RBAC Diagram+PostgreSQL Generator #21

Merged
hsh-michaelhoennig merged 54 commits from experimental-rbacview-generator into master 2024-03-11 12:30:44 +01:00
3 changed files with 22 additions and 12 deletions
Showing only changes of commit 59ea077a4e - Show all commits

View File

@ -16,9 +16,10 @@ import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.RbacGrantDefinitio
public class RbacViewMermaidFlowchart { public class RbacViewMermaidFlowchart {
public static final String HOSTSHARING_ORANGE = "#dd4901"; public static final String HOSTSHARING_DARK_ORANGE = "#dd4901";
public static final String HOSTSHARING_ORANGE_LIGHT = "#feb28c"; public static final String HOSTSHARING_LIGHT_ORANGE = "#feb28c";
public static final String HOSTSHARING_LIGHTBLUE = "#99bcdb"; public static final String HOSTSHARING_DARK_BLUE = "#274d6e";
public static final String HOSTSHARING_LIGHT_BLUE = "#99bcdb";
private final RbacView rbacDef; private final RbacView rbacDef;
private final StringWriter flowchart = new StringWriter(); private final StringWriter flowchart = new StringWriter();
@ -39,9 +40,9 @@ public class RbacViewMermaidFlowchart {
} }
private void renderEntitySubgraph(final RbacView.EntityAlias entity) { private void renderEntitySubgraph(final RbacView.EntityAlias entity) {
final var color = rbacDef.isRootEntityAlias(entity) ? HOSTSHARING_ORANGE final var color = rbacDef.isRootEntityAlias(entity) ? HOSTSHARING_DARK_ORANGE
: entity.isSubEntity() ? HOSTSHARING_ORANGE_LIGHT : entity.isSubEntity() ? HOSTSHARING_LIGHT_ORANGE
: HOSTSHARING_LIGHTBLUE; : HOSTSHARING_LIGHT_BLUE;
flowchart.writeLn(""" flowchart.writeLn("""
subgraph %{aliasName}["`**%{aliasName}**`"] subgraph %{aliasName}["`**%{aliasName}**`"]
direction TB direction TB
@ -79,7 +80,7 @@ public class RbacViewMermaidFlowchart {
private void wrapOutputInSubgraph(final String name, final String color, final String content) { private void wrapOutputInSubgraph(final String name, final String color, final String content) {
if (!StringUtils.isEmpty(content)) { if (!StringUtils.isEmpty(content)) {
flowchart.emptyLine(); flowchart.ensureEmptyLine();
flowchart.writeLn("subgraph " + name + "[ ]\n"); flowchart.writeLn("subgraph " + name + "[ ]\n");
flowchart.indented(() -> { flowchart.indented(() -> {
flowchart.writeLn("style %{aliasName} fill: %{color}" flowchart.writeLn("style %{aliasName} fill: %{color}"
@ -105,7 +106,7 @@ public class RbacViewMermaidFlowchart {
.filter(g -> g.grantType() == f) .filter(g -> g.grantType() == f)
.toList(); .toList();
if ( !userGrants.isEmpty()) { if ( !userGrants.isEmpty()) {
flowchart.emptyLine(); flowchart.ensureEmptyLine();
flowchart.writeLn(t); flowchart.writeLn(t);
userGrants.forEach(g -> flowchart.writeLn(grantDef(g))); userGrants.forEach(g -> flowchart.writeLn(grantDef(g)));
} }

View File

@ -97,9 +97,9 @@ class RolesGrantsAndPermissionsGenerator {
createRolesWithGrantsSql(plPgSql, TENANT); createRolesWithGrantsSql(plPgSql, TENANT);
createRolesWithGrantsSql(plPgSql, REFERRER); createRolesWithGrantsSql(plPgSql, REFERRER);
plPgSql.writeLn(); generateGrants(plPgSql, ROLE_TO_USER);
// TODO: we need to group and sort the grants, similar to the Flowchart generator generateGrants(plPgSql, ROLE_TO_ROLE);
rbacGrants.forEach(g -> plPgSql.writeLn(generateGrant(g))); generateGrants(plPgSql, PERM_TO_ROLE);
plPgSql.writeLn("return NEW;"); plPgSql.writeLn("return NEW;");
}); });
@ -108,6 +108,15 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn(); plPgSql.writeLn();
} }
private void generateGrants(final StringWriter plPgSql, final RbacView.RbacGrantDefinition.GrantType grantType) {
plPgSql.ensureEmptyLine();
rbacGrants.stream()
.filter(g -> g.grantType() == grantType)
.map(this::generateGrant)
.sorted()
.forEach(plPgSql::writeLn);
}
private String generateGrant(RbacView.RbacGrantDefinition grantDef) { private String generateGrant(RbacView.RbacGrantDefinition grantDef) {
return switch (grantDef.grantType()) { return switch (grantDef.grantType()) {
case ROLE_TO_USER -> throw new IllegalArgumentException("unexpected grant"); case ROLE_TO_USER -> throw new IllegalArgumentException("unexpected grant");

View File

@ -58,7 +58,7 @@ public class StringWriter {
}; };
} }
void emptyLine() { void ensureEmptyLine() {
if (!string.toString().endsWith("\n\n")) { if (!string.toString().endsWith("\n\n")) {
writeLn(); writeLn();
} }