hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

RBAC Diagram+PostgreSQL Generator #21

Merged
hsh-michaelhoennig merged 54 commits from experimental-rbacview-generator into master 2024-03-11 12:30:44 +01:00
Conversation 0 Commits 54 Files Changed 91 +22 -12
1 changed files with 22 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit fef6e1c01c - Show all commits

34
src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java
View File

@ -40,7 +40,7 @@ class RolesGrantsAndPermissionsGenerator {
void generateTo(final StringWriter plPgSql) { void generateTo(final StringWriter plPgSql) {
generateHeader(plPgSql); generateHeader(plPgSql);
generateTriggerFunction(plPgSql); generateTriggerFunction(plPgSql);
generageInsertTrigger(plPgSql); generateInsertTrigger(plPgSql);
generateFooter(plPgSql); generateFooter(plPgSql);
} }
@ -56,16 +56,19 @@ class RolesGrantsAndPermissionsGenerator {
private void generateTriggerFunction(final StringWriter plPgSql) { private void generateTriggerFunction(final StringWriter plPgSql) {
plPgSql.writeLn(""" plPgSql.writeLn("""
/* /*
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. A Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace function createRbacRolesFor${simpleEntityName}() create or replace procedure createRbacRolesFor${simpleEntityName}(
returns trigger TG_OP text,
language plpgsql OLD ${rawTableName},
strict as $$ NEW ${rawTableName}
)
language plpgsql as $$
declare declare
""" """
.replace("${simpleEntityName}", simpleEntityName)); .replace("${simpleEntityName}", simpleEntityName)
.replace("${rawTableName}", rawTableName));
plPgSql.indented(() -> { plPgSql.indented(() -> {
rbacDef.getEntityAliases().values().stream() rbacDef.getEntityAliases().values().stream()
@ -101,8 +104,6 @@ class RolesGrantsAndPermissionsGenerator {
generateGrants(plPgSql, ROLE_TO_USER); generateGrants(plPgSql, ROLE_TO_USER);
generateGrants(plPgSql, ROLE_TO_ROLE); generateGrants(plPgSql, ROLE_TO_ROLE);
generateGrants(plPgSql, PERM_TO_ROLE); generateGrants(plPgSql, PERM_TO_ROLE);
plPgSql.writeLn("return NEW;");
}); });
plPgSql.writeLn("end; $$;"); plPgSql.writeLn("end; $$;");
@ -280,17 +281,26 @@ class RolesGrantsAndPermissionsGenerator {
.collect(toSet()); .collect(toSet());
} }
private void generageInsertTrigger(final StringWriter plPgSql) { private void generateInsertTrigger(final StringWriter plPgSql) {
plPgSql.writeLn(""" plPgSql.writeLn("""
/* /*
An AFTER INSERT TRIGGER which creates the role structure for a new ${simpleEntityName} An AFTER INSERT TRIGGER which creates the role structure for a new ${simpleEntityName}
*/ */
create trigger createRbacRolesFor${simpleEntityName}_Trigger create or replace function createRbacRolesFor${simpleEntityName}_tf()
returns trigger
language plpgsql
strict as $$
begin
call createRbacRolesFor${simpleEntityName}(TG_OP, OLD, NEW);
return NEW;
end; $$;
create trigger createRbacRolesFor${simpleEntityName}_tg
after insert after insert
on ${rawTableName} on ${rawTableName}
for each row for each row
execute procedure createRbacRolesFor${simpleEntityName}(); execute procedure createRbacRolesFor${simpleEntityName}_tf();
--// --//
""" """
.replace("${simpleEntityName}", simpleEntityName) .replace("${simpleEntityName}", simpleEntityName)