hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

RBAC generator with conditional grants used for REPRESENTATIVE-Relation #33

Merged
hsh-michaelhoennig merged 31 commits from rbac-generator-with-conditional-grants into master 2024-04-08 11:16:07 +02:00
Conversation 0 Commits 31 Files Changed 29 +11 -23
2 changed files with 11 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 56f316ef80 - Show all commits

30
src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacView.java
View File

@ -394,7 +394,7 @@ public class RbacView {
});
importedRbacView.getGrantDefs().forEach(grantDef -> {
if ( grantDef.grantType() == RbacGrantDefinition.GrantType.ROLE_TO_ROLE &&
grantDef.matchesCase(forCase) ) {
(grantDef.forCases == null || grantDef.matchesCase(forCase)) ) {
final var importedGrantDef = findOrCreateGrantDef(
findRbacRole(
mapper.map(grantDef.getSubRoleDef().entityAlias.aliasName),
@ -483,7 +483,7 @@ public class RbacView {
public void generateWithBaseFileName(final String baseFileName) {
if (allCases.size() > 1) {
allCases.forEach(caseDef -> {
final var fileName = baseFileName + (caseDef.isDefaultCase() ? "" : "-" + caseDef.val) + ".md";
final var fileName = baseFileName + (caseDef.isDefaultCase() ? "" : "-" + caseDef.value) + ".md";
new RbacViewMermaidFlowchartGenerator(this, caseDef)
.generateToMarkdownFile(Path.of(OUTPUT_BASEDIR, fileName));
});
@ -596,22 +596,12 @@ public class RbacView {
}
boolean matchesCase(final ColumnValue requestedCase) {
if (forCases == null) {
return true;
}
final var noCasesDefined = forCases.isEmpty();
final var generateForAllCases = requestedCase == null;
final boolean isGrantedForRequestedCase = forCases.stream().anyMatch(c -> c.isCase(requestedCase));
return noCasesDefined || generateForAllCases || isGrantedForRequestedCase;
}
boolean matchesCase(final CaseDef requestedCase) {
final var noCasesDefined = forCases.isEmpty();
final var generateForAllCases = requestedCase == null;
final boolean isGrantedForRequestedCase = forCases.contains(requestedCase);
return noCasesDefined || generateForAllCases || isGrantedForRequestedCase;
}
boolean isToCreate() {
return toCreate;
}
@ -1132,14 +1122,12 @@ public class RbacView {
}
}
// FIXME: subclass of ColumnValue
public static class CaseDef {
public static class CaseDef extends ColumnValue {
final String val;
final Consumer<RbacView> def;
private CaseDef(final String discriminatorColumnValue, final Consumer<RbacView> def) {
this.val = discriminatorColumnValue;
super(discriminatorColumnValue);
this.def = def;
}
@ -1154,7 +1142,7 @@ public class RbacView {
@Override
public int hashCode() {
return ofNullable(val).map(String::hashCode).orElse(0);
return ofNullable(value).map(String::hashCode).orElse(0);
}
@Override
@ -1164,22 +1152,22 @@ public class RbacView {
if (other == null || getClass() != other.getClass())
return false;
final CaseDef caseDef = (CaseDef) other;
return Objects.equals(val, caseDef.val);
return Objects.equals(value, caseDef.value);
}
boolean isDefaultCase() {
return val == null;
return value == null;
}
@Override
public String toString() {
return isDefaultCase()
? "inOtherCases"
: "inCaseOf:" + val;
: "inCaseOf:" + value;
}
public boolean isCase(final ColumnValue requestedCase) {
return Objects.equals(requestedCase.value, this.val);
return Objects.equals(requestedCase.value, this.value);
}
}

4
src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java
View File

@ -197,8 +197,8 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn();
final var ifOrElsIf = new AtomicReference<>("IF ");
rbacDef.getAllCases().forEach(caseDef -> {
if (caseDef.val != null) {
plPgSql.writeLn(ifOrElsIf + "NEW." + rbacDef.getDiscriminatorColumName() + " = '" + caseDef.val + "' THEN");
if (caseDef.value != null) {
plPgSql.writeLn(ifOrElsIf + "NEW." + rbacDef.getDiscriminatorColumName() + " = '" + caseDef.value + "' THEN");
} else {
plPgSql.writeLn("ELSE");
}