hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

RBAC generator with conditional grants used for REPRESENTATIVE-Relation #33

Merged
hsh-michaelhoennig merged 31 commits from rbac-generator-with-conditional-grants into master 2024-04-08 11:16:07 +02:00
Conversation 0 Commits 31 Files Changed 29 +17 -11
3 changed files with 17 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit f1bbc85ec6 - Show all commits

19
src/main/java/net/hostsharing/hsadminng/hs/office/debitor/HsOfficeDebitorEntity.java
View File

@ -1,6 +1,10 @@
package net.hostsharing.hsadminng.hs.office.debitor;
import lombok.*;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import net.hostsharing.hsadminng.errors.DisplayName;
import net.hostsharing.hsadminng.hs.office.bankaccount.HsOfficeBankAccountEntity;
import net.hostsharing.hsadminng.hs.office.partner.HsOfficePartnerEntity;
@ -15,7 +19,13 @@ import org.hibernate.annotations.JoinFormula;
import org.hibernate.annotations.NotFound;
import org.hibernate.annotations.NotFoundAction;
import jakarta.persistence.*;
import jakarta.persistence.Column;
import jakarta.persistence.Entity;
import jakarta.persistence.GeneratedValue;
import jakarta.persistence.Id;
import jakarta.persistence.JoinColumn;
import jakarta.persistence.ManyToOne;
import jakarta.persistence.Table;
import jakarta.validation.constraints.Pattern;
import java.io.IOException;
import java.util.UUID;
@ -26,7 +36,7 @@ import static jakarta.persistence.CascadeType.PERSIST;
import static jakarta.persistence.CascadeType.REFRESH;
import static java.util.Optional.ofNullable;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Column.dependsOnColumn;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.ColumnValue.usingCase;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.ColumnValue.usingDefaultCase;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Nullable.NOT_NULL;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Nullable.NULLABLE;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.*;
@ -158,7 +168,8 @@ public class HsOfficeDebitorEntity implements RbacObject, Stringifyable {
.toRole("global", ADMIN).grantPermission(INSERT)
.importRootEntityAliasProxy("debitorRel", HsOfficeRelationEntity.class,
usingCase("DEBITOR"),
// TODO.spec: do we need a distinct case for DEBITOR-Relation?
usingDefaultCase(),
directlyFetchedByDependsOnColumn(),
dependsOnColumn("debitorRelUuid"))
.createPermission(DELETE).grantedTo("debitorRel", OWNER)

4
src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RbacView.java
View File

@ -257,7 +257,7 @@ public class RbacView {
return permDefs.stream()
.filter(p -> p.permission == permission && p.entityAlias == entityAlias)
.findFirst()
// .map(g -> g.forCase(processingCase)) TODO: not implemented case dependent
// .map(g -> g.forCase(processingCase)) TODO.impl: not implemented case dependent
.orElseGet(() -> new RbacPermissionDefinition(entityAlias, permission, null, true));
}
@ -415,7 +415,6 @@ public class RbacView {
this.discriminatorColumName = discriminatorColumName;
allCases.addAll(stream(caseDefs).toList());
// FIXME: currently only the default case is executed
stream(caseDefs).forEach(caseDef -> {
this.processingCase = caseDef;
caseDef.def.accept(this);
@ -1133,6 +1132,7 @@ public class RbacView {
}
}
// FIXME: subclass of ColumnValue
public static class CaseDef {
final String val;

5
src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java
View File

@ -331,11 +331,6 @@ class RolesGrantsAndPermissionsGenerator {
.replace("${permRef}", createPerm(NEW, grantDef.getPermDef()))
.replace("${superRoleRef}", roleRef(NEW, grantDef.getSuperRoleDef()));
};
// if (grantDef.isConditional()) {
// return "if " + grantDef.generateCondition() + " then\n"
// + " " + grantSql + "\n"
// + "end if;";
// }
return grantSql;
}