RBAC Diagram+PostgreSQL Generator #21
@ -19,7 +19,7 @@ public class RbacView {
|
||||
|
||||
public static final String GLOBAL = "global";
|
||||
|
||||
private final EntityAlias entityAlias;
|
||||
private final EntityAlias rootEntityAlias;
|
||||
|
||||
private final Set<RbacUserReference> userDefs = new LinkedHashSet<>();
|
||||
private final Set<RbacRoleDefinition> roleDefs = new LinkedHashSet<>();
|
||||
@ -38,7 +38,7 @@ public class RbacView {
|
||||
private final Set<RbacGrantDefinition> grantDefs = new LinkedHashSet<>();
|
||||
|
||||
private SQL identityViewSqlQuery;
|
||||
private EntityAlias entityAliasProxy;
|
||||
private EntityAlias rootEntityAliasProxy;
|
||||
private RbacRoleDefinition previousRoleDef;
|
||||
|
||||
public static <E extends RbacObject> RbacView rbacViewFor(final String alias, final Class<E> entityClass) {
|
||||
@ -46,8 +46,8 @@ public class RbacView {
|
||||
}
|
||||
|
||||
RbacView(final String alias, final Class<? extends RbacObject> entityClass) {
|
||||
entityAlias = new EntityAlias(alias, entityClass);
|
||||
entityAliases.put(alias, entityAlias);
|
||||
rootEntityAlias = new EntityAlias(alias, entityClass);
|
||||
entityAliases.put(alias, rootEntityAlias);
|
||||
new RbacUserReference(CREATOR);
|
||||
entityAliases.put("global", new EntityAlias("global"));
|
||||
}
|
||||
@ -63,21 +63,21 @@ public class RbacView {
|
||||
}
|
||||
|
||||
public RbacView createRole(final Role role, final Consumer<RbacRoleDefinition> with) {
|
||||
final RbacRoleDefinition newRoleDef = findRbacRole(entityAlias, role).toCreate();
|
||||
final RbacRoleDefinition newRoleDef = findRbacRole(rootEntityAlias, role).toCreate();
|
||||
with.accept(newRoleDef);
|
||||
previousRoleDef = newRoleDef;
|
||||
return this;
|
||||
}
|
||||
|
||||
public RbacView createSubRole(final Role role) {
|
||||
final RbacRoleDefinition newRoleDef = findRbacRole(entityAlias, role).toCreate();
|
||||
final RbacRoleDefinition newRoleDef = findRbacRole(rootEntityAlias, role).toCreate();
|
||||
findOrCreateGrantDef(newRoleDef, previousRoleDef).toCreate();
|
||||
previousRoleDef = newRoleDef;
|
||||
return this;
|
||||
}
|
||||
|
||||
public RbacView createSubRole(final Role role, final Consumer<RbacRoleDefinition> with) {
|
||||
final RbacRoleDefinition newRoleDef = findRbacRole(entityAlias, role).toCreate();
|
||||
final RbacRoleDefinition newRoleDef = findRbacRole(rootEntityAlias, role).toCreate();
|
||||
findOrCreateGrantDef(newRoleDef, previousRoleDef).toCreate();
|
||||
with.accept(newRoleDef);
|
||||
previousRoleDef = newRoleDef;
|
||||
@ -85,7 +85,7 @@ public class RbacView {
|
||||
}
|
||||
|
||||
public RbacPermissionDefinition createPermission(final Permission permission) {
|
||||
return createPermission(entityAlias, permission);
|
||||
return createPermission(rootEntityAlias, permission);
|
||||
}
|
||||
|
||||
private RbacPermissionDefinition createPermission(final EntityAlias entityAlias, final Permission permission) {
|
||||
@ -103,10 +103,10 @@ public class RbacView {
|
||||
|
||||
public <EC extends RbacObject> RbacView importProxyEntity(
|
||||
final String aliasName, final Class entityClass, final SQL fetchSql, final Column dependsOnColum) {
|
||||
if ( entityAliasProxy != null ) {
|
||||
throw new IllegalStateException("there is already an entityAliasProxy: " + entityAliasProxy);
|
||||
if ( rootEntityAliasProxy != null ) {
|
||||
throw new IllegalStateException("there is already an entityAliasProxy: " + rootEntityAliasProxy);
|
||||
}
|
||||
entityAliasProxy = importEntityAliasImpl(aliasName, entityClass, fetchSql, dependsOnColum);
|
||||
rootEntityAliasProxy = importEntityAliasImpl(aliasName, entityClass, fetchSql, dependsOnColum);
|
||||
return this;
|
||||
}
|
||||
|
||||
@ -135,7 +135,7 @@ public class RbacView {
|
||||
private RbacView importAsAlias(final String aliasName, final RbacView importedRbacView) {
|
||||
final var mapper = new AliasNameMapper(importedRbacView, aliasName);
|
||||
importedRbacView.getEntityAliases().values().stream()
|
||||
.filter(entityAlias -> !importedRbacView.isMainEntityAlias(entityAlias))
|
||||
.filter(entityAlias -> !importedRbacView.isRootEntityAlias(entityAlias))
|
||||
.filter(entityAlias -> !entityAlias.isGlobal())
|
||||
.forEach(entityAlias -> {
|
||||
final String mappedAliasName = mapper.map(entityAlias.aliasName);
|
||||
@ -176,12 +176,12 @@ public class RbacView {
|
||||
return findOrCreateGrantDef(subRoleDefinition, superRoleDefinition).toCreate();
|
||||
}
|
||||
|
||||
boolean isMainEntityAlias(final EntityAlias entityAlias) {
|
||||
return entityAlias == this.entityAlias;
|
||||
boolean isRootEntityAlias(final EntityAlias entityAlias) {
|
||||
return entityAlias == this.rootEntityAlias;
|
||||
}
|
||||
|
||||
public boolean isEntityAliasProxy(final EntityAlias entityAlias) {
|
||||
return entityAlias == entityAliasProxy;
|
||||
return entityAlias == rootEntityAliasProxy;
|
||||
}
|
||||
|
||||
public class RbacGrantBuilder {
|
||||
@ -545,7 +545,7 @@ public class RbacView {
|
||||
}
|
||||
|
||||
String map(final String originalAliasName) {
|
||||
if (originalAliasName.equals(importedRbacView.entityAlias.aliasName) ) {
|
||||
if (originalAliasName.equals(importedRbacView.rootEntityAlias.aliasName) ) {
|
||||
return outerAliasName;
|
||||
}
|
||||
if (originalAliasName.equals("global") ) {
|
||||
|
@ -36,7 +36,7 @@ public class RbacViewMermaidFlowchart {
|
||||
}
|
||||
|
||||
private void renderEntitySubgraph(final RbacView.EntityAlias entity) {
|
||||
final var color = rbacDef.isMainEntityAlias(entity) ? HOSTSHARING_ORANGE : HOSTSHARING_LIGHTBLUE;
|
||||
final var color = rbacDef.isRootEntityAlias(entity) ? HOSTSHARING_ORANGE : HOSTSHARING_LIGHTBLUE;
|
||||
flowchart.writeLn("""
|
||||
|
||||
subgraph %{aliasName}["`**%{aliasName}**`"]
|
||||
@ -63,8 +63,8 @@ public class RbacViewMermaidFlowchart {
|
||||
.map(p -> " " + permDef(p) )
|
||||
.collect(joining("\n")));
|
||||
|
||||
if (rbacDef.isMainEntityAlias(entity) && rbacDef.getEntityAliasProxy() != null ) {
|
||||
renderEntitySubgraph(rbacDef.getEntityAliasProxy());
|
||||
if (rbacDef.isRootEntityAlias(entity) && rbacDef.getRootEntityAliasProxy() != null ) {
|
||||
renderEntitySubgraph(rbacDef.getRootEntityAliasProxy());
|
||||
}
|
||||
|
||||
});
|
||||
@ -133,7 +133,7 @@ public class RbacViewMermaidFlowchart {
|
||||
}
|
||||
|
||||
void generateToMarkdownFile() throws IOException {
|
||||
final Path path = Paths.get("doc", rbacDef.getEntityAlias().simpleName() + ".md");
|
||||
final Path path = Paths.get("doc", rbacDef.getRootEntityAlias().simpleName() + ".md");
|
||||
Files.writeString(
|
||||
path,
|
||||
"""
|
||||
@ -143,7 +143,7 @@ public class RbacViewMermaidFlowchart {
|
||||
%{flowchart}
|
||||
```
|
||||
"""
|
||||
.replace("%{entityAlias}", rbacDef.getEntityAlias().aliasName())
|
||||
.replace("%{entityAlias}", rbacDef.getRootEntityAlias().aliasName())
|
||||
.replace("%{timestamp}", LocalDateTime.now().toString())
|
||||
.replace("%{flowchart}", flowchart.toString()),
|
||||
StandardOpenOption.CREATE, StandardOpenOption.TRUNCATE_EXISTING);
|
||||
|
@ -18,7 +18,7 @@ public class RbacViewPostgresGenerator {
|
||||
|
||||
public RbacViewPostgresGenerator(final RbacView forRbacDef) {
|
||||
rbacDef = forRbacDef;
|
||||
liqibaseTagPrefix = rbacDef.getEntityAlias().entityClass().getSimpleName();
|
||||
liqibaseTagPrefix = rbacDef.getRootEntityAlias().entityClass().getSimpleName();
|
||||
plPgSql.append("""
|
||||
--liquibase formatted sql
|
||||
-- generated at: %{timestamp}
|
||||
|
@ -29,7 +29,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
this.rbacGrants.addAll(rbacGrants);
|
||||
this.liquibaseTagPrefix = liquibaseTagPrefix;
|
||||
|
||||
entityClass = rbacDef.getEntityAlias().entityClass();
|
||||
entityClass = rbacDef.getRootEntityAlias().entityClass();
|
||||
simpleEntityName = entityClass.getSimpleName();
|
||||
simpleEntityVarName = uncapitalize(simpleEntityName);
|
||||
rawTableName = withoutRvSuffix(entityClass.getAnnotation(Table.class).name());
|
||||
@ -89,7 +89,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
private void createRolesWithGrantsSql(final StringBuilder plPgSql, final RbacView.Role role) {
|
||||
|
||||
final var isToCreate = rbacDef.getRoleDefs().stream()
|
||||
.filter(roleDef -> rbacDef.isMainEntityAlias(roleDef.getEntityAlias()) && roleDef.getRole() == role )
|
||||
.filter(roleDef -> rbacDef.isRootEntityAlias(roleDef.getEntityAlias()) && roleDef.getRole() == role )
|
||||
.findFirst().map(RbacView.RbacRoleDefinition::isToCreate).orElse(false);
|
||||
if (!isToCreate) {
|
||||
return;
|
||||
@ -103,7 +103,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
.replace("%{simpleEntityVarName)", simpleEntityVarName)
|
||||
.replace("%{roleSuffix}", capitalize(role.roleName())));
|
||||
|
||||
final var permissionGrantsForRole = findPermissionsGrantsForRole(rbacDef.getEntityAlias(), role);
|
||||
final var permissionGrantsForRole = findPermissionsGrantsForRole(rbacDef.getRootEntityAlias(), role);
|
||||
if (!permissionGrantsForRole.isEmpty()) {
|
||||
final var permissionsForRoleInPlPgSql = permissionGrantsForRole.stream()
|
||||
.map(RbacView.RbacGrantDefinition::getPermDef)
|
||||
@ -115,7 +115,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
rbacGrants.removeAll(permissionGrantsForRole);
|
||||
}
|
||||
|
||||
final var grantsToUsers = findGrantsToUserForRole(rbacDef.getEntityAlias(), role);
|
||||
final var grantsToUsers = findGrantsToUserForRole(rbacDef.getRootEntityAlias(), role);
|
||||
if (!grantsToUsers.isEmpty()) {
|
||||
final var grantsToUsersPlPgSql = grantsToUsers.stream()
|
||||
.map(RbacView.RbacGrantDefinition::getUserDef)
|
||||
@ -125,7 +125,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
rbacGrants.removeAll(grantsToUsers);
|
||||
}
|
||||
|
||||
final var incomingGrants = findIncomingSuperRolesForRole(rbacDef.getEntityAlias(), role);
|
||||
final var incomingGrants = findIncomingSuperRolesForRole(rbacDef.getRootEntityAlias(), role);
|
||||
if (!incomingGrants.isEmpty()) {
|
||||
final var incomingGrantsInPlPgSql = incomingGrants.stream()
|
||||
.map(RbacView.RbacGrantDefinition::getSuperRoleDef)
|
||||
@ -135,7 +135,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
rbacGrants.removeAll(incomingGrants);
|
||||
}
|
||||
|
||||
final var outgoingGrants = findOutgoingSuperRolesForRole(rbacDef.getEntityAlias(), role);
|
||||
final var outgoingGrants = findOutgoingSuperRolesForRole(rbacDef.getRootEntityAlias(), role);
|
||||
if (!outgoingGrants.isEmpty()) {
|
||||
final var outgoingGrantsInPlPgSql = outgoingGrants.stream()
|
||||
.map(RbacView.RbacGrantDefinition::getSuperRoleDef)
|
||||
@ -218,7 +218,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
private String toPlPgSqlReference(final PostgresTriggerReference triggerRef, final RbacView.RbacRoleDefinition roleDef) {
|
||||
return toVar(roleDef) +
|
||||
(roleDef.getEntityAlias().isGlobal() ? "()"
|
||||
: rbacDef.isMainEntityAlias(roleDef.getEntityAlias()) ? ("(" + triggerRef.name() + ")")
|
||||
: rbacDef.isRootEntityAlias(roleDef.getEntityAlias()) ? ("(" + triggerRef.name() + ")")
|
||||
: "(" + toTriggerReference(triggerRef, roleDef.getEntityAlias()) + ")");
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user