RBAC generator with conditional grants used for REPRESENTATIVE-Relation #33

Merged
hsh-michaelhoennig merged 31 commits from rbac-generator-with-conditional-grants into master 2024-04-08 11:16:07 +02:00
2 changed files with 11 additions and 23 deletions
Showing only changes of commit 56f316ef80 - Show all commits

View File

@ -394,7 +394,7 @@ public class RbacView {
}); });
importedRbacView.getGrantDefs().forEach(grantDef -> { importedRbacView.getGrantDefs().forEach(grantDef -> {
if ( grantDef.grantType() == RbacGrantDefinition.GrantType.ROLE_TO_ROLE && if ( grantDef.grantType() == RbacGrantDefinition.GrantType.ROLE_TO_ROLE &&
grantDef.matchesCase(forCase) ) { (grantDef.forCases == null || grantDef.matchesCase(forCase)) ) {
final var importedGrantDef = findOrCreateGrantDef( final var importedGrantDef = findOrCreateGrantDef(
findRbacRole( findRbacRole(
mapper.map(grantDef.getSubRoleDef().entityAlias.aliasName), mapper.map(grantDef.getSubRoleDef().entityAlias.aliasName),
@ -483,7 +483,7 @@ public class RbacView {
public void generateWithBaseFileName(final String baseFileName) { public void generateWithBaseFileName(final String baseFileName) {
if (allCases.size() > 1) { if (allCases.size() > 1) {
allCases.forEach(caseDef -> { allCases.forEach(caseDef -> {
final var fileName = baseFileName + (caseDef.isDefaultCase() ? "" : "-" + caseDef.val) + ".md"; final var fileName = baseFileName + (caseDef.isDefaultCase() ? "" : "-" + caseDef.value) + ".md";
new RbacViewMermaidFlowchartGenerator(this, caseDef) new RbacViewMermaidFlowchartGenerator(this, caseDef)
.generateToMarkdownFile(Path.of(OUTPUT_BASEDIR, fileName)); .generateToMarkdownFile(Path.of(OUTPUT_BASEDIR, fileName));
}); });
@ -596,22 +596,12 @@ public class RbacView {
} }
boolean matchesCase(final ColumnValue requestedCase) { boolean matchesCase(final ColumnValue requestedCase) {
if (forCases == null) {
return true;
}
final var noCasesDefined = forCases.isEmpty(); final var noCasesDefined = forCases.isEmpty();
final var generateForAllCases = requestedCase == null; final var generateForAllCases = requestedCase == null;
final boolean isGrantedForRequestedCase = forCases.stream().anyMatch(c -> c.isCase(requestedCase)); final boolean isGrantedForRequestedCase = forCases.stream().anyMatch(c -> c.isCase(requestedCase));
return noCasesDefined || generateForAllCases || isGrantedForRequestedCase; return noCasesDefined || generateForAllCases || isGrantedForRequestedCase;
} }
boolean matchesCase(final CaseDef requestedCase) {
final var noCasesDefined = forCases.isEmpty();
final var generateForAllCases = requestedCase == null;
final boolean isGrantedForRequestedCase = forCases.contains(requestedCase);
return noCasesDefined || generateForAllCases || isGrantedForRequestedCase;
}
boolean isToCreate() { boolean isToCreate() {
return toCreate; return toCreate;
} }
@ -1132,14 +1122,12 @@ public class RbacView {
} }
} }
// FIXME: subclass of ColumnValue public static class CaseDef extends ColumnValue {
public static class CaseDef {
final String val;
final Consumer<RbacView> def; final Consumer<RbacView> def;
private CaseDef(final String discriminatorColumnValue, final Consumer<RbacView> def) { private CaseDef(final String discriminatorColumnValue, final Consumer<RbacView> def) {
this.val = discriminatorColumnValue; super(discriminatorColumnValue);
this.def = def; this.def = def;
} }
@ -1154,7 +1142,7 @@ public class RbacView {
@Override @Override
public int hashCode() { public int hashCode() {
return ofNullable(val).map(String::hashCode).orElse(0); return ofNullable(value).map(String::hashCode).orElse(0);
} }
@Override @Override
@ -1164,22 +1152,22 @@ public class RbacView {
if (other == null || getClass() != other.getClass()) if (other == null || getClass() != other.getClass())
return false; return false;
final CaseDef caseDef = (CaseDef) other; final CaseDef caseDef = (CaseDef) other;
return Objects.equals(val, caseDef.val); return Objects.equals(value, caseDef.value);
} }
boolean isDefaultCase() { boolean isDefaultCase() {
return val == null; return value == null;
} }
@Override @Override
public String toString() { public String toString() {
return isDefaultCase() return isDefaultCase()
? "inOtherCases" ? "inOtherCases"
: "inCaseOf:" + val; : "inCaseOf:" + value;
} }
public boolean isCase(final ColumnValue requestedCase) { public boolean isCase(final ColumnValue requestedCase) {
return Objects.equals(requestedCase.value, this.val); return Objects.equals(requestedCase.value, this.value);
} }
} }

View File

@ -197,8 +197,8 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn(); plPgSql.writeLn();
final var ifOrElsIf = new AtomicReference<>("IF "); final var ifOrElsIf = new AtomicReference<>("IF ");
rbacDef.getAllCases().forEach(caseDef -> { rbacDef.getAllCases().forEach(caseDef -> {
if (caseDef.val != null) { if (caseDef.value != null) {
plPgSql.writeLn(ifOrElsIf + "NEW." + rbacDef.getDiscriminatorColumName() + " = '" + caseDef.val + "' THEN"); plPgSql.writeLn(ifOrElsIf + "NEW." + rbacDef.getDiscriminatorColumName() + " = '" + caseDef.value + "' THEN");
} else { } else {
plPgSql.writeLn("ELSE"); plPgSql.writeLn("ELSE");
} }