid, contactuuid, type, mark) values (new.uuid, new. version, new. anchoruuid, new. holderuuid, new. contactuuid, new. type, new. mark) returning * | 1261 | 0 | 9 | | insert into hs_office.relation (uuid, version, anchoruuid, holderuuid, contactuuid, type, mark) values (new.uuid, new. version, new. anchoruuid, new. holderuuid, new. contactuuid, new. type, new. mark) returning * | 1261 | 0 | 9 |
| call buildRbacSystemForHsOfficeRelation(NEW) | 1276 | 0 | 8 | | call buildRbacSystemForHsOfficeRelation(NEW) | 1276 | 0 | 8 |
@ -300,8 +300,8 @@ We changed these mappings from `EAGER` (default) to `LAZY` to `@ManyToOne(fetch
| call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) | 31316 | 0 | 1 | | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) | 31316 | 0 | 1 |
| select * from rbac.isGranted(array[granteeId], grantedId) | 44613 | 0 | 0 | | select * from rbac.isGranted(array[granteeId], grantedId) | 44613 | 0 | 0 |
| call buildRbacSystemForHsHostingAsset(NEW) | 2258 | 0 | 7 | | call buildRbacSystemForHsHostingAsset(NEW) | 2258 | 0 | 7 |
| insert into public.hs_hosting_asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10) | 2207 | 0 | 7 | | insert into public.hs_hosting.asset_rv (alarmcontactuuid,assignedtoassetuuid,bookingitemuuid,caption,config,identifier,parentassetuuid,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10) | 2207 | 0 | 7 |
| insert into hs_hosting_asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning * | 2207 | 0 | 7 | | insert into hs_hosting.asset (alarmcontactuuid, version, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, config, uuid, identifier, caption) values (new.alarmcontactuuid, new. version, new. bookingitemuuid, new. type, new. parentassetuuid, new. assignedtoassetuuid, new. config, new. uuid, new. identifier, new. caption) returning * | 2207 | 0 | 7 |
| with recursive grants as ( select descendantUuid, ascendantUuid from RbacGrants where descendantUuid = grantedId union all select ""grant"".descendantUuid, ""grant"".ascendantUuid from RbacGrants ""grant"" inner join grants recur on recur.ascendantUuid = ""grant"".descendantUuid ) select exists ( select $3 from grants where ascendantUuid = any(granteeIds) ) or grantedId = any(granteeIds) | 47538 | 0 | 0 | | with recursive grants as ( select descendantUuid, ascendantUuid from RbacGrants where descendantUuid = grantedId union all select ""grant"".descendantUuid, ""grant"".ascendantUuid from RbacGrants ""grant"" inner join grants recur on recur.ascendantUuid = ""grant"".descendantUuid ) select exists ( select $3 from grants where ascendantUuid = any(granteeIds) ) or grantedId = any(granteeIds) | 47538 | 0 | 0 |
insert into public.hs_office.relation_rv (anchoruuid,contactuuid,holderuuid,mark,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7) | 1261 | 0 | 8 | insert into public.hs_office.relation_rv (anchoruuid,contactuuid,holderuuid,mark,type,version,uuid) values ($1,$2,$3,$4,$5,$6,$7) | 1261 | 0 | 8 |
| insert into hs_office.relation (uuid, version, anchoruuid, holderuuid, contactuuid, type, mark) values (new.uuid, new. version, new. anchoruuid, new. holderuuid, new. contactuuid, new. type, new. mark) returning * | 1261 | 0 | 8 | | insert into hs_office.relation (uuid, version, anchoruuid, holderuuid, contactuuid, type, mark) values (new.uuid, new. version, new. anchoruuid, new. holderuuid, new. contactuuid, new. type, new. mark) returning * | 1261 | 0 | 8 |
@ -318,7 +318,7 @@ But once UnixUser and EmailAlias assets got added to the import, the total time
This was not acceptable, especially not, considering that domains, email-addresses and database-assets are almost 10 times that number and thus the import would go up to over 1100min which is 20 hours. This was not acceptable, especially not, considering that domains, email-addresses and database-assets are almost 10 times that number and thus the import would go up to over 1100min which is 20 hours.
In a first step, a `HsHostingAssetRawEntity` was created, mapped to the raw table (hs_hosting_asset) not to the RBAC-view (hs_hosting_asset_rv). Unfortunately we did not keep measurements, but that was only part of the problem anyway. In a first step, a `HsHostingAssetRawEntity` was created, mapped to the raw table (hs_hosting.asset) not to the RBAC-view (hs_hosting.asset_rv). Unfortunately we did not keep measurements, but that was only part of the problem anyway.
The main problem was, that there is something strange with persisting (`EntityManager.persist`) for EmailAlias assets. Where importing UnixUsers was mostly slow due to RBAC SELECT-permission checks, persisting EmailAliases suddenly created about a million (in numbers 1.000.000) SQL UPDATE statements after the INSERT, all with the same data, just increased version number (used for optimistic locking). We were not able to figure out why this happened. The main problem was, that there is something strange with persisting (`EntityManager.persist`) for EmailAlias assets. Where importing UnixUsers was mostly slow due to RBAC SELECT-permission checks, persisting EmailAliases suddenly created about a million (in numbers 1.000.000) SQL UPDATE statements after the INSERT, all with the same data, just increased version number (used for optimistic locking). We were not able to figure out why this happened.
@ -330,7 +330,7 @@ Now, the longest running queries are these:
| No.| calls | total_m | mean_ms | query | | No.| calls | total_m | mean_ms | query |
|---:|---------|--------:|--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| |---:|---------|--------:|--------:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| 1 | 13.093 | 4 | 21 | insert into hs_hosting_asset( uuid, type, bookingitemuuid, parentassetuuid, assignedtoassetuuid, alarmcontactuuid, identifier, caption, config, version) values ( $1, $2, $3, $4, $5, $6, $7, $8, cast($9 as jsonb), $10) | | 1 | 13.093 | 4 | 21 | insert into hs_hosting.asset( uuid, type, bookingitemuuid, parentassetuuid, assignedtoassetuuid, alarmcontactuuid, identifier, caption, config, version) values ( $1, $2, $3, $4, $5, $6, $7, $8, cast($9 as jsonb), $10) |
| 2 | 517 | 4 | 502 | select hore1_0.uuid,hore1_0.anchoruuid,hore1_0.contactuuid,hore1_0.holderuuid,hore1_0.mark,hore1_0.type,hore1_0.version from public.hs_office.relation_rv hore1_0 where hore1_0.uuid=$1 | | 2 | 517 | 4 | 502 | select hore1_0.uuid,hore1_0.anchoruuid,hore1_0.contactuuid,hore1_0.holderuuid,hore1_0.mark,hore1_0.type,hore1_0.version from public.hs_office.relation_rv hore1_0 where hore1_0.uuid=$1 |
| 3 | 13.144 | 4 | 21 | call buildRbacSystemForHsHostingAsset(NEW) | | 3 | 13.144 | 4 | 21 | call buildRbacSystemForHsHostingAsset(NEW) |
| 4 | 96.632 | 3 | 2 | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) | | 4 | 96.632 | 3 | 2 | call rbac.grantRoleToRole(roleUuid, superRoleUuid, superRoleDesc.assumed) |
@ -341,7 +341,7 @@ Now, the longest running queries are these:
| 9 | 13.144 | 1 | 8 | SELECT createRoleWithGrants( hsHostingAssetTENANT(NEW), permissions => array[$7], incomingSuperRoles => array[ hsHostingAssetAGENT(NEW), hsOfficeContactADMIN(newAlarmContact)], outgoingSubRoles => array[ hsBookingItemTENANT(newBookingItem), hsHostingAssetTENANT(newParentAsset)] ) | | 9 | 13.144 | 1 | 8 | SELECT createRoleWithGrants( hsHostingAssetTENANT(NEW), permissions => array[$7], incomingSuperRoles => array[ hsHostingAssetAGENT(NEW), hsOfficeContactADMIN(newAlarmContact)], outgoingSubRoles => array[ hsBookingItemTENANT(newBookingItem), hsHostingAssetTENANT(newParentAsset)] ) |
| 10 | 13.144 | 1 | 5 | SELECT createRoleWithGrants( hsHostingAssetADMIN(NEW), permissions => array[$7], incomingSuperRoles => array[ hsBookingItemAGENT(newBookingItem), hsHostingAssetAGENT(newParentAsset), hsHostingAssetOWNER(NEW)] ) | | 10 | 13.144 | 1 | 5 | SELECT createRoleWithGrants( hsHostingAssetADMIN(NEW), permissions => array[$7], incomingSuperRoles => array[ hsBookingItemAGENT(newBookingItem), hsHostingAssetAGENT(newParentAsset), hsHostingAssetOWNER(NEW)] ) |
That the `INSERT into hs_hosting_asset` (No. 1) takes up the most time, seems to be normal, and 21ms for each call is also fine. That the `INSERT into hs_hosting.asset` (No. 1) takes up the most time, seems to be normal, and 21ms for each call is also fine.
It seems that the trigger effects (eg. No. 3 and No. 4) are included in the measure for the causing INSERT, otherwise summing up the totals would exceed the actual total time of the whole import. And it was to be expected that building the RBAC rules for new business objects takes most of the time. It seems that the trigger effects (eg. No. 3 and No. 4) are included in the measure for the causing INSERT, otherwise summing up the totals would exceed the actual total time of the whole import. And it was to be expected that building the RBAC rules for new business objects takes most of the time.
@ -408,12 +408,12 @@ We found some solution approaches:
This optimization idea came from Michael Hierweck and was promising. This optimization idea came from Michael Hierweck and was promising.
The idea is to reduce the size of the result of the recursive CTE query and maybe even speed up that query itself. The idea is to reduce the size of the result of the recursive CTE query and maybe even speed up that query itself.
To evaluate this, I added a type column to the `rbacObject` table, initially as an enum hsHostingAssetType. Then I entered the type there for all rows from hs_hosting_asset. This means that 83,886 of 92,545 rows in `rbacobject` have a type set, leaving 8,659 without. To evaluate this, I added a type column to the `rbacObject` table, initially as an enum hsHostingAssetType. Then I entered the type there for all rows from hs_hosting.asset. This means that 83,886 of 92,545 rows in `rbacobject` have a type set, leaving 8,659 without.
If we do this for other types (we currently have 1,271 relations and 927 booking items), it gets more complicated because they are different enum types. As varchar(16), we could lose performance again due to the higher storage space requirements. If we do this for other types (we currently have 1,271 relations and 927 booking items), it gets more complicated because they are different enum types. As varchar(16), we could lose performance again due to the higher storage space requirements.
But the performance gained is not particularly high anyway. But the performance gained is not particularly high anyway.
See the average seconds per recursive CTE select as role 'hs_hosting_asset:<DEBITOR>defaultproject:ADMIN', See the average seconds per recursive CTE select as role 'hs_hosting.asset:<DEBITOR>defaultproject:ADMIN',
joined with business query for all `'EMAIL_ADDRESSES'`: joined with business query for all `'EMAIL_ADDRESSES'`:
| | D-1000000-hsh | D-1000300-mih | | | D-1000000-hsh | D-1000300-mih |

View File

@ -10,17 +10,17 @@ call defineContext('historization testing', null, 'superuser-alex@hostsharing.ne
'hs_booking.project#D-1000313-D-1000313defaultproject:ADMIN'); -- prod+test 'hs_booking.project#D-1000313-D-1000313defaultproject:ADMIN'); -- prod+test
-- 'hs_booking.project#D-1000300-mihdefaultproject:ADMIN'); -- prod -- 'hs_booking.project#D-1000300-mihdefaultproject:ADMIN'); -- prod
-- 'hs_booking.project#D-1000300-mimdefaultproject:ADMIN'); -- test -- 'hs_booking.project#D-1000300-mimdefaultproject:ADMIN'); -- test
-- update hs_hosting_asset set caption='lug00 b' where identifier = 'lug00' and type = 'MANAGED_WEBSPACE'; -- prod -- update hs_hosting.asset set caption='lug00 b' where identifier = 'lug00' and type = 'MANAGED_WEBSPACE'; -- prod
-- update hs_hosting_asset set caption='hsh00 A ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test -- update hs_hosting.asset set caption='hsh00 A ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test
-- update hs_hosting_asset set caption='hsh00 B ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test -- update hs_hosting.asset set caption='hsh00 B ' || now()::text where identifier = 'hsh00' and type = 'MANAGED_WEBSPACE'; -- test
-- insert into hs_hosting_asset -- insert into hs_hosting.asset
-- (uuid, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, identifier, caption, config, alarmcontactuuid) -- (uuid, bookingitemuuid, type, parentassetuuid, assignedtoassetuuid, identifier, caption, config, alarmcontactuuid)
-- values -- values
-- (uuid_generate_v4(), null, 'EMAIL_ADDRESS', 'bbda5895-0569-4e20-bb4c-34f3a38f3f63'::uuid, null, -- (uuid_generate_v4(), null, 'EMAIL_ADDRESS', 'bbda5895-0569-4e20-bb4c-34f3a38f3f63'::uuid, null,
-- 'new@thi.example.org', 'some new E-Mail-Address', '{}'::jsonb, null); -- 'new@thi.example.org', 'some new E-Mail-Address', '{}'::jsonb, null);
delete from hs_hosting_asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::uuid; delete from hs_hosting.asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::uuid;
commit; commit;
-- single version at point in time -- single version at point in time
@ -29,11 +29,11 @@ set hsadminng.tx_history_txid to '';
set hsadminng.tx_history_timestamp to '2024-08-29 12:42'; set hsadminng.tx_history_timestamp to '2024-08-29 12:42';
-- all versions -- all versions
select base.tx_history_txid(), txc.txtimestamp, txc.currentSubject, txc.currentTask, haex.* select base.tx_history_txid(), txc.txtimestamp, txc.currentSubject, txc.currentTask, haex.*
from hs_hosting_asset_ex haex from hs_hosting.asset_ex haex
join base.tx_context txc on haex.txid=txc.txid join base.tx_context txc on haex.txid=txc.txid
where haex.identifier = 'test@thi.example.org'; where haex.identifier = 'test@thi.example.org';
select uuid, version, type, identifier, caption from hs_hosting_asset_hv p where identifier = 'test@thi.example.org'; select uuid, version, type, identifier, caption from hs_hosting.asset_hv p where identifier = 'test@thi.example.org';
select pg_current_xact_id(); select pg_current_xact_id();

View File

@ -6,10 +6,10 @@ select * from hs_statistics_v;
-- This is the extracted recursive CTE query to determine the visible object UUIDs of a single table -- This is the extracted recursive CTE query to determine the visible object UUIDs of a single table
-- (and optionally the hosting-asset-type) as a separate VIEW. -- (and optionally the hosting-asset-type) as a separate VIEW.
-- In the generated code this is part of the hs_hosting_asset_rv VIEW. -- In the generated code this is part of the hs_hosting.asset_rv VIEW.
drop view if exists hs_hosting_asset_example_gv; drop view if exists hs_hosting.asset_example_gv;
create view hs_hosting_asset_example_gv as create view hs_hosting.asset_example_gv as
with recursive with recursive
recursive_grants as ( recursive_grants as (
select distinct rbacgrants.descendantuuid, select distinct rbacgrants.descendantuuid,
@ -40,7 +40,7 @@ select distinct perm.objectuuid
join rbacpermission perm on recursive_grants.descendantuuid = perm.uuid join rbacpermission perm on recursive_grants.descendantuuid = perm.uuid
join rbacobject obj on obj.uuid = perm.objectuuid join rbacobject obj on obj.uuid = perm.objectuuid
join count_check cc on cc.valid join count_check cc on cc.valid
where obj.objecttable::text = 'hs_hosting_asset'::text where obj.objecttable::text = 'hs_hosting.asset'::text
-- with/without this type condition -- with/without this type condition
-- and obj.type = 'EMAIL_ADDRESS'::hshostingassettype -- and obj.type = 'EMAIL_ADDRESS'::hshostingassettype
and obj.type = 'EMAIL_ADDRESS'::hshostingassettype and obj.type = 'EMAIL_ADDRESS'::hshostingassettype
@ -56,7 +56,7 @@ CALL defineContext('performance testing', null, 'superuser-alex@hostsharing.net'
'hs_booking.project#D-1000000-hshdefaultproject:ADMIN'); 'hs_booking.project#D-1000000-hshdefaultproject:ADMIN');
-- 'hs_booking.project#D-1000300-mihdefaultproject:ADMIN'); -- 'hs_booking.project#D-1000300-mihdefaultproject:ADMIN');
SET TRANSACTION READ ONLY; SET TRANSACTION READ ONLY;
EXPLAIN ANALYZE select * from hs_hosting_asset_example_gv; EXPLAIN ANALYZE select * from hs_hosting.asset_example_gv;
end transaction ; end transaction ;
-- ======================================================== -- ========================================================
@ -64,15 +64,15 @@ end transaction ;
-- An example for a restricted view (_rv) similar to the one generated by our RBAC system, -- An example for a restricted view (_rv) similar to the one generated by our RBAC system,
-- but using the above separate VIEW to determine the visible objects. -- but using the above separate VIEW to determine the visible objects.
drop view if exists hs_hosting_asset_example_rv; drop view if exists hs_hosting.asset_example_rv;
create view hs_hosting_asset_example_rv as create view hs_hosting.asset_example_rv as
with accessible_hs_hosting_asset_uuids as ( with accessible_hs_hosting.asset_uuids as (
select * from hs_hosting_asset_example_gv select * from hs_hosting.asset_example_gv
) )
select target.* select target.*
from hs_hosting_asset target from hs_hosting.asset target
where (target.uuid in (select accessible_hs_hosting_asset_uuids.objectuuid where (target.uuid in (select accessible_hs_hosting.asset_uuids.objectuuid
from accessible_hs_hosting_asset_uuids)); from accessible_hs_hosting.asset_uuids));
-- ------------------------------------------------------------------------------- -- -------------------------------------------------------------------------------
@ -99,7 +99,7 @@ BEGIN
-- An example for a business query based on the view: -- An example for a business query based on the view:
select type, uuid, identifier, caption select type, uuid, identifier, caption
from hs_hosting_asset_example_rv from hs_hosting.asset_example_rv
where type = 'EMAIL_ADDRESS' where type = 'EMAIL_ADDRESS'
and identifier like letter || '%' and identifier like letter || '%'
-- end of the business query example. -- end of the business query example.
@ -115,7 +115,7 @@ BEGIN
END; END;
$$; $$;
-- average seconds per recursive CTE select as role 'hs_hosting_asset:<DEBITOR>defaultproject:ADMIN' -- average seconds per recursive CTE select as role 'hs_hosting.asset:<DEBITOR>defaultproject:ADMIN'
-- joined with business query for all 'EMAIL_ADDRESSES': -- joined with business query for all 'EMAIL_ADDRESSES':
-- D-1000000-hsh D-1000300-mih -- D-1000000-hsh D-1000300-mih
-- - without type comparison in rbacobject: ~3.30 - ~3.49 ~0.23 -- - without type comparison in rbacobject: ~3.30 - ~3.49 ~0.23
@ -136,7 +136,7 @@ EXPLAIN SELECT * from (
-- An example for a business query based on the view: -- An example for a business query based on the view:
select type, uuid, identifier, caption select type, uuid, identifier, caption
from hs_hosting_asset_example_rv from hs_hosting.asset_example_rv
where type = 'EMAIL_ADDRESS' where type = 'EMAIL_ADDRESS'
-- and identifier like 'b%' -- and identifier like 'b%'
-- end of the business query example. -- end of the business query example.
@ -151,17 +151,17 @@ end transaction;
alter table rbacobject alter table rbacobject
-- just for performance testing, we would need a joined enum or a varchar(16) which would make it slow -- just for performance testing, we would need a joined enum or a varchar(16) which would make it slow
add column type hshostingassettype; add column type hs_hosting.hshostingassettype;
-- and fill the type column with hs_hosting_asset types: -- and fill the type column with hs_hosting.asset types:
rollback transaction; rollback transaction;
begin transaction; begin transaction;
call defineContext('setting rbacobject.type from hs_hosting_asset.type', null, 'superuser-alex@hostsharing.net'); call defineContext('setting rbacobject.type from hs_hosting.asset.type', null, 'superuser-alex@hostsharing.net');
UPDATE rbacobject UPDATE rbacobject
SET type = hs.type SET type = hs.type
FROM hs_hosting_asset hs FROM hs_hosting.asset hs
WHERE rbacobject.uuid = hs.uuid; WHERE rbacobject.uuid = hs.uuid;
end transaction; end transaction;

View File

@ -33,7 +33,7 @@ import static net.hostsharing.hsadminng.rbac.generator.RbacView.SQL.directlyFetc
import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor; import static net.hostsharing.hsadminng.rbac.generator.RbacView.rbacViewFor;
@Entity @Entity
@Table(name = "hs_hosting_asset_rv") @Table(schema = "hs_hosting", name = "asset_rv")
@SuperBuilder(toBuilder = true) @SuperBuilder(toBuilder = true)
@Getter @Getter
@Setter @Setter

View File

@ -25,15 +25,15 @@ public interface HsHostingAssetRbacRepository extends HsHostingAssetRepository<H
ha.parentassetuuid, ha.parentassetuuid,
ha.type, ha.type,
ha.version ha.version
from hs_hosting_asset_rv ha from hs_hosting.asset_rv ha
left join hs_booking.item bi on bi.uuid = ha.bookingitemuuid left join hs_booking.item bi on bi.uuid = ha.bookingitemuuid
left join hs_hosting_asset pha on pha.uuid = ha.parentassetuuid left join hs_hosting.asset pha on pha.uuid = ha.parentassetuuid
where (:projectUuid is null or bi.projectuuid=:projectUuid) where (:projectUuid is null or bi.projectuuid=:projectUuid)
and (:parentAssetUuid is null or pha.uuid=:parentAssetUuid) and (:parentAssetUuid is null or pha.uuid=:parentAssetUuid)
and (:type is null or :type=cast(ha.type as text)) and (:type is null or :type=cast(ha.type as text))
""", nativeQuery = true) """, nativeQuery = true)
// The JPQL query did not generate "left join" but just "join". // The JPQL query did not generate "left join" but just "join".
// I also optimized the query by not using the _rv for hs_booking.item and hs_hosting_asset, only for hs_hosting_asset_rv. // I also optimized the query by not using the _rv for hs_booking.item and hs_hosting.asset, only for hs_hosting.asset_rv.
List<HsHostingAssetRbacEntity> findAllByCriteriaImpl(UUID projectUuid, UUID parentAssetUuid, String type); List<HsHostingAssetRbacEntity> findAllByCriteriaImpl(UUID projectUuid, UUID parentAssetUuid, String type);
default List<HsHostingAssetRbacEntity> findAllByCriteria(final UUID projectUuid, final UUID parentAssetUuid, final HsHostingAssetType type) { default List<HsHostingAssetRbacEntity> findAllByCriteria(final UUID projectUuid, final UUID parentAssetUuid, final HsHostingAssetType type) {
return findAllByCriteriaImpl(projectUuid, parentAssetUuid, HsHostingAssetType.asString(type)); return findAllByCriteriaImpl(projectUuid, parentAssetUuid, HsHostingAssetType.asString(type));

View File

@ -9,7 +9,7 @@ import jakarta.persistence.Entity;
import jakarta.persistence.Table; import jakarta.persistence.Table;
@Entity @Entity
@Table(name = "hs_hosting_asset") @Table(schema = "hs_hosting", name = "asset")
@SuperBuilder(builderMethodName = "genericBuilder", toBuilder = true) @SuperBuilder(builderMethodName = "genericBuilder", toBuilder = true)
@Getter @Getter
@Setter @Setter

View File

@ -24,15 +24,15 @@ public interface HsHostingAssetRealRepository extends HsHostingAssetRepository<H
ha.parentassetuuid, ha.parentassetuuid,
ha.type, ha.type,
ha.version ha.version
from hs_hosting_asset_rv ha from hs_hosting.asset_rv ha
left join hs_booking.item bi on bi.uuid = ha.bookingitemuuid left join hs_booking.item bi on bi.uuid = ha.bookingitemuuid
left join hs_hosting_asset pha on pha.uuid = ha.parentassetuuid left join hs_hosting.asset pha on pha.uuid = ha.parentassetuuid
where (:projectUuid is null or bi.projectuuid=:projectUuid) where (:projectUuid is null or bi.projectuuid=:projectUuid)
and (:parentAssetUuid is null or pha.uuid=:parentAssetUuid) and (:parentAssetUuid is null or pha.uuid=:parentAssetUuid)
and (:type is null or :type=cast(ha.type as text)) and (:type is null or :type=cast(ha.type as text))
""", nativeQuery = true) """, nativeQuery = true)
// The JPQL query did not generate "left join" but just "join". // The JPQL query did not generate "left join" but just "join".
// I also optimized the query by not using the _rv for hs_booking.item and hs_hosting_asset, only for hs_hosting_asset_rv. // I also optimized the query by not using the _rv for hs_booking.item and hs_hosting.asset, only for hs_hosting.asset_rv.
List<HsHostingAssetRealEntity> findAllByCriteriaImpl(UUID projectUuid, UUID parentAssetUuid, String type); List<HsHostingAssetRealEntity> findAllByCriteriaImpl(UUID projectUuid, UUID parentAssetUuid, String type);
default List<HsHostingAssetRealEntity> findAllByCriteria(final UUID projectUuid, final UUID parentAssetUuid, final HsHostingAssetType type) { default List<HsHostingAssetRealEntity> findAllByCriteria(final UUID projectUuid, final UUID parentAssetUuid, final HsHostingAssetType type) {
return findAllByCriteriaImpl(projectUuid, parentAssetUuid, HsHostingAssetType.asString(type)); return findAllByCriteriaImpl(projectUuid, parentAssetUuid, HsHostingAssetType.asString(type));

View File

@ -53,7 +53,7 @@ class HsUnixUserHostingAssetValidator extends HostingAssetEntityValidator {
} }
private static Integer computeUserId(final EntityManager em, final PropertiesProvider propertiesProvider) { private static Integer computeUserId(final EntityManager em, final PropertiesProvider propertiesProvider) {
final Object result = em.createNativeQuery("SELECT nextval('hs_hosting_asset_unixuser_system_id_seq')", Integer.class) final Object result = em.createNativeQuery("SELECT nextval('hs_hosting.asset_unixuser_system_id_seq')", Integer.class)
.getSingleResult(); .getSingleResult();
return (Integer) result; return (Integer) result;
} }

View File

@ -89,7 +89,7 @@ public class InsertTriggerGenerator {
with("superRoleRef", toRoleDescriptor(g.getSuperRoleDef(), "row"))); with("superRoleRef", toRoleDescriptor(g.getSuperRoleDef(), "row")));
} else { } else {
plPgSql.writeLn(""" plPgSql.writeLn("""
-- Granting INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_hosting_asset rows slipped, -- Granting INSERT INTO hs_hosting.asset permissions to specified role of pre-existing hs_hosting.asset rows slipped,
-- because there cannot yet be any pre-existing rows in the same table yet. -- because there cannot yet be any pre-existing rows in the same table yet.
""", """,
with("rawSuperTable", g.getSuperRoleDef().getEntityAlias().getRawTableNameWithSchema()), with("rawSuperTable", g.getSuperRoleDef().getEntityAlias().getRawTableNameWithSchema()),

View File

@ -987,7 +987,7 @@ public class RbacView {
return getRawTableName() return getRawTableName()
.replace("hs_office.", "hsof.") .replace("hs_office.", "hsof.")
.replace("hs_booking.", "hsbk_") .replace("hs_booking.", "hsbk_")
.replace("hs_hosting_", "hsho_") .replace("hs_hosting.", "hsho_")
.replace("coopsharestransaction", "coopsharetx") .replace("coopsharestransaction", "coopsharetx")
.replace("coopassetstransaction", "coopassettx"); .replace("coopassetstransaction", "coopassettx");
} }

View File

@ -4,7 +4,7 @@
--changeset michael.hoennig:booking-item-MAIN-TABLE endDelimiter:--// --changeset michael.hoennig:booking-item-MAIN-TABLE endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create type HsBookingItemType as enum ( create type hs_booking.HsBookingItemType as enum (
'PRIVATE_CLOUD', 'PRIVATE_CLOUD',
'CLOUD_SERVER', 'CLOUD_SERVER',
'MANAGED_SERVER', 'MANAGED_SERVER',
@ -12,14 +12,14 @@ create type HsBookingItemType as enum (
'DOMAIN_SETUP' 'DOMAIN_SETUP'
); );
CREATE CAST (character varying as HsBookingItemType) WITH INOUT AS IMPLICIT; CREATE CAST (character varying as hs_booking.HsBookingItemType) WITH INOUT AS IMPLICIT;
create table if not exists hs_booking.item create table if not exists hs_booking.item
( (
uuid uuid unique references rbac.object (uuid), uuid uuid unique references rbac.object (uuid),
version int not null default 0, version int not null default 0,
projectUuid uuid null references hs_booking.project(uuid), projectUuid uuid null references hs_booking.project(uuid),
type HsBookingItemType not null, type hs_booking.HsBookingItemType not null,
parentItemUuid uuid null references hs_booking.item(uuid) initially deferred, parentItemUuid uuid null references hs_booking.item(uuid) initially deferred,
validity daterange not null, validity daterange not null,
caption varchar(80) not null, caption varchar(80) not null,

View File

@ -186,7 +186,7 @@ execute procedure hs_booking.new_item_grants_insert_to_project_tf();
-- granting INSERT permission to hs_booking.item ---------------------------- -- granting INSERT permission to hs_booking.item ----------------------------
-- Granting INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_hosting_asset rows slipped, -- Granting INSERT INTO hs_hosting.asset permissions to specified role of pre-existing hs_hosting.asset rows slipped,
-- because there cannot yet be any pre-existing rows in the same table yet. -- because there cannot yet be any pre-existing rows in the same table yet.
/** /**

View File

@ -0,0 +1,8 @@
--liquibase formatted sql
-- ============================================================================
--changeset michael.hoennig:hs-hosting-SCHEMA endDelimiter:--//
-- ----------------------------------------------------------------------------
CREATE SCHEMA hs_hosting;
--//

View File

@ -4,7 +4,7 @@
--changeset michael.hoennig:hosting-asset-MAIN-TABLE endDelimiter:--// --changeset michael.hoennig:hosting-asset-MAIN-TABLE endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create type HsHostingAssetType as enum ( create type hs_hosting.HsHostingAssetType as enum (
'CLOUD_SERVER', 'CLOUD_SERVER',
'MANAGED_SERVER', 'MANAGED_SERVER',
'MANAGED_WEBSPACE', 'MANAGED_WEBSPACE',
@ -26,22 +26,22 @@ create type HsHostingAssetType as enum (
'IPV6_NUMBER' 'IPV6_NUMBER'
); );
CREATE CAST (character varying as HsHostingAssetType) WITH INOUT AS IMPLICIT; CREATE CAST (character varying as hs_hosting.HsHostingAssetType) WITH INOUT AS IMPLICIT;
create table if not exists hs_hosting_asset create table if not exists hs_hosting.asset
( (
uuid uuid unique references rbac.object (uuid), uuid uuid unique references rbac.object (uuid),
version int not null default 0, version int not null default 0,
bookingItemUuid uuid null references hs_booking.item(uuid), bookingItemUuid uuid null references hs_booking.item(uuid),
type HsHostingAssetType not null, type hs_hosting.HsHostingAssetType not null,
parentAssetUuid uuid null references hs_hosting_asset(uuid) initially deferred, parentAssetUuid uuid null references hs_hosting.asset(uuid) initially deferred,
assignedToAssetUuid uuid null references hs_hosting_asset(uuid) initially deferred, assignedToAssetUuid uuid null references hs_hosting.asset(uuid) initially deferred,
identifier varchar(80) not null, identifier varchar(80) not null,
caption varchar(80), caption varchar(80),
config jsonb not null, config jsonb not null,
alarmContactUuid uuid null references hs_office.contact(uuid) initially deferred, alarmContactUuid uuid null references hs_office.contact(uuid) initially deferred,
constraint chk_hs_hosting_asset_has_booking_item_or_parent_asset constraint hosting_asset_has_booking_item_or_parent_asset
check (bookingItemUuid is not null or parentAssetUuid is not null or type in ('DOMAIN_SETUP', 'IPV4_NUMBER', 'IPV6_NUMBER')) check (bookingItemUuid is not null or parentAssetUuid is not null or type in ('DOMAIN_SETUP', 'IPV4_NUMBER', 'IPV6_NUMBER'))
); );
--// --//
@ -54,16 +54,16 @@ create table if not exists hs_hosting_asset
-- TODO.impl: this could be generated from HsHostingAssetType -- TODO.impl: this could be generated from HsHostingAssetType
-- also including a check for assignedToAssetUuud -- also including a check for assignedToAssetUuud
create or replace function hs_hosting_asset_type_hierarchy_check_tf() create or replace function hs_hosting.asset_type_hierarchy_check_tf()
returns trigger returns trigger
language plpgsql as $$ language plpgsql as $$
declare declare
actualParentType HsHostingAssetType; actualParentType hs_hosting.HsHostingAssetType;
expectedParentType HsHostingAssetType; expectedParentType hs_hosting.HsHostingAssetType;
begin begin
if NEW.parentAssetUuid is not null then if NEW.parentAssetUuid is not null then
actualParentType := (select type actualParentType := (select type
from hs_hosting_asset from hs_hosting.asset
where NEW.parentAssetUuid = uuid); where NEW.parentAssetUuid = uuid);
end if; end if;
@ -104,10 +104,10 @@ begin
return NEW; return NEW;
end; $$; end; $$;
create trigger hs_hosting_asset_type_hierarchy_check_tg create trigger hosting_asset_type_hierarchy_check_tg
before insert on hs_hosting_asset before insert on hs_hosting.asset
for each row for each row
execute procedure hs_hosting_asset_type_hierarchy_check_tf(); execute procedure hs_hosting.asset_type_hierarchy_check_tf();
--// --//
@ -116,7 +116,7 @@ create trigger hs_hosting_asset_type_hierarchy_check_tg
--changeset michael.hoennig:hosting-asset-system-sequences endDelimiter:--// --changeset michael.hoennig:hosting-asset-system-sequences endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_unixuser_system_id_seq CREATE SEQUENCE IF NOT EXISTS hs_hosting.asset_unixuser_system_id_seq
AS integer AS integer
MINVALUE 1000000 MINVALUE 1000000
MAXVALUE 9999999 MAXVALUE 9999999
@ -130,12 +130,12 @@ CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_unixuser_system_id_seq
--changeset michael.hoennig:hosting-asset-BOOKING-ITEM-HIERARCHY-CHECK endDelimiter:--// --changeset michael.hoennig:hosting-asset-BOOKING-ITEM-HIERARCHY-CHECK endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create or replace function hs_hosting_asset_booking_item_hierarchy_check_tf() create or replace function hs_hosting.asset_booking_item_hierarchy_check_tf()
returns trigger returns trigger
language plpgsql as $$ language plpgsql as $$
declare declare
actualBookingItemType HsBookingItemType; actualBookingItemType hs_booking.HsBookingItemType;
expectedBookingItemType HsBookingItemType; expectedBookingItemType hs_booking.HsBookingItemType;
begin begin
actualBookingItemType := (select type actualBookingItemType := (select type
from hs_booking.item from hs_booking.item
@ -156,24 +156,24 @@ begin
return NEW; return NEW;
end; $$; end; $$;
create trigger hs_hosting_asset_booking_item_hierarchy_check_tg create trigger hosting_asset_booking_item_hierarchy_check_tg
before insert on hs_hosting_asset before insert on hs_hosting.asset
for each row for each row
execute procedure hs_hosting_asset_booking_item_hierarchy_check_tf(); execute procedure hs_hosting.asset_booking_item_hierarchy_check_tf();
--// --//
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:hs-hosting-asset-MAIN-TABLE-JOURNAL endDelimiter:--// --changeset michael.hoennig:hs-hosting-asset-MAIN-TABLE-JOURNAL endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call base.create_journal('hs_hosting_asset'); call base.create_journal('hs_hosting.asset');
--// --//
-- ============================================================================ -- ============================================================================
--changeset michael.hoennig:hs-hosting-asset-MAIN-TABLE-HISTORIZATION endDelimiter:--// --changeset michael.hoennig:hs-hosting-asset-MAIN-TABLE-HISTORIZATION endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call base.tx_create_historicization('hs_hosting_asset'); call base.tx_create_historicization('hs_hosting.asset');
--// --//

View File

@ -5,14 +5,14 @@
-- ============================================================================ -- ============================================================================
--changeset RbacObjectGenerator:hs-hosting-asset-rbac-OBJECT endDelimiter:--// --changeset RbacObjectGenerator:hs-hosting-asset-rbac-OBJECT endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRelatedRbacObject('hs_hosting_asset'); call rbac.generateRelatedRbacObject('hs_hosting.asset');
--// --//
-- ============================================================================ -- ============================================================================
--changeset RbacRoleDescriptorsGenerator:hs-hosting-asset-rbac-ROLE-DESCRIPTORS endDelimiter:--// --changeset RbacRoleDescriptorsGenerator:hs-hosting-asset-rbac-ROLE-DESCRIPTORS endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting_asset'); call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting.asset');
--// --//
@ -24,27 +24,27 @@ call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting_asset');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure hs_hosting_asset_build_rbac_system( create or replace procedure hs_hosting.asset_build_rbac_system(
NEW hs_hosting_asset NEW hs_hosting.asset
) )
language plpgsql as $$ language plpgsql as $$
declare declare
newBookingItem hs_booking.item; newBookingItem hs_booking.item;
newAssignedToAsset hs_hosting_asset; newAssignedToAsset hs_hosting.asset;
newAlarmContact hs_office.contact; newAlarmContact hs_office.contact;
newParentAsset hs_hosting_asset; newParentAsset hs_hosting.asset;
begin begin
call rbac.enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_booking.item WHERE uuid = NEW.bookingItemUuid INTO newBookingItem; SELECT * FROM hs_booking.item WHERE uuid = NEW.bookingItemUuid INTO newBookingItem;
SELECT * FROM hs_hosting_asset WHERE uuid = NEW.assignedToAssetUuid INTO newAssignedToAsset; SELECT * FROM hs_hosting.asset WHERE uuid = NEW.assignedToAssetUuid INTO newAssignedToAsset;
SELECT * FROM hs_office.contact WHERE uuid = NEW.alarmContactUuid INTO newAlarmContact; SELECT * FROM hs_office.contact WHERE uuid = NEW.alarmContactUuid INTO newAlarmContact;
SELECT * FROM hs_hosting_asset WHERE uuid = NEW.parentAssetUuid INTO newParentAsset; SELECT * FROM hs_hosting.asset WHERE uuid = NEW.parentAssetUuid INTO newParentAsset;
perform rbac.defineRoleWithGrants( perform rbac.defineRoleWithGrants(
hsHostingAssetOWNER(NEW), hsHostingAssetOWNER(NEW),
@ -93,22 +93,22 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting_asset row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting.asset row.
*/ */
create or replace function hs_hosting_asset_build_rbac_system_after_insert_tf() create or replace function hs_hosting.asset_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call hs_hosting_asset_build_rbac_system(NEW); call hs_hosting.asset_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger build_rbac_system_after_insert_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_hosting_asset after insert on hs_hosting.asset
for each row for each row
execute procedure hs_hosting_asset_build_rbac_system_after_insert_tf(); execute procedure hs_hosting.asset_build_rbac_system_after_insert_tf();
--// --//
@ -120,9 +120,9 @@ execute procedure hs_hosting_asset_build_rbac_system_after_insert_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure hs_hosting_asset_update_rbac_system( create or replace procedure hs_hosting.asset_update_rbac_system(
OLD hs_hosting_asset, OLD hs_hosting.asset,
NEW hs_hosting_asset NEW hs_hosting.asset
) )
language plpgsql as $$ language plpgsql as $$
begin begin
@ -130,27 +130,27 @@ begin
if NEW.assignedToAssetUuid is distinct from OLD.assignedToAssetUuid if NEW.assignedToAssetUuid is distinct from OLD.assignedToAssetUuid
or NEW.alarmContactUuid is distinct from OLD.alarmContactUuid then or NEW.alarmContactUuid is distinct from OLD.alarmContactUuid then
delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid; delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid;
call hs_hosting_asset_build_rbac_system(NEW); call hs_hosting.asset_build_rbac_system(NEW);
end if; end if;
end; $$; end; $$;
/* /*
AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_hosting_asset row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_hosting.asset row.
*/ */
create or replace function hs_hosting_asset_update_rbac_system_after_update_tf() create or replace function hs_hosting.asset_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call hs_hosting_asset_update_rbac_system(OLD, NEW); call hs_hosting.asset_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger update_rbac_system_after_update_tg create trigger update_rbac_system_after_update_tg
after update on hs_hosting_asset after update on hs_hosting.asset
for each row for each row
execute procedure hs_hosting_asset_update_rbac_system_after_update_tf(); execute procedure hs_hosting.asset_update_rbac_system_after_update_tf();
--// --//
@ -158,7 +158,7 @@ execute procedure hs_hosting_asset_update_rbac_system_after_update_tf();
--changeset RbacIdentityViewGenerator:hs-hosting-asset-rbac-IDENTITY-VIEW endDelimiter:--// --changeset RbacIdentityViewGenerator:hs-hosting-asset-rbac-IDENTITY-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacIdentityViewFromProjection('hs_hosting_asset', call rbac.generateRbacIdentityViewFromProjection('hs_hosting.asset',
$idName$ $idName$
identifier identifier
$idName$); $idName$);
@ -168,7 +168,7 @@ call rbac.generateRbacIdentityViewFromProjection('hs_hosting_asset',
-- ============================================================================ -- ============================================================================
--changeset RbacRestrictedViewGenerator:hs-hosting-asset-rbac-RESTRICTED-VIEW endDelimiter:--// --changeset RbacRestrictedViewGenerator:hs-hosting-asset-rbac-RESTRICTED-VIEW endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
call rbac.generateRbacRestrictedView('hs_hosting_asset', call rbac.generateRbacRestrictedView('hs_hosting.asset',
$orderBy$ $orderBy$
identifier identifier
$orderBy$, $orderBy$,

View File

@ -7,9 +7,9 @@
--changeset hs-hosting-asset-MIGRATION-mapping:1 endDelimiter:--// --changeset hs-hosting-asset-MIGRATION-mapping:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE TABLE hs_hosting_asset_legacy_id CREATE TABLE hs_hosting.asset_legacy_id
( (
uuid uuid NOT NULL REFERENCES hs_hosting_asset(uuid), uuid uuid NOT NULL REFERENCES hs_hosting.asset(uuid),
legacy_id integer NOT NULL legacy_id integer NOT NULL
); );
--// --//
@ -19,10 +19,10 @@ CREATE TABLE hs_hosting_asset_legacy_id
--changeset hs-hosting-asset-MIGRATION-sequence:1 endDelimiter:--// --changeset hs-hosting-asset-MIGRATION-sequence:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_legacy_id_seq CREATE SEQUENCE IF NOT EXISTS hs_hosting.asset_legacy_id_seq
AS integer AS integer
START 1000000000 START 1000000000
OWNED BY hs_hosting_asset_legacy_id.legacy_id; OWNED BY hs_hosting.asset_legacy_id.legacy_id;
--// --//
@ -30,9 +30,9 @@ CREATE SEQUENCE IF NOT EXISTS hs_hosting_asset_legacy_id_seq
--changeset hs-hosting-asset-MIGRATION-default:1 endDelimiter:--// --changeset hs-hosting-asset-MIGRATION-default:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
ALTER TABLE hs_hosting_asset_legacy_id ALTER TABLE hs_hosting.asset_legacy_id
ALTER COLUMN legacy_id ALTER COLUMN legacy_id
SET DEFAULT nextVal('hs_hosting_asset_legacy_id_seq'); SET DEFAULT nextVal('hs_hosting.asset_legacy_id_seq');
--/ --/
@ -41,8 +41,8 @@ ALTER TABLE hs_hosting_asset_legacy_id
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
CALL base.defineContext('schema-migration'); CALL base.defineContext('schema-migration');
INSERT INTO hs_hosting_asset_legacy_id(uuid, legacy_id) INSERT INTO hs_hosting.asset_legacy_id(uuid, legacy_id)
SELECT uuid, nextVal('hs_hosting_asset_legacy_id_seq') FROM hs_hosting_asset; SELECT uuid, nextVal('hs_hosting.asset_legacy_id_seq') FROM hs_hosting.asset;
--/ --/
@ -58,14 +58,14 @@ begin
raise exception 'invalid usage of trigger'; raise exception 'invalid usage of trigger';
end if; end if;
INSERT INTO hs_hosting_asset_legacy_id VALUES INSERT INTO hs_hosting.asset_legacy_id VALUES
(NEW.uuid, nextVal('hs_hosting_asset_legacy_id_seq')); (NEW.uuid, nextVal('hs_hosting.asset_legacy_id_seq'));
return NEW; return NEW;
end; $$; end; $$;
create trigger createassetLegacyIdMapping create trigger createassetLegacyIdMapping
after insert on hs_hosting_asset after insert on hs_hosting.asset
for each row for each row
execute procedure insertassetLegacyIdMapping(); execute procedure insertassetLegacyIdMapping();
--/ --/
@ -83,14 +83,14 @@ begin
raise exception 'invalid usage of trigger'; raise exception 'invalid usage of trigger';
end if; end if;
DELETE FROM hs_hosting_asset_legacy_id DELETE FROM hs_hosting.asset_legacy_id
WHERE uuid = OLD.uuid; WHERE uuid = OLD.uuid;
return OLD; return OLD;
end; $$; end; $$;
create trigger deleteassetLegacyIdMapping_tg create trigger deleteassetLegacyIdMapping_tg
before delete on hs_hosting_asset before delete on hs_hosting.asset
for each row for each row
execute procedure deleteassetLegacyIdMapping_tf(); execute procedure deleteassetLegacyIdMapping_tf();
--/ --/

View File

@ -6,7 +6,7 @@
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Creates a single hs_hosting_asset test record. Creates a single hs_hosting.asset test record.
*/ */
create or replace procedure createHsHostingAssetTestData(givenProjectCaption varchar) create or replace procedure createHsHostingAssetTestData(givenProjectCaption varchar)
language plpgsql as $$ language plpgsql as $$
@ -79,7 +79,7 @@ begin
debitorNumberSuffix := relatedDebitor.debitorNumberSuffix; debitorNumberSuffix := relatedDebitor.debitorNumberSuffix;
defaultPrefix := relatedDebitor.defaultPrefix; defaultPrefix := relatedDebitor.defaultPrefix;
insert into hs_hosting_asset insert into hs_hosting.asset
(uuid, bookingitemuuid, type, parentAssetUuid, assignedToAssetUuid, identifier, caption, config) (uuid, bookingitemuuid, type, parentAssetUuid, assignedToAssetUuid, identifier, caption, config)
values values
(managedServerUuid, managedServerBI.uuid, 'MANAGED_SERVER', null, null, 'vm10' || debitorNumberSuffix, 'some ManagedServer', '{ "monit_max_cpu_usage": 90, "monit_max_ram_usage": 80, "monit_max_ssd_usage": 70 }'::jsonb), (managedServerUuid, managedServerBI.uuid, 'MANAGED_SERVER', null, null, 'vm10' || debitorNumberSuffix, 'some ManagedServer', '{ "monit_max_cpu_usage": 90, "monit_max_ram_usage": 80, "monit_max_ssd_usage": 70 }'::jsonb),

View File

@ -12,8 +12,8 @@ select *
from rbac.object from rbac.object
group by objecttable group by objecttable
union all union all
select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_hosting_asset', type::text select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_hosting.asset', type::text
from hs_hosting_asset from hs_hosting.asset
group by type group by type
union all union all
select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_booking.item', type::text select to_char(count(*)::int, '9 999 999 999'), 'objects', 'hs_booking.item', type::text

View File

@ -159,6 +159,8 @@ databaseChangeLog:
file: db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql file: db/changelog/6-hs-booking/630-booking-item/6303-hs-booking-item-rbac.sql
- include: - include:
file: db/changelog/6-hs-booking/630-booking-item/6308-hs-booking-item-test-data.sql file: db/changelog/6-hs-booking/630-booking-item/6308-hs-booking-item-test-data.sql
- include:
file: db/changelog/7-hs-hosting/700-hs-hosting-schema.sql
- include: - include:
file: db/changelog/7-hs-hosting/701-hosting-asset/7010-hs-hosting-asset.sql file: db/changelog/7-hs-hosting/701-hosting-asset/7010-hs-hosting-asset.sql
- include: - include:

View File

@ -114,7 +114,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-subject", "superuser-alex@hostsharing.net") .header("current-subject", "superuser-alex@hostsharing.net")
.header("assumed-roles", "hs_hosting_asset#fir01:AGENT") .header("assumed-roles", "hs_hosting.asset#fir01:AGENT")
.port(port) .port(port)
.when() .when()
. get("http://localhost/api/hs/hosting/assets?type=" + EMAIL_ALIAS) . get("http://localhost/api/hs/hosting/assets?type=" + EMAIL_ALIAS)
@ -218,7 +218,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
final var location = RestAssured // @formatter:off final var location = RestAssured // @formatter:off
.given() .given()
.header("current-subject", "superuser-alex@hostsharing.net") .header("current-subject", "superuser-alex@hostsharing.net")
.header("assumed-roles", "hs_hosting_asset#vm1011:ADMIN") .header("assumed-roles", "hs_hosting.asset#vm1011:ADMIN")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(""" .body("""
{ {
@ -574,7 +574,7 @@ class HsHostingAssetControllerAcceptanceTest extends ContextBasedTestWithCleanup
RestAssured // @formatter:off RestAssured // @formatter:off
.given() .given()
.header("current-subject", "superuser-alex@hostsharing.net") .header("current-subject", "superuser-alex@hostsharing.net")
//.header("assumed-roles", "hs_hosting_asset#vm2001:ADMIN") //.header("assumed-roles", "hs_hosting.asset#vm2001:ADMIN")
.contentType(ContentType.JSON) .contentType(ContentType.JSON)
.body(""" .body("""
{ {

View File

@ -78,7 +78,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
select currentTask, targetTable, targetOp, targetdelta->>'caption' select currentTask, targetTable, targetOp, targetdelta->>'caption'
from base.tx_journal_v from base.tx_journal_v
where targettable = 'hs_hosting_asset'; where targettable = 'hs_hosting.asset';
"""); """);
// when // when
@ -86,24 +86,24 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
// then // then
assertThat(customerLogEntries).map(Arrays::toString).contains( assertThat(customerLogEntries).map(Arrays::toString).contains(
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, another CloudServer]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, another CloudServer]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-DNS-Setup]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-DNS-Setup]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-HTTP-Setup]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-HTTP-Setup]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-MBOX-Setup]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-MBOX-Setup]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-SMTP-Setup]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-SMTP-Setup]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Domain-Setup]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Domain-Setup]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some E-Mail-Address]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some E-Mail-Address]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some E-Mail-Alias]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some E-Mail-Alias]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some ManagedServer]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some ManagedServer]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some UnixUser for E-Mail]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some UnixUser for E-Mail]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some UnixUser for Website]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some UnixUser for Website]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some Webspace]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some Webspace]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default MariaDB instance]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default MariaDB instance]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default MariaDB user]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default MariaDB user]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default MariaDB database]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default MariaDB database]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default Postgresql instance]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default Postgresql instance]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default Postgresql user]", "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default Postgresql user]",
"[creating hosting-asset test-data, hs_hosting_asset, INSERT, some default Postgresql database]" "[creating hosting-asset test-data, hs_hosting.asset, INSERT, some default Postgresql database]"
); );
} }
@ -112,7 +112,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
// given // given
final String nativeQuerySql = """ final String nativeQuerySql = """
select count(*) select count(*)
from hs_hosting_asset_hv ha; from hs_hosting.asset_hv ha;
"""; """;
// when // when
@ -121,7 +121,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
@SuppressWarnings("unchecked") final var countBefore = (Integer) query.getSingleResult(); @SuppressWarnings("unchecked") final var countBefore = (Integer) query.getSingleResult();
// then // then
assertThat(countBefore).as("hs_hosting_asset_hv should not contain rows for a timestamp in the past").isEqualTo(0); assertThat(countBefore).as("hs_hosting.asset_hv should not contain rows for a timestamp in the past").isEqualTo(0);
// and when // and when
historicalContext(Timestamp.from(ZonedDateTime.now().plusHours(1).toInstant())); historicalContext(Timestamp.from(ZonedDateTime.now().plusHours(1).toInstant()));
@ -129,7 +129,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
@SuppressWarnings("unchecked") final var countAfter = (Integer) query.getSingleResult(); @SuppressWarnings("unchecked") final var countAfter = (Integer) query.getSingleResult();
// then // then
assertThat(countAfter).as("hs_hosting_asset_hv should contain rows for a timestamp in the future").isGreaterThan(1); assertThat(countAfter).as("hs_hosting.asset_hv should contain rows for a timestamp in the future").isGreaterThan(1);
} }
@Nested @Nested
@ -192,37 +192,37 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
final var all = rawRoleRepo.findAll(); final var all = rawRoleRepo.findAll();
assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from( assertThat(distinctRoleNamesOf(all)).containsExactlyInAnyOrder(Array.from(
initialRoleNames, initialRoleNames,
"hs_hosting_asset#fir00:ADMIN", "hs_hosting.asset#fir00:ADMIN",
"hs_hosting_asset#fir00:AGENT", "hs_hosting.asset#fir00:AGENT",
"hs_hosting_asset#fir00:OWNER", "hs_hosting.asset#fir00:OWNER",
"hs_hosting_asset#fir00:TENANT")); "hs_hosting.asset#fir00:TENANT"));
assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll())) assertThat(distinctGrantDisplaysOf(rawGrantRepo.findAll()))
.containsExactlyInAnyOrder(fromFormatted( .containsExactlyInAnyOrder(fromFormatted(
initialGrantNames, initialGrantNames,
// rbac.global-admin // rbac.global-admin
"{ grant role:hs_hosting_asset#fir00:OWNER to role:rbac.global#global:ADMIN by system }", // workaround "{ grant role:hs_hosting.asset#fir00:OWNER to role:rbac.global#global:ADMIN by system }", // workaround
// owner // owner
"{ grant role:hs_hosting_asset#fir00:OWNER to user:superuser-alex@hostsharing.net by hs_hosting_asset#fir00:OWNER and assume }", "{ grant role:hs_hosting.asset#fir00:OWNER to user:superuser-alex@hostsharing.net by hs_hosting.asset#fir00:OWNER and assume }",
"{ grant role:hs_hosting_asset#fir00:OWNER to role:hs_booking.item#fir01:ADMIN by system and assume }", "{ grant role:hs_hosting.asset#fir00:OWNER to role:hs_booking.item#fir01:ADMIN by system and assume }",
"{ grant role:hs_hosting_asset#fir00:OWNER to role:hs_hosting_asset#vm1011:ADMIN by system and assume }", "{ grant role:hs_hosting.asset#fir00:OWNER to role:hs_hosting.asset#vm1011:ADMIN by system and assume }",
"{ grant perm:hs_hosting_asset#fir00:DELETE to role:hs_hosting_asset#fir00:OWNER by system and assume }", "{ grant perm:hs_hosting.asset#fir00:DELETE to role:hs_hosting.asset#fir00:OWNER by system and assume }",
// admin // admin
"{ grant role:hs_hosting_asset#fir00:ADMIN to role:hs_hosting_asset#fir00:OWNER by system and assume }", "{ grant role:hs_hosting.asset#fir00:ADMIN to role:hs_hosting.asset#fir00:OWNER by system and assume }",
"{ grant role:hs_hosting_asset#fir00:ADMIN to role:hs_booking.item#fir01:AGENT by system and assume }", "{ grant role:hs_hosting.asset#fir00:ADMIN to role:hs_booking.item#fir01:AGENT by system and assume }",
"{ grant perm:hs_hosting_asset#fir00:UPDATE to role:hs_hosting_asset#fir00:ADMIN by system and assume }", "{ grant perm:hs_hosting.asset#fir00:UPDATE to role:hs_hosting.asset#fir00:ADMIN by system and assume }",
// agent // agent
"{ grant role:hs_hosting_asset#fir00:ADMIN to role:hs_hosting_asset#vm1011:AGENT by system and assume }", "{ grant role:hs_hosting.asset#fir00:ADMIN to role:hs_hosting.asset#vm1011:AGENT by system and assume }",
"{ grant role:hs_hosting_asset#fir00:AGENT to role:hs_hosting_asset#fir00:ADMIN by system and assume }", "{ grant role:hs_hosting.asset#fir00:AGENT to role:hs_hosting.asset#fir00:ADMIN by system and assume }",
// tenant // tenant
"{ grant role:hs_booking.item#fir01:TENANT to role:hs_hosting_asset#fir00:TENANT by system and assume }", "{ grant role:hs_booking.item#fir01:TENANT to role:hs_hosting.asset#fir00:TENANT by system and assume }",
"{ grant role:hs_hosting_asset#fir00:TENANT to role:hs_hosting_asset#fir00:AGENT by system and assume }", "{ grant role:hs_hosting.asset#fir00:TENANT to role:hs_hosting.asset#fir00:AGENT by system and assume }",
"{ grant role:hs_hosting_asset#vm1011:TENANT to role:hs_hosting_asset#fir00:TENANT by system and assume }", "{ grant role:hs_hosting.asset#vm1011:TENANT to role:hs_hosting.asset#fir00:TENANT by system and assume }",
"{ grant perm:hs_hosting_asset#fir00:SELECT to role:hs_hosting_asset#fir00:TENANT by system and assume }", "{ grant perm:hs_hosting.asset#fir00:SELECT to role:hs_hosting.asset#fir00:TENANT by system and assume }",
null)); null));
} }
@ -251,7 +251,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
assertThatAssetIsPersisted(result.returnedValue()); assertThatAssetIsPersisted(result.returnedValue());
// ... a rbac.global admin can see the new domain setup as well if the domain OWNER role is assumed // ... a rbac.global admin can see the new domain setup as well if the domain OWNER role is assumed
context("superuser-alex@hostsharing.net", "hs_hosting_asset#example.net:OWNER"); // only works with the assumed role context("superuser-alex@hostsharing.net", "hs_hosting.asset#example.net:OWNER"); // only works with the assumed role
assertThatAssetIsPersisted(result.returnedValue()); assertThatAssetIsPersisted(result.returnedValue());
} }
@ -309,7 +309,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
.findAny().orElseThrow().getUuid(); .findAny().orElseThrow().getUuid();
// when // when
context("superuser-alex@hostsharing.net", "hs_hosting_asset#vm1012:AGENT"); context("superuser-alex@hostsharing.net", "hs_hosting.asset#vm1012:AGENT");
final var result = rbacAssetRepo.findAllByCriteria(null, parentAssetUuid, null); final var result = rbacAssetRepo.findAllByCriteria(null, parentAssetUuid, null);
// then // then
@ -326,7 +326,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
context("superuser-alex@hostsharing.net"); context("superuser-alex@hostsharing.net");
// when // when
context("superuser-alex@hostsharing.net", "hs_hosting_asset#sec01:AGENT"); context("superuser-alex@hostsharing.net", "hs_hosting.asset#sec01:AGENT");
final var result = rbacAssetRepo.findAllByCriteria(null, null, EMAIL_ADDRESS); final var result = rbacAssetRepo.findAllByCriteria(null, null, EMAIL_ADDRESS);
// then // then
@ -417,7 +417,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
// when // when
final var result = jpaAttempt.transacted(() -> { final var result = jpaAttempt.transacted(() -> {
context("person-FirbySusan@example.com", "hs_hosting_asset#vm1000:ADMIN"); context("person-FirbySusan@example.com", "hs_hosting.asset#vm1000:ADMIN");
assertThat(rbacAssetRepo.findByUuid(givenAsset.getUuid())).isPresent(); assertThat(rbacAssetRepo.findByUuid(givenAsset.getUuid())).isPresent();
rbacAssetRepo.deleteByUuid(givenAsset.getUuid()); rbacAssetRepo.deleteByUuid(givenAsset.getUuid());
@ -426,7 +426,7 @@ class HsHostingAssetRepositoryIntegrationTest extends ContextBasedTestWithCleanu
// then // then
result.assertExceptionWithRootCauseMessage( result.assertExceptionWithRootCauseMessage(
JpaSystemException.class, JpaSystemException.class,
"[403] Subject ", " is not allowed to delete hs_hosting_asset"); "[403] Subject ", " is not allowed to delete hs_hosting.asset");
assertThat(jpaAttempt.transacted(() -> { assertThat(jpaAttempt.transacted(() -> {
return realAssetRepo.findByUuid(givenAsset.getUuid()); return realAssetRepo.findByUuid(givenAsset.getUuid());
}).assertSuccessful().returnedValue()).isPresent(); // still there }).assertSuccessful().returnedValue()).isPresent(); // still there

View File

@ -68,7 +68,7 @@ class HsUnixUserHostingAssetValidatorUnitTest {
void initMocks() { void initMocks() {
final var nativeQueryMock = mock(Query.class); final var nativeQueryMock = mock(Query.class);
lenient().when(nativeQueryMock.getSingleResult()).thenReturn(12345678); lenient().when(nativeQueryMock.getSingleResult()).thenReturn(12345678);
lenient().when(em.createNativeQuery("SELECT nextval('hs_hosting_asset_unixuser_system_id_seq')", Integer.class)) lenient().when(em.createNativeQuery("SELECT nextval('hs_hosting.asset_unixuser_system_id_seq')", Integer.class))
.thenReturn(nativeQueryMock); .thenReturn(nativeQueryMock);
} }

View File

@ -187,7 +187,7 @@ public class CsvDataImport extends ContextBasedTest {
} }
final var query = em.createNativeQuery(""" final var query = em.createNativeQuery("""
insert into hs_hosting_asset( insert into hs_hosting.asset(
uuid, uuid,
type, type,
bookingitemuuid, bookingitemuuid,
@ -248,8 +248,8 @@ public class CsvDataImport extends ContextBasedTest {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context(rbacSuperuser); context(rbacSuperuser);
// TODO.perf: could we instead skip creating test-data based on an env var? // TODO.perf: could we instead skip creating test-data based on an env var?
em.createNativeQuery("delete from hs_hosting_asset where true").executeUpdate(); em.createNativeQuery("delete from hs_hosting.asset where true").executeUpdate();
em.createNativeQuery("delete from hs_hosting_asset_ex where true").executeUpdate(); em.createNativeQuery("delete from hs_hosting.asset_ex where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.item where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.item where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.item_ex where true").executeUpdate();
em.createNativeQuery("delete from hs_booking.project where true").executeUpdate(); em.createNativeQuery("delete from hs_booking.project where true").executeUpdate();

View File

@ -921,7 +921,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
@Test @Test
@Order(19920) @Order(19920)
void verifyHostingAssetsAreActuallyPersisted() { void verifyHostingAssetsAreActuallyPersisted() {
final var haCount = (Integer) em.createNativeQuery("select count(*) from hs_hosting_asset", Integer.class) final var haCount = (Integer) em.createNativeQuery("select count(*) from hs_hosting.asset", Integer.class)
.getSingleResult(); .getSingleResult();
assertThat(haCount).isGreaterThan(isImportingControlledTestData() ? 40 : 15000); assertThat(haCount).isGreaterThan(isImportingControlledTestData() ? 40 : 15000);
@ -1069,7 +1069,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
final var haCount = jpaAttempt.transacted(() -> { final var haCount = jpaAttempt.transacted(() -> {
context(rbacSuperuser, "hs_booking.project#D-1000300-mimdefaultproject:AGENT"); context(rbacSuperuser, "hs_booking.project#D-1000300-mimdefaultproject:AGENT");
return (Integer) em.createNativeQuery("select count(*) from hs_hosting_asset_rv where type='EMAIL_ADDRESS'", Integer.class) return (Integer) em.createNativeQuery("select count(*) from hs_hosting.asset_rv where type='EMAIL_ADDRESS'", Integer.class)
.getSingleResult(); .getSingleResult();
}).assertSuccessful().returnedValue(); }).assertSuccessful().returnedValue();
assertThat(haCount).isEqualTo(68); assertThat(haCount).isEqualTo(68);
@ -1136,7 +1136,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
jpaAttempt.transacted(() -> { jpaAttempt.transacted(() -> {
context(rbacSuperuser); context(rbacSuperuser);
updateLegacyIds(assets, "hs_hosting_asset_legacy_id", "legacy_id"); updateLegacyIds(assets, "hs_hosting.asset_legacy_id", "legacy_id");
}).assertSuccessful(); }).assertSuccessful();
} }
@ -1145,7 +1145,7 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
final int expectedCountInTestDataCount, final int expectedCountInTestDataCount,
final int minCountExpectedInProdData) { final int minCountExpectedInProdData) {
final var q = em.createNativeQuery( final var q = em.createNativeQuery(
"select count(*) from hs_hosting_asset where type = cast(:type as HsHostingAssetType)", "select count(*) from hs_hosting.asset where type = cast(:type as HsHostingAssetType)",
Integer.class); Integer.class);
q.setParameter("type", assetType.name()); q.setParameter("type", assetType.name());
final var count = (Integer) q.getSingleResult(); final var count = (Integer) q.getSingleResult();
@ -1895,8 +1895,8 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
//noinspection unchecked //noinspection unchecked
return ((List<List<?>>) em.createNativeQuery( return ((List<List<?>>) em.createNativeQuery(
""" """
SELECT li.* FROM hs_hosting_asset_legacy_id li SELECT li.* FROM hs_hosting.asset_legacy_id li
JOIN hs_hosting_asset ha ON ha.uuid=li.uuid JOIN hs_hosting.asset ha ON ha.uuid=li.uuid
WHERE CAST(ha.type AS text)=:type WHERE CAST(ha.type AS text)=:type
ORDER BY legacy_id ORDER BY legacy_id
""", """,
@ -1910,8 +1910,8 @@ public class ImportHostingAssets extends BaseOfficeDataImport {
//noinspection unchecked //noinspection unchecked
return ((List<List<?>>) em.createNativeQuery( return ((List<List<?>>) em.createNativeQuery(
""" """
SELECT ha.uuid, ha.type, ha.identifier FROM hs_hosting_asset ha SELECT ha.uuid, ha.type, ha.identifier FROM hs_hosting.asset ha
JOIN hs_hosting_asset_legacy_id li ON li.uuid=ha.uuid JOIN hs_hosting.asset_legacy_id li ON li.uuid=ha.uuid
WHERE li.legacy_id is null AND CAST(ha.type AS text)=:type WHERE li.legacy_id is null AND CAST(ha.type AS text)=:type
ORDER BY li.legacy_id ORDER BY li.legacy_id
""", """,