RBAC Diagram+PostgreSQL Generator #21
@ -20,14 +20,26 @@ public class RbacIdentityViewGenerator {
|
||||
-- ============================================================================
|
||||
--changeset ${liquibaseTagPrefix}-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('${rawTableName}', $idName$
|
||||
""",
|
||||
with("liquibaseTagPrefix", liquibaseTagPrefix));
|
||||
|
||||
plPgSql.writeLn(
|
||||
switch (rbacDef.getIdentityViewSqlQuery().part) {
|
||||
case SQL_PROJECTION -> """
|
||||
call generateRbacIdentityViewFromProjection('${rawTableName}', $idName$
|
||||
${identityViewSqlPart}
|
||||
$idName$);
|
||||
--//
|
||||
|
||||
""",
|
||||
with("liquibaseTagPrefix", liquibaseTagPrefix),
|
||||
with("identityViewSqlPart", rbacDef.getIdentityViewSqlQuery().sql), // TODO: other part types
|
||||
""";
|
||||
case SQL_QUERY -> """
|
||||
call generateRbacIdentityViewFromProjection('${rawTableName}', $idName$
|
||||
${identityViewSqlPart}
|
||||
$idName$);
|
||||
""";
|
||||
default -> throw new IllegalStateException("illegal SQL part given");
|
||||
},
|
||||
with("identityViewSqlPart", rbacDef.getIdentityViewSqlQuery().sql),
|
||||
with("rawTableName", rawTableName));
|
||||
|
||||
plPgSql.writeLn("--//");
|
||||
}
|
||||
}
|
||||
|
@ -91,7 +91,7 @@ end; $$;
|
||||
--changeset rbac-generators-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
create or replace procedure generateRbacIdentityView(targetTable text, idNameExpression text)
|
||||
create or replace procedure generateRbacIdentityViewFromQuery(targetTable text, sqlQuery text)
|
||||
language plpgsql as $$
|
||||
declare
|
||||
sql text;
|
||||
@ -100,11 +100,9 @@ begin
|
||||
|
||||
-- create a view to the target main table which maps an idName to the objectUuid
|
||||
sql = format($sql$
|
||||
create or replace view %1$s_iv as
|
||||
select target.uuid, cleanIdentifier(%2$s) as idName
|
||||
from %1$s as target;
|
||||
create or replace view %1$s_iv as %2$s;
|
||||
grant all privileges on %1$s_iv to ${HSADMINNG_POSTGRES_RESTRICTED_USERNAME};
|
||||
$sql$, targetTable, idNameExpression);
|
||||
$sql$, targetTable, sqlQuery);
|
||||
execute sql;
|
||||
|
||||
-- creates a function which maps an idName to the objectUuid
|
||||
@ -129,6 +127,20 @@ begin
|
||||
$sql$, targetTable);
|
||||
execute sql;
|
||||
end; $$;
|
||||
|
||||
create or replace procedure generateRbacIdentityViewFromProjection(targetTable text, sqlProjection text)
|
||||
language plpgsql as $$
|
||||
declare
|
||||
sqlQuery text;
|
||||
begin
|
||||
targettable := lower(targettable);
|
||||
|
||||
sqlQuery = format($sql$
|
||||
select target.uuid, cleanIdentifier(%2$s) as idName
|
||||
from %1$s as target;
|
||||
$sql$, targetTable, sqlProjection);
|
||||
call generateRbacIdentityViewFromQuery(targetTable, sqlQuery);
|
||||
end; $$;
|
||||
--//
|
||||
|
||||
|
||||
|
@ -1,4 +1,4 @@
|
||||
### rbac customer 2024-03-09T08:56:16.396142507
|
||||
### rbac customer 2024-03-10T11:42:41.089596517
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
@ -1,5 +1,5 @@
|
||||
--liquibase formatted sql
|
||||
-- This code generated was by RbacViewPostgresGenerator at 2024-03-09T08:56:16.421821997.
|
||||
-- This code generated was by RbacViewPostgresGenerator at 2024-03-10T11:42:41.121556631.
|
||||
|
||||
-- ============================================================================
|
||||
--changeset test-customer-rbac-OBJECT:1 endDelimiter:--//
|
||||
@ -102,12 +102,12 @@ create trigger test_customer_insert_permission_check_tg
|
||||
-- ============================================================================
|
||||
--changeset test-customer-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('test_customer', $idName$
|
||||
|
||||
call generateRbacIdentityViewFromProjection('test_customer', $idName$
|
||||
prefix
|
||||
$idName$);
|
||||
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset test-customer-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
@ -1,4 +1,4 @@
|
||||
### rbac package 2024-03-09T08:56:16.449886471
|
||||
### rbac package 2024-03-10T11:42:41.162678472
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
@ -1,5 +1,5 @@
|
||||
--liquibase formatted sql
|
||||
-- This code generated was by RbacViewPostgresGenerator at 2024-03-09T08:56:16.450322125.
|
||||
-- This code generated was by RbacViewPostgresGenerator at 2024-03-10T11:42:41.163393064.
|
||||
|
||||
-- ============================================================================
|
||||
--changeset test-package-rbac-OBJECT:1 endDelimiter:--//
|
||||
@ -205,12 +205,12 @@ create trigger test_package_insert_permission_check_tg
|
||||
-- ============================================================================
|
||||
--changeset test-package-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('test_package', $idName$
|
||||
|
||||
call generateRbacIdentityViewFromProjection('test_package', $idName$
|
||||
name
|
||||
$idName$);
|
||||
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset test-package-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
@ -1,5 +1,5 @@
|
||||
--liquibase formatted sql
|
||||
-- This code generated was by RbacViewPostgresGenerator at 2024-03-09T08:56:16.469632602.
|
||||
-- This code generated was by RbacViewPostgresGenerator at 2024-03-10T11:42:41.186902574.
|
||||
|
||||
-- ============================================================================
|
||||
--changeset test-domain-rbac-OBJECT:1 endDelimiter:--//
|
||||
@ -204,12 +204,12 @@ create trigger test_domain_insert_permission_check_tg
|
||||
-- ============================================================================
|
||||
--changeset test-domain-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('test_domain', $idName$
|
||||
|
||||
call generateRbacIdentityViewFromProjection('test_domain', $idName$
|
||||
name
|
||||
$idName$);
|
||||
|
||||
--//
|
||||
|
||||
|
||||
-- ============================================================================
|
||||
--changeset test-domain-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
@ -75,7 +75,7 @@ execute procedure createRbacRolesForHsOfficeContact();
|
||||
--changeset hs-office-contact-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call generateRbacIdentityView('hs_office_contact', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_contact', $idName$
|
||||
target.label
|
||||
$idName$);
|
||||
--//
|
||||
|
@ -73,7 +73,7 @@ execute procedure createRbacRolesForHsOfficePerson();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-person-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_person', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_person', $idName$
|
||||
concat(target.tradeName, target.familyName, target.givenName)
|
||||
$idName$);
|
||||
--//
|
||||
|
@ -124,7 +124,7 @@ execute procedure hsOfficeRelationshipRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-relationship-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_relationship', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_relationship', $idName$
|
||||
(select idName from hs_office_person_iv p where p.uuid = target.relAnchorUuid)
|
||||
|| '-with-' || target.relType || '-' ||
|
||||
(select idName from hs_office_person_iv p where p.uuid = target.relHolderUuid)
|
||||
|
@ -187,7 +187,7 @@ execute procedure hsOfficePartnerRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-partner-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_partner', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_partner', $idName$
|
||||
partnerNumber || ':' ||
|
||||
(select idName from hs_office_person_iv p where p.uuid = target.personuuid)
|
||||
|| '-' ||
|
||||
|
@ -10,7 +10,7 @@ call generateRelatedRbacObject('hs_office_partner_details');
|
||||
-- ============================================================================
|
||||
--changeset hs-office-partner-details-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_partner_details', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_partner_details', $idName$
|
||||
(select idName || '-details' from hs_office_partner_iv partner_iv
|
||||
join hs_office_partner partner on (partner_iv.uuid = partner.uuid)
|
||||
where partner.detailsUuid = target.uuid)
|
||||
|
@ -74,7 +74,7 @@ execute procedure createRbacRolesForHsOfficeBankAccount();
|
||||
--changeset hs-office-bankaccount-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
|
||||
call generateRbacIdentityView('hs_office_bankaccount', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_bankaccount', $idName$
|
||||
target.holder
|
||||
$idName$);
|
||||
--//
|
||||
|
@ -94,7 +94,7 @@ execute procedure hsOfficeSepaMandateRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-sepamandate-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_sepamandate', idNameExpression => 'target.reference');
|
||||
call generateRbacIdentityViewFromProjection('hs_office_sepamandate', 'target.reference');
|
||||
--//
|
||||
|
||||
|
||||
|
@ -173,7 +173,7 @@ execute procedure hsOfficeDebitorRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-debitor-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_debitor', $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_debitor', $idName$
|
||||
'#' ||
|
||||
(select partnerNumber from hs_office_partner p where p.uuid = target.partnerUuid) ||
|
||||
to_char(debitorNumberSuffix, 'fm00') ||
|
||||
|
@ -93,7 +93,7 @@ execute procedure hsOfficeMembershipRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-membership-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_membership', idNameExpression => $idName$
|
||||
call generateRbacIdentityViewFromProjection('hs_office_membership', $idName$
|
||||
'#' ||
|
||||
(select partnerNumber from hs_office_partner p where p.uuid = target.partnerUuid) ||
|
||||
memberNumberSuffix ||
|
||||
|
@ -68,8 +68,7 @@ execute procedure hsOfficeCoopSharesTransactionRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-coopSharesTransaction-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_coopSharesTransaction',
|
||||
idNameExpression => 'target.reference');
|
||||
call generateRbacIdentityViewFromProjection('hs_office_coopSharesTransaction', 'target.reference');
|
||||
--//
|
||||
|
||||
|
||||
|
@ -68,8 +68,7 @@ execute procedure hsOfficeCoopAssetsTransactionRbacRolesTrigger();
|
||||
-- ============================================================================
|
||||
--changeset hs-office-coopAssetsTransaction-rbac-IDENTITY-VIEW:1 endDelimiter:--//
|
||||
-- ----------------------------------------------------------------------------
|
||||
call generateRbacIdentityView('hs_office_coopAssetsTransaction',
|
||||
idNameExpression => 'target.reference');
|
||||
call generateRbacIdentityViewFromProjection('hs_office_coopAssetsTransaction', 'target.reference');
|
||||
--//
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user