add-mariadb-instance-database-and-user-validations #75

Merged
hsh-michaelhoennig merged 6 commits from add-mariadb-instance-database-and-user-validations into master 2024-07-12 10:54:47 +02:00
8 changed files with 65 additions and 71 deletions
Showing only changes of commit 8dac2c9d7e - Show all commits

View File

@ -1,5 +1,6 @@
## HostingAsset Type Structure ## HostingAsset Type Structure
### Domain ### Domain
```plantuml ```plantuml
@ -11,8 +12,6 @@ package Booking #feb28c {
entity BI_CLOUD_SERVER entity BI_CLOUD_SERVER
entity BI_MANAGED_SERVER entity BI_MANAGED_SERVER
entity BI_MANAGED_WEBSPACE entity BI_MANAGED_WEBSPACE
entity BI_DOMAIN_DNS_SETUP
entity BI_DOMAIN_SMTP_SETUP
} }
package Hosting #feb28c{ package Hosting #feb28c{
@ -43,20 +42,21 @@ BI_CLOUD_SERVER *--> BI_PRIVATE_CLOUD
BI_MANAGED_SERVER *--> BI_PRIVATE_CLOUD BI_MANAGED_SERVER *--> BI_PRIVATE_CLOUD
BI_MANAGED_WEBSPACE *--> BI_MANAGED_SERVER BI_MANAGED_WEBSPACE *--> BI_MANAGED_SERVER
HA_CLOUD_SERVER ==* BI_CLOUD_SERVER HA_CLOUD_SERVER *==> BI_CLOUD_SERVER
HA_MANAGED_SERVER ==* BI_MANAGED_SERVER HA_MANAGED_SERVER *==> BI_MANAGED_SERVER
HA_MANAGED_WEBSPACE ==* BI_MANAGED_WEBSPACE HA_MANAGED_WEBSPACE *==> BI_MANAGED_WEBSPACE
HA_MANAGED_WEBSPACE o..> HA_MANAGED_SERVER HA_MANAGED_WEBSPACE o..> HA_MANAGED_SERVER
HA_UNIX_USER *==> HA_MANAGED_WEBSPACE HA_UNIX_USER *==> HA_MANAGED_WEBSPACE
HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE
HA_DOMAIN_SETUP o..> HA_DOMAIN_SETUP HA_DOMAIN_SETUP o..> HA_DOMAIN_SETUP
HA_DOMAIN_DNS_SETUP *==> HA_DOMAIN_SETUP HA_DOMAIN_DNS_SETUP *==> HA_DOMAIN_SETUP
HA_DOMAIN_DNS_SETUP o..> HA_MANAGED_WEBSPACE
HA_DOMAIN_HTTP_SETUP *==> HA_DOMAIN_SETUP HA_DOMAIN_HTTP_SETUP *==> HA_DOMAIN_SETUP
HA_DOMAIN_HTTP_SETUP o..> HA_UNIX_USER HA_DOMAIN_HTTP_SETUP o..> HA_UNIX_USER
HA_DOMAIN_SMTP_SETUP *==> HA_DOMAIN_SETUP HA_DOMAIN_SMTP_SETUP *==> HA_DOMAIN_SETUP
HA_DOMAIN_SMTP_SETUP o..> HA_MANAGED_WEBSPACE HA_DOMAIN_SMTP_SETUP o..> HA_MANAGED_WEBSPACE
HA_DOMAIN_MBOX_SETUP *==> HA_DOMAIN_SETUP HA_DOMAIN_MBOX_SETUP *==> HA_DOMAIN_SETUP
HA_DOMAIN_MBOX_SETUP o..> HA_MANAGED_WEBSPACE HA_DOMAIN_MBOX_SETUP o..> HA_MANAGED_WEBSPACE
HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE
HA_EMAIL_ADDRESS *==> HA_DOMAIN_MBOX_SETUP HA_EMAIL_ADDRESS *==> HA_DOMAIN_MBOX_SETUP
HA_IP_NUMBER o..> HA_CLOUD_SERVER HA_IP_NUMBER o..> HA_CLOUD_SERVER
HA_IP_NUMBER o..> HA_MANAGED_SERVER HA_IP_NUMBER o..> HA_MANAGED_SERVER
@ -70,6 +70,7 @@ package Legend #white {
} }
Booking -down[hidden]->Legend Booking -down[hidden]->Legend
``` ```
### MariaDB ### MariaDB
```plantuml ```plantuml
@ -81,8 +82,6 @@ package Booking #feb28c {
entity BI_CLOUD_SERVER entity BI_CLOUD_SERVER
entity BI_MANAGED_SERVER entity BI_MANAGED_SERVER
entity BI_MANAGED_WEBSPACE entity BI_MANAGED_WEBSPACE
entity BI_DOMAIN_DNS_SETUP
entity BI_DOMAIN_SMTP_SETUP
} }
package Hosting #feb28c{ package Hosting #feb28c{
@ -110,16 +109,16 @@ BI_CLOUD_SERVER *--> BI_PRIVATE_CLOUD
BI_MANAGED_SERVER *--> BI_PRIVATE_CLOUD BI_MANAGED_SERVER *--> BI_PRIVATE_CLOUD
BI_MANAGED_WEBSPACE *--> BI_MANAGED_SERVER BI_MANAGED_WEBSPACE *--> BI_MANAGED_SERVER
HA_CLOUD_SERVER ==* BI_CLOUD_SERVER HA_CLOUD_SERVER *==> BI_CLOUD_SERVER
HA_MANAGED_SERVER ==* BI_MANAGED_SERVER HA_MANAGED_SERVER *==> BI_MANAGED_SERVER
HA_MANAGED_WEBSPACE ==* BI_MANAGED_WEBSPACE HA_MANAGED_WEBSPACE *==> BI_MANAGED_WEBSPACE
HA_MANAGED_WEBSPACE o..> HA_MANAGED_SERVER HA_MANAGED_WEBSPACE o..> HA_MANAGED_SERVER
HA_UNIX_USER *==> HA_MANAGED_WEBSPACE HA_UNIX_USER *==> HA_MANAGED_WEBSPACE
HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE
HA_MARIADB_INSTANCE *==> HA_MANAGED_SERVER HA_MARIADB_INSTANCE *==> HA_MANAGED_SERVER
HA_MARIADB_USER *==> HA_MARIADB_INSTANCE HA_MARIADB_USER *==> HA_MANAGED_WEBSPACE
HA_MARIADB_USER o..> HA_MANAGED_WEBSPACE HA_MARIADB_USER o..> HA_MARIADB_INSTANCE
HA_MARIADB_DATABASE *==> HA_MANAGED_WEBSPACE HA_MARIADB_DATABASE *==> HA_MARIADB_USER
HA_MARIADB_DATABASE o..> HA_MARIADB_INSTANCE HA_MARIADB_DATABASE o..> HA_MARIADB_INSTANCE
HA_IP_NUMBER o..> HA_CLOUD_SERVER HA_IP_NUMBER o..> HA_CLOUD_SERVER
HA_IP_NUMBER o..> HA_MANAGED_SERVER HA_IP_NUMBER o..> HA_MANAGED_SERVER
@ -133,6 +132,7 @@ package Legend #white {
} }
Booking -down[hidden]->Legend Booking -down[hidden]->Legend
``` ```
### PostgreSQL ### PostgreSQL
```plantuml ```plantuml
@ -144,8 +144,6 @@ package Booking #feb28c {
entity BI_CLOUD_SERVER entity BI_CLOUD_SERVER
entity BI_MANAGED_SERVER entity BI_MANAGED_SERVER
entity BI_MANAGED_WEBSPACE entity BI_MANAGED_WEBSPACE
entity BI_DOMAIN_DNS_SETUP
entity BI_DOMAIN_SMTP_SETUP
} }
package Hosting #feb28c{ package Hosting #feb28c{
@ -173,9 +171,9 @@ BI_CLOUD_SERVER *--> BI_PRIVATE_CLOUD
BI_MANAGED_SERVER *--> BI_PRIVATE_CLOUD BI_MANAGED_SERVER *--> BI_PRIVATE_CLOUD
BI_MANAGED_WEBSPACE *--> BI_MANAGED_SERVER BI_MANAGED_WEBSPACE *--> BI_MANAGED_SERVER
HA_CLOUD_SERVER ==* BI_CLOUD_SERVER HA_CLOUD_SERVER *==> BI_CLOUD_SERVER
HA_MANAGED_SERVER ==* BI_MANAGED_SERVER HA_MANAGED_SERVER *==> BI_MANAGED_SERVER
HA_MANAGED_WEBSPACE ==* BI_MANAGED_WEBSPACE HA_MANAGED_WEBSPACE *==> BI_MANAGED_WEBSPACE
HA_MANAGED_WEBSPACE o..> HA_MANAGED_SERVER HA_MANAGED_WEBSPACE o..> HA_MANAGED_SERVER
HA_UNIX_USER *==> HA_MANAGED_WEBSPACE HA_UNIX_USER *==> HA_MANAGED_WEBSPACE
HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE
@ -196,4 +194,5 @@ package Legend #white {
} }
Booking -down[hidden]->Legend Booking -down[hidden]->Legend
``` ```
This code generated was by HsHostingAssetType.main, do not amend manually. This code generated was by HsHostingAssetType.main, do not amend manually.

View File

@ -100,13 +100,13 @@ public enum HsHostingAssetType implements Node {
MARIADB_USER( // named e.g. xyz00_abc MARIADB_USER( // named e.g. xyz00_abc
inGroup("MariaDB"), inGroup("MariaDB"),
requiredParent(MARIADB_INSTANCE), requiredParent(MANAGED_WEBSPACE), // thus, the MANAGED_WEBSPACE:Agent becomes RBAC owner
assignedTo(MANAGED_WEBSPACE)), assignedTo(MARIADB_INSTANCE)), // keep in mind: no RBAC grants implied
MARIADB_DATABASE( // named e.g. xyz00_abc MARIADB_DATABASE( // named e.g. xyz00_abc
inGroup("MariaDB"), inGroup("MariaDB"),
requiredParent(MARIADB_INSTANCE), // TODO.spec: or MARIADB_USER? requiredParent(MARIADB_USER), // thus, the MARIADB_USER:Agent becomes RBAC owner
assignedTo(MARIADB_USER)), // TODO.spec: or swapping parent+assignedTo? assignedTo(MARIADB_INSTANCE)), // keep in mind: no RBAC grants implied
IP_NUMBER( IP_NUMBER(
inGroup("Server"), inGroup("Server"),

View File

@ -14,13 +14,12 @@ class HsMariaDbDatabaseHostingAssetValidator extends HostingAssetEntityValidator
MARIADB_DATABASE, MARIADB_DATABASE,
AlarmContact.isOptional(), AlarmContact.isOptional(),
stringProperty("encoding").matchesRegEx("[a-z0-9_]+").maxLength(24).provided("latin2", "utf8").withDefault("utf8"), stringProperty("encoding").matchesRegEx("[a-z0-9_]+").maxLength(24).provided("latin1", "utf8").withDefault("utf8"));
stringProperty("collation").matchesRegEx("[a-z0-9_]+").maxLength(24).provided("latin2", "utf8").withDefault("utf8"));
} }
@Override @Override
protected Pattern identifierPattern(final HsHostingAssetEntity assetEntity) { protected Pattern identifierPattern(final HsHostingAssetEntity assetEntity) {
final var webspaceIdentifier = assetEntity.getAssignedToAsset().getAssignedToAsset().getIdentifier(); final var webspaceIdentifier = assetEntity.getParentAsset().getParentAsset().getIdentifier();
return Pattern.compile("^"+webspaceIdentifier+"$|^"+webspaceIdentifier+"_[a-z0-9]+$"); return Pattern.compile("^"+webspaceIdentifier+"$|^"+webspaceIdentifier+"_[a-z0-9]+$");
} }
} }

View File

@ -27,7 +27,7 @@ class HsMariaDbUserHostingAssetValidator extends HostingAssetEntityValidator {
@Override @Override
protected Pattern identifierPattern(final HsHostingAssetEntity assetEntity) { protected Pattern identifierPattern(final HsHostingAssetEntity assetEntity) {
final var webspaceIdentifier = assetEntity.getAssignedToAsset().getIdentifier(); final var webspaceIdentifier = assetEntity.getParentAsset().getIdentifier();
return Pattern.compile("^"+webspaceIdentifier+"$|^"+webspaceIdentifier+"_[a-z0-9]+$"); return Pattern.compile("^"+webspaceIdentifier+"$|^"+webspaceIdentifier+"_[a-z0-9]+$");
} }
} }

View File

@ -129,10 +129,10 @@ class HsHostingAssetTypeUnitTest {
HA_UNIX_USER *==> HA_MANAGED_WEBSPACE HA_UNIX_USER *==> HA_MANAGED_WEBSPACE
HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE HA_EMAIL_ALIAS *==> HA_MANAGED_WEBSPACE
HA_MARIADB_INSTANCE *==> HA_MANAGED_SERVER HA_MARIADB_INSTANCE *==> HA_MANAGED_SERVER
HA_MARIADB_USER *==> HA_MARIADB_INSTANCE HA_MARIADB_USER *==> HA_MANAGED_WEBSPACE
HA_MARIADB_USER o..> HA_MANAGED_WEBSPACE HA_MARIADB_USER o..> HA_MARIADB_INSTANCE
HA_MARIADB_DATABASE *==> HA_MARIADB_INSTANCE HA_MARIADB_DATABASE *==> HA_MARIADB_USER
HA_MARIADB_DATABASE o..> HA_MARIADB_USER HA_MARIADB_DATABASE o..> HA_MARIADB_INSTANCE
HA_IP_NUMBER o..> HA_CLOUD_SERVER HA_IP_NUMBER o..> HA_CLOUD_SERVER
HA_IP_NUMBER o..> HA_MANAGED_SERVER HA_IP_NUMBER o..> HA_MANAGED_SERVER
HA_IP_NUMBER o..> HA_MANAGED_WEBSPACE HA_IP_NUMBER o..> HA_MANAGED_WEBSPACE

View File

@ -27,8 +27,8 @@ class HsMariaDbDatabaseHostingAssetValidatorUnitTest {
private static final HsHostingAssetEntity GIVEN_MARIADB_USER = HsHostingAssetEntity.builder() private static final HsHostingAssetEntity GIVEN_MARIADB_USER = HsHostingAssetEntity.builder()
.type(MARIADB_USER) .type(MARIADB_USER)
.parentAsset(GIVEN_MARIADB_INSTANCE) .parentAsset(TEST_MANAGED_WEBSPACE_HOSTING_ASSET)
.assignedToAsset(TEST_MANAGED_WEBSPACE_HOSTING_ASSET) .assignedToAsset(GIVEN_MARIADB_INSTANCE)
.identifier("xyz00_temp") .identifier("xyz00_temp")
.caption("some valid test MariaDB-User") .caption("some valid test MariaDB-User")
.config(new HashMap<>(ofEntries( .config(new HashMap<>(ofEntries(
@ -39,13 +39,12 @@ class HsMariaDbDatabaseHostingAssetValidatorUnitTest {
private static HsHostingAssetEntityBuilder givenValidMariaDbDatabaseBuilder() { private static HsHostingAssetEntityBuilder givenValidMariaDbDatabaseBuilder() {
return HsHostingAssetEntity.builder() return HsHostingAssetEntity.builder()
.type(MARIADB_DATABASE) .type(MARIADB_DATABASE)
.parentAsset(GIVEN_MARIADB_INSTANCE) .parentAsset(GIVEN_MARIADB_USER)
.assignedToAsset(GIVEN_MARIADB_USER) .assignedToAsset(GIVEN_MARIADB_INSTANCE)
.identifier("xyz00_temp") .identifier("xyz00_temp")
.caption("some valid test MariaDB-Database") .caption("some valid test MariaDB-Database")
.config(new HashMap<>(ofEntries( .config(new HashMap<>(ofEntries(
entry("encoding", "latin1"), entry("encoding", "latin1")
entry("collation", "latin1")
))); )));
} }
@ -59,8 +58,7 @@ class HsMariaDbDatabaseHostingAssetValidatorUnitTest {
// then // then
assertThat(props).extracting(Object::toString).containsExactlyInAnyOrder( assertThat(props).extracting(Object::toString).containsExactlyInAnyOrder(
"{type=string, propertyName=encoding, matchesRegEx=[[a-z0-9_]+], maxLength=24, provided=[latin2, utf8], defaultValue=utf8}", "{type=string, propertyName=encoding, matchesRegEx=[[a-z0-9_]+], maxLength=24, provided=[latin1, utf8], defaultValue=utf8}"
"{type=string, propertyName=collation, matchesRegEx=[[a-z0-9_]+], maxLength=24, provided=[latin2, utf8], defaultValue=utf8}"
); );
} }
@ -86,8 +84,7 @@ class HsMariaDbDatabaseHostingAssetValidatorUnitTest {
final var givenMariaDbUserHostingAsset = givenValidMariaDbDatabaseBuilder() final var givenMariaDbUserHostingAsset = givenValidMariaDbDatabaseBuilder()
.config(ofEntries( .config(ofEntries(
entry("unknown", "wrong"), entry("unknown", "wrong"),
entry("encoding", 10), entry("encoding", 10)
entry("collation", 20)
)) ))
.build(); .build();
final var validator = HostingAssetEntityValidatorRegistry.forType(givenMariaDbUserHostingAsset.getType()); final var validator = HostingAssetEntityValidatorRegistry.forType(givenMariaDbUserHostingAsset.getType());
@ -98,8 +95,7 @@ class HsMariaDbDatabaseHostingAssetValidatorUnitTest {
// then // then
assertThat(result).containsExactlyInAnyOrder( assertThat(result).containsExactlyInAnyOrder(
"'MARIADB_DATABASE:xyz00_temp.config.unknown' is not expected but is set to 'wrong'", "'MARIADB_DATABASE:xyz00_temp.config.unknown' is not expected but is set to 'wrong'",
"'MARIADB_DATABASE:xyz00_temp.config.encoding' is expected to be of type String, but is of type Integer", "'MARIADB_DATABASE:xyz00_temp.config.encoding' is expected to be of type String, but is of type Integer"
"'MARIADB_DATABASE:xyz00_temp.config.collation' is expected to be of type String, but is of type Integer"
); );
} }

View File

@ -27,8 +27,8 @@ class HsMariaDbUserHostingAssetValidatorUnitTest {
private static HsHostingAssetEntityBuilder givenValidMariaDbUserBuilder() { private static HsHostingAssetEntityBuilder givenValidMariaDbUserBuilder() {
return HsHostingAssetEntity.builder() return HsHostingAssetEntity.builder()
.type(MARIADB_USER) .type(MARIADB_USER)
.parentAsset(GIVEN_MARIADB_INSTANCE) .parentAsset(TEST_MANAGED_WEBSPACE_HOSTING_ASSET)
.assignedToAsset(TEST_MANAGED_WEBSPACE_HOSTING_ASSET) .assignedToAsset(GIVEN_MARIADB_INSTANCE)
.identifier("xyz00_temp") .identifier("xyz00_temp")
.caption("some valid test MariaDB-User") .caption("some valid test MariaDB-User")
.config(new HashMap<>(ofEntries( .config(new HashMap<>(ofEntries(

View File

@ -169,7 +169,7 @@ class HsUnixUserHostingAssetValidatorUnitTest {
"{type=enumeration, propertyName=shell, values=[/bin/false, /bin/bash, /bin/csh, /bin/dash, /usr/bin/tcsh, /usr/bin/zsh, /usr/bin/passwd], defaultValue=/bin/false}", "{type=enumeration, propertyName=shell, values=[/bin/false, /bin/bash, /bin/csh, /bin/dash, /usr/bin/tcsh, /usr/bin/zsh, /usr/bin/passwd], defaultValue=/bin/false}",
"{type=string, propertyName=homedir, readOnly=true, computed=true}", "{type=string, propertyName=homedir, readOnly=true, computed=true}",
"{type=string, propertyName=totpKey, matchesRegEx=[^0x([0-9A-Fa-f]{2})+$], minLength=20, maxLength=256, writeOnly=true, undisclosed=true}", "{type=string, propertyName=totpKey, matchesRegEx=[^0x([0-9A-Fa-f]{2})+$], minLength=20, maxLength=256, writeOnly=true, undisclosed=true}",
"{type=password, propertyName=password, minLength=8, maxLength=40, writeOnly=true, computed=true, hashedUsing=SHA512, undisclosed=true}" "{type=password, propertyName=password, minLength=8, maxLength=40, writeOnly=true, computed=true, hashedUsing=LINUX_SHA512, undisclosed=true}"
); );
} }
} }