src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacViewPostgresGenerator.java

@@ -14,15 +14,14 @@ public class RbacViewPostgresGenerator {
 
     private final RbacView rbacDef;
     private final String liqibaseTagPrefix;
-    private final StringBuilder plPgSql = new StringBuilder();
+    private final StringWriter plPgSql = new StringWriter();
 
     public RbacViewPostgresGenerator(final RbacView forRbacDef) {
         rbacDef = forRbacDef;
         liqibaseTagPrefix = rbacDef.getRootEntityAlias().entityClass().getSimpleName();
-        plPgSql.append("""
+        plPgSql.writeLn("""
                 --liquibase formatted sql
                 -- generated at: %{timestamp}
-                
                 """
                 .replace("%{timestamp}", LocalDateTime.now().toString()));
 

src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java

@@ -26,34 +26,33 @@ class RolesGrantsAndPermissionsGenerator {
 
     RolesGrantsAndPermissionsGenerator(final RbacView rbacDef, final String liquibaseTagPrefix) {
         this.rbacDef = rbacDef;
-        this.rbacGrants.addAll(rbacGrants);
+        this.rbacGrants.addAll(rbacDef.getGrantDefs());
         this.liquibaseTagPrefix = liquibaseTagPrefix;
         
         entityClass = rbacDef.getRootEntityAlias().entityClass();
-        simpleEntityName = entityClass.getSimpleName();
+        simpleEntityVarName = rbacDef.getRootEntityAlias().simpleName();
-        simpleEntityVarName = uncapitalize(simpleEntityName);
+        simpleEntityName = capitalize(simpleEntityVarName);
         rawTableName = withoutRvSuffix(entityClass.getAnnotation(Table.class).name());
     }
 
-    void generateTo(final StringBuilder plPgSql) {
+    void generateTo(final StringWriter plPgSql) {
         generateHeader(plPgSql);
         generateTriggerFunction(plPgSql);
         generageInsertTrigger(plPgSql);
         generateFooter(plPgSql);
     }
 
-    private void generateHeader(final StringBuilder plPgSql) {
+    private void generateHeader(final StringWriter plPgSql) {
-        plPgSql.append("""
+        plPgSql.writeLn("""
                 -- ============================================================================
                 --changeset %{liquibaseTagPrefix}-rbac-CREATE-ROLES-GRANTS-PERMISSIONS:1 endDelimiter:--//
                 -- ----------------------------------------------------------------------------
-
                 """
                 .replace("%{liquibaseTagPrefix}", liquibaseTagPrefix));
     }
 
-    private void generateTriggerFunction(final StringBuilder plPgSql) {
+    private void generateTriggerFunction(final StringWriter plPgSql) {
-        plPgSql.append("""
+        plPgSql.writeLn("""
                 /*
                     Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
                  */
@@ -66,27 +65,30 @@ class RolesGrantsAndPermissionsGenerator {
                     if TG_OP <> 'INSERT' then
                         raise exception 'invalid usage of TRIGGER AFTER INSERT function';
                     end if;
-                    %{createRolesWithGrantsSql}
-                    return NEW;
-                end; $$;
                 """
-                .replace("%{simpleEntityName}", simpleEntityName)
+                .replace("%{simpleEntityName}", simpleEntityName));
-                .replace("%{createRolesWithGrantsSql}", createRolesWithGrantsSql())
-        );
 
-    }
+        plPgSql.indented(() -> {
-
-    private String createRolesWithGrantsSql() {
-        final var plPgSql = new StringBuilder();
             createRolesWithGrantsSql(plPgSql, OWNER);
             createRolesWithGrantsSql(plPgSql, ADMIN);
             createRolesWithGrantsSql(plPgSql, AGENT);
             createRolesWithGrantsSql(plPgSql, TENANT);
             createRolesWithGrantsSql(plPgSql, REFERRER);
-        return plPgSql.toString();
+
+            if (!rbacGrants.isEmpty()) {
+                throw new IllegalStateException("unprocessed grants: " + rbacGrants);
+                // rbacGrants.forEach(g -> plPgSql.writeLn("-- unprocessed grant: " + g));
             }
 
-    private void createRolesWithGrantsSql(final StringBuilder plPgSql, final RbacView.Role role) {
+            plPgSql.writeLn("return NEW;");
+        });
+
+        plPgSql.writeLn("end; $$;");
+        plPgSql.writeLn();
+    }
+
+
+    private void createRolesWithGrantsSql(final StringWriter plPgSql, final RbacView.Role role) {
 
          final var isToCreate = rbacDef.getRoleDefs().stream()
                  .filter(roleDef -> rbacDef.isRootEntityAlias(roleDef.getEntityAlias()) && roleDef.getRole() == role )
@@ -95,12 +97,11 @@ class RolesGrantsAndPermissionsGenerator {
             return;
         }
 
-        plPgSql.append("""
+        plPgSql.writeLn();
-                
+        plPgSql.writeLn("perform createRoleWithGrants(");
-                    perform createRoleWithGrants(
+        plPgSql.indented( () -> {
-                        %{simpleEntityVarName)%{roleSuffix}(NEW),
+            plPgSql.writeLn("%{simpleVarName)%{roleSuffix}(NEW),"
-                """
+                    .replace("%{simpleVarName)", simpleEntityVarName)
-                .replace("%{simpleEntityVarName)", simpleEntityVarName)
                     .replace("%{roleSuffix}", capitalize(role.roleName())));
 
             final var permissionGrantsForRole = findPermissionsGrantsForRole(rbacDef.getRootEntityAlias(), role);
@@ -111,7 +112,8 @@ class RolesGrantsAndPermissionsGenerator {
                         .map(RbacView.Permission::permission)
                         .map(p -> "'" + p + "'")
                         .collect(joining(", "));
-            plPgSql.append(indent(3) + "permissions => array[" + permissionsForRoleInPlPgSql + "],\n");
+                plPgSql.indented( () ->
+                        plPgSql.writeLn("permissions => array[" + permissionsForRoleInPlPgSql + "],\n"));
                 rbacGrants.removeAll(permissionGrantsForRole);
             }
 
@@ -121,7 +123,8 @@ class RolesGrantsAndPermissionsGenerator {
                         .map(RbacView.RbacGrantDefinition::getUserDef)
                         .map(this::toPlPgSqlReference)
                         .collect(joining(", "));
-            plPgSql.append(indent(3) + "userUuids => array[" + grantsToUsersPlPgSql + "],\n");
+                plPgSql.indented(() ->
+                        plPgSql.writeLn("userUuids => array[" + grantsToUsersPlPgSql + "],\n"));
                 rbacGrants.removeAll(grantsToUsers);
             }
 
@@ -131,7 +134,8 @@ class RolesGrantsAndPermissionsGenerator {
                         .map(RbacView.RbacGrantDefinition::getSuperRoleDef)
                         .map(r -> toPlPgSqlReference(NEW, r))
                         .collect(joining(", "));
-            plPgSql.append(indent(3) + "incomingSuperRoles => array[" + incomingGrantsInPlPgSql + "],\n");
+                plPgSql.indented(() ->
+                        plPgSql.writeLn("incomingSuperRoles => array[" + incomingGrantsInPlPgSql + "],\n"));
                 rbacGrants.removeAll(incomingGrants);
             }
 
@@ -141,16 +145,16 @@ class RolesGrantsAndPermissionsGenerator {
                         .map(RbacView.RbacGrantDefinition::getSuperRoleDef)
                         .map(r -> toPlPgSqlReference(NEW, r))
                         .collect(joining(", "));
-            plPgSql.append(indent(3) + "outgoingSubRoles => array[" + outgoingGrantsInPlPgSql + "],\n");
+                plPgSql.indented(() ->
+                        plPgSql.writeLn("outgoingSubRoles => array[" + outgoingGrantsInPlPgSql + "],\n"));
                 rbacGrants.removeAll(outgoingGrants);
             }
 
-        if (!rbacGrants.isEmpty()) {
+            plPgSql.chopTail(",\n");
-            throw new IllegalStateException("unprocessed grants: " + rbacGrants);
+            plPgSql.writeLn();
-        }
+        });
 
-        chopTail(plPgSql, ",\n");
+        plPgSql.writeLn(");");
-        plPgSql.append("\n" + indent(2) + ");\n");
     }
 
     private Set<RbacView.RbacGrantDefinition> findPermissionsGrantsForRole(final RbacView.EntityAlias entityAlias, final RbacView.Role role) {
@@ -182,8 +186,8 @@ class RolesGrantsAndPermissionsGenerator {
                 .collect(Collectors.toSet());
     }
 
-    private void generageInsertTrigger(final StringBuilder plPgSql) {
+    private void generageInsertTrigger(final StringWriter plPgSql) {
-        plPgSql.append("""
+        plPgSql.writeLn("""
                 /*
                     An AFTER INSERT TRIGGER which creates the role structure for a new %{simpleEntityName}
                  */
@@ -200,8 +204,9 @@ class RolesGrantsAndPermissionsGenerator {
         );
     }
 
-    private static void generateFooter(final StringBuilder plPgSql) {
+    private static void generateFooter(final StringWriter plPgSql) {
-        plPgSql.append("\n\n");
+        plPgSql.writeLn();
+        plPgSql.writeLn();
     }
 
     private String withoutRvSuffix(final String tableName) {
@@ -229,14 +234,4 @@ class RolesGrantsAndPermissionsGenerator {
     private static String toTriggerReference(final PostgresTriggerReference triggerRef, final RbacView.EntityAlias entityAlias) {
         return triggerRef.name().toLowerCase() + capitalize(entityAlias.aliasName());
     }
-
-    private String indent(final int tabs) {
-        return " ".repeat(4*tabs);
-    }
-
-    private void chopTail(final StringBuilder plPgSql, final String tail) {
-        if (plPgSql.toString().endsWith(tail)) {
-            plPgSql.setLength(plPgSql.length() - tail.length());
-        }
-    }
 }