RBAC Diagram+PostgreSQL Generator #21
@ -16,9 +16,10 @@ import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.RbacGrantDefinitio
|
|||||||
|
|
||||||
public class RbacViewMermaidFlowchart {
|
public class RbacViewMermaidFlowchart {
|
||||||
|
|
||||||
public static final String HOSTSHARING_ORANGE = "#dd4901";
|
public static final String HOSTSHARING_DARK_ORANGE = "#dd4901";
|
||||||
public static final String HOSTSHARING_ORANGE_LIGHT = "#feb28c";
|
public static final String HOSTSHARING_LIGHT_ORANGE = "#feb28c";
|
||||||
public static final String HOSTSHARING_LIGHTBLUE = "#99bcdb";
|
public static final String HOSTSHARING_DARK_BLUE = "#274d6e";
|
||||||
|
public static final String HOSTSHARING_LIGHT_BLUE = "#99bcdb";
|
||||||
private final RbacView rbacDef;
|
private final RbacView rbacDef;
|
||||||
private final StringWriter flowchart = new StringWriter();
|
private final StringWriter flowchart = new StringWriter();
|
||||||
|
|
||||||
@ -39,9 +40,9 @@ public class RbacViewMermaidFlowchart {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private void renderEntitySubgraph(final RbacView.EntityAlias entity) {
|
private void renderEntitySubgraph(final RbacView.EntityAlias entity) {
|
||||||
final var color = rbacDef.isRootEntityAlias(entity) ? HOSTSHARING_ORANGE
|
final var color = rbacDef.isRootEntityAlias(entity) ? HOSTSHARING_DARK_ORANGE
|
||||||
: entity.isSubEntity() ? HOSTSHARING_ORANGE_LIGHT
|
: entity.isSubEntity() ? HOSTSHARING_LIGHT_ORANGE
|
||||||
: HOSTSHARING_LIGHTBLUE;
|
: HOSTSHARING_LIGHT_BLUE;
|
||||||
flowchart.writeLn("""
|
flowchart.writeLn("""
|
||||||
subgraph %{aliasName}["`**%{aliasName}**`"]
|
subgraph %{aliasName}["`**%{aliasName}**`"]
|
||||||
direction TB
|
direction TB
|
||||||
@ -79,7 +80,7 @@ public class RbacViewMermaidFlowchart {
|
|||||||
|
|
||||||
private void wrapOutputInSubgraph(final String name, final String color, final String content) {
|
private void wrapOutputInSubgraph(final String name, final String color, final String content) {
|
||||||
if (!StringUtils.isEmpty(content)) {
|
if (!StringUtils.isEmpty(content)) {
|
||||||
flowchart.emptyLine();
|
flowchart.ensureEmptyLine();
|
||||||
flowchart.writeLn("subgraph " + name + "[ ]\n");
|
flowchart.writeLn("subgraph " + name + "[ ]\n");
|
||||||
flowchart.indented(() -> {
|
flowchart.indented(() -> {
|
||||||
flowchart.writeLn("style %{aliasName} fill: %{color}"
|
flowchart.writeLn("style %{aliasName} fill: %{color}"
|
||||||
@ -105,7 +106,7 @@ public class RbacViewMermaidFlowchart {
|
|||||||
.filter(g -> g.grantType() == f)
|
.filter(g -> g.grantType() == f)
|
||||||
.toList();
|
.toList();
|
||||||
if ( !userGrants.isEmpty()) {
|
if ( !userGrants.isEmpty()) {
|
||||||
flowchart.emptyLine();
|
flowchart.ensureEmptyLine();
|
||||||
flowchart.writeLn(t);
|
flowchart.writeLn(t);
|
||||||
userGrants.forEach(g -> flowchart.writeLn(grantDef(g)));
|
userGrants.forEach(g -> flowchart.writeLn(grantDef(g)));
|
||||||
}
|
}
|
||||||
|
@ -97,9 +97,9 @@ class RolesGrantsAndPermissionsGenerator {
|
|||||||
createRolesWithGrantsSql(plPgSql, TENANT);
|
createRolesWithGrantsSql(plPgSql, TENANT);
|
||||||
createRolesWithGrantsSql(plPgSql, REFERRER);
|
createRolesWithGrantsSql(plPgSql, REFERRER);
|
||||||
|
|
||||||
plPgSql.writeLn();
|
generateGrants(plPgSql, ROLE_TO_USER);
|
||||||
// TODO: we need to group and sort the grants, similar to the Flowchart generator
|
generateGrants(plPgSql, ROLE_TO_ROLE);
|
||||||
rbacGrants.forEach(g -> plPgSql.writeLn(generateGrant(g)));
|
generateGrants(plPgSql, PERM_TO_ROLE);
|
||||||
|
|
||||||
plPgSql.writeLn("return NEW;");
|
plPgSql.writeLn("return NEW;");
|
||||||
});
|
});
|
||||||
@ -108,6 +108,15 @@ class RolesGrantsAndPermissionsGenerator {
|
|||||||
plPgSql.writeLn();
|
plPgSql.writeLn();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private void generateGrants(final StringWriter plPgSql, final RbacView.RbacGrantDefinition.GrantType grantType) {
|
||||||
|
plPgSql.ensureEmptyLine();
|
||||||
|
rbacGrants.stream()
|
||||||
|
.filter(g -> g.grantType() == grantType)
|
||||||
|
.map(this::generateGrant)
|
||||||
|
.sorted()
|
||||||
|
.forEach(plPgSql::writeLn);
|
||||||
|
}
|
||||||
|
|
||||||
private String generateGrant(RbacView.RbacGrantDefinition grantDef) {
|
private String generateGrant(RbacView.RbacGrantDefinition grantDef) {
|
||||||
return switch (grantDef.grantType()) {
|
return switch (grantDef.grantType()) {
|
||||||
case ROLE_TO_USER -> throw new IllegalArgumentException("unexpected grant");
|
case ROLE_TO_USER -> throw new IllegalArgumentException("unexpected grant");
|
||||||
|
@ -58,7 +58,7 @@ public class StringWriter {
|
|||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
||||||
void emptyLine() {
|
void ensureEmptyLine() {
|
||||||
if (!string.toString().endsWith("\n\n")) {
|
if (!string.toString().endsWith("\n\n")) {
|
||||||
writeLn();
|
writeLn();
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user