RBAC Diagram+PostgreSQL Generator #21
@ -40,7 +40,7 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
void generateTo(final StringWriter plPgSql) {
|
||||
generateHeader(plPgSql);
|
||||
generateTriggerFunction(plPgSql);
|
||||
generageInsertTrigger(plPgSql);
|
||||
generateInsertTrigger(plPgSql);
|
||||
generateFooter(plPgSql);
|
||||
}
|
||||
|
||||
@ -56,16 +56,19 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
private void generateTriggerFunction(final StringWriter plPgSql) {
|
||||
plPgSql.writeLn("""
|
||||
/*
|
||||
Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
|
||||
A Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
|
||||
*/
|
||||
|
||||
create or replace function createRbacRolesFor${simpleEntityName}()
|
||||
returns trigger
|
||||
language plpgsql
|
||||
strict as $$
|
||||
create or replace procedure createRbacRolesFor${simpleEntityName}(
|
||||
TG_OP text,
|
||||
OLD ${rawTableName},
|
||||
NEW ${rawTableName}
|
||||
)
|
||||
language plpgsql as $$
|
||||
declare
|
||||
"""
|
||||
.replace("${simpleEntityName}", simpleEntityName));
|
||||
.replace("${simpleEntityName}", simpleEntityName)
|
||||
.replace("${rawTableName}", rawTableName));
|
||||
|
||||
plPgSql.indented(() -> {
|
||||
rbacDef.getEntityAliases().values().stream()
|
||||
@ -101,8 +104,6 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
generateGrants(plPgSql, ROLE_TO_USER);
|
||||
generateGrants(plPgSql, ROLE_TO_ROLE);
|
||||
generateGrants(plPgSql, PERM_TO_ROLE);
|
||||
|
||||
plPgSql.writeLn("return NEW;");
|
||||
});
|
||||
|
||||
plPgSql.writeLn("end; $$;");
|
||||
@ -280,17 +281,26 @@ class RolesGrantsAndPermissionsGenerator {
|
||||
.collect(toSet());
|
||||
}
|
||||
|
||||
private void generageInsertTrigger(final StringWriter plPgSql) {
|
||||
private void generateInsertTrigger(final StringWriter plPgSql) {
|
||||
plPgSql.writeLn("""
|
||||
/*
|
||||
An AFTER INSERT TRIGGER which creates the role structure for a new ${simpleEntityName}
|
||||
*/
|
||||
|
||||
create trigger createRbacRolesFor${simpleEntityName}_Trigger
|
||||
create or replace function createRbacRolesFor${simpleEntityName}_tf()
|
||||
returns trigger
|
||||
language plpgsql
|
||||
strict as $$
|
||||
begin
|
||||
call createRbacRolesFor${simpleEntityName}(TG_OP, OLD, NEW);
|
||||
return NEW;
|
||||
end; $$;
|
||||
|
||||
create trigger createRbacRolesFor${simpleEntityName}_tg
|
||||
after insert
|
||||
on ${rawTableName}
|
||||
for each row
|
||||
execute procedure createRbacRolesFor${simpleEntityName}();
|
||||
execute procedure createRbacRolesFor${simpleEntityName}_tf();
|
||||
--//
|
||||
"""
|
||||
.replace("${simpleEntityName}", simpleEntityName)
|
||||
|
Loading…
Reference in New Issue
Block a user