introduce separate database-schemas base+rbac (#103)

Co-authored-by: Michael Hoennig <michael@hoennig.de>
Co-authored-by: Michael Hönnig <michael@hoennig.de>
Reviewed-on: https://dev.hostsharing.net/hostsharing/hs.hsadmin.ng/pulls/103
Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net>

sql/historization.sql

@@ -24,13 +24,13 @@ delete from hs_hosting_asset where uuid='5aea68d2-3b55-464f-8362-b05c76c5a681'::
 commit;
 
 -- single version at point in time
--- set hsadminng.tx_history_txid to (select max(txid) from tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
+-- set hsadminng.tx_history_txid to (select max(txid) from base.tx_context where txtimestamp<='2024-08-27 12:13:13.450821');
 set hsadminng.tx_history_txid to '';
 set hsadminng.tx_history_timestamp to '2024-08-29 12:42';
 -- all versions
-select tx_history_txid(), txc.txtimestamp, txc.currentUser, txc.currentTask, haex.*
+select base.tx_history_txid(), txc.txtimestamp, txc.currentSubject, txc.currentTask, haex.*
     from hs_hosting_asset_ex haex
-             join tx_context txc on haex.txid=txc.txid
+             join base.tx_context txc on haex.txid=txc.txid
     where haex.identifier = 'test@thi.example.org';
 
 select uuid, version, type, identifier, caption from hs_hosting_asset_hv p where identifier = 'test@thi.example.org';

sql/rbac-tests.sql

@@ -3,28 +3,28 @@
 -- --------------------------------------------------------
 
 
-select isGranted(findRoleId('administrators'), findRoleId('test_package#aaa00:OWNER'));
-select isGranted(findRoleId('test_package#aaa00:OWNER'), findRoleId('administrators'));
--- call grantRoleToRole(findRoleId('test_package#aaa00:OWNER'), findRoleId('administrators'));
--- call grantRoleToRole(findRoleId('administrators'), findRoleId('test_package#aaa00:OWNER'));
+select rbac.isGranted(rbac.findRoleId('administrators'), rbac.findRoleId('test.package#aaa00:OWNER'));
+select rbac.isGranted(rbac.findRoleId('test.package#aaa00:OWNER'), rbac.findRoleId('administrators'));
+-- call rbac.grantRoleToRole(findRoleId('test.package#aaa00:OWNER'), findRoleId('administrators'));
+-- call rbac.grantRoleToRole(findRoleId('administrators'), findRoleId('test.package#aaa00:OWNER'));
 
 select count(*)
-FROM queryAllPermissionsOfSubjectIdForObjectUuids(findRbacUser('superuser-fran@hostsharing.net'),
-                                                  ARRAY(select uuid from customer where reference < 1100000));
+FROM rbac.queryAllPermissionsOfSubjectIdForObjectUuids(rbac.findRbacSubject('superuser-fran@hostsharing.net'),
+                                                  ARRAY(select uuid from test.customer where reference < 1100000));
 select count(*)
-FROM queryAllPermissionsOfSubjectId(findRbacUser('superuser-fran@hostsharing.net'));
+FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('superuser-fran@hostsharing.net'));
 select *
-FROM queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com'));
+FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('alex@example.com'));
 select *
-FROM queryAllPermissionsOfSubjectId(findRbacUser('rosa@example.com'));
+FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('rosa@example.com'));
 
 select *
-FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('customer',
-                                                          (SELECT uuid FROM RbacObject WHERE objectTable = 'customer' LIMIT 1),
+FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('customer',
+                                                          (SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'customer' LIMIT 1),
                                                           'add-package'));
 select *
-FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('package',
-                                                          (SELECT uuid FROM RbacObject WHERE objectTable = 'package' LIMIT 1),
+FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('package',
+                                                          (SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'package' LIMIT 1),
                                                           'DELETE'));
 
 DO LANGUAGE plpgsql
@@ -33,13 +33,13 @@ $$
         userId uuid;
         result bool;
     BEGIN
-        userId = findRbacUser('superuser-alex@hostsharing.net');
-        result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId));
+        userId = rbac.findRbacSubject('superuser-alex@hostsharing.net');
+        result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'add-package'), userId));
         IF (result) THEN
             RAISE EXCEPTION 'expected permission NOT to be granted, but it is';
         end if;
 
-        result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'SELECT'), userId));
+        result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'SELECT'), userId));
         IF (NOT result) THEN
             RAISE EXCEPTION 'expected permission to be granted, but it is NOT';
         end if;

sql/rbac-view-option-experiments.sql

@@ -20,43 +20,43 @@ CREATE POLICY customer_policy ON customer
     TO restricted
     USING (
         -- id=1000
-        isPermissionGrantedToSubject(findEffectivePermissionId('test_customer', id, 'SELECT'), currentUserUuid())
+        rbac.isPermissionGrantedToSubject(rbac.findEffectivePermissionId('test.customer', id, 'SELECT'), rbac.currentSubjectUuid())
     );
 
 SET SESSION AUTHORIZATION restricted;
-SET hsadminng.currentUser TO 'alex@example.com';
+SET hsadminng.currentSubject TO 'alex@example.com';
 SELECT * from customer;
 
 -- access control via view-rule and isPermissionGrantedToSubject - way too slow (35 s 580 ms for 1 million rows)
 SET SESSION SESSION AUTHORIZATION DEFAULT;
 DROP VIEW cust_view;
 CREATE VIEW cust_view AS
-SELECT * FROM customer;
+SELECT * FROM test.customer;
 CREATE OR REPLACE RULE "_RETURN" AS
     ON SELECT TO cust_view
     DO INSTEAD
-    SELECT * FROM customer WHERE isPermissionGrantedToSubject(findEffectivePermissionId('test_customer', id, 'SELECT'), currentUserUuid());
+    SELECT * FROM test.customer WHERE rbac.isPermissionGrantedToSubject(rbac.findEffectivePermissionId('test.customer', id, 'SELECT'), rbac.currentSubjectUuid());
 SELECT * from cust_view LIMIT 10;
 
-select queryAllPermissionsOfSubjectId(findRbacUser('superuser-alex@hostsharing.net'));
+select rbac.queryAllPermissionsOfSubjectId(findRbacSubject('superuser-alex@hostsharing.net'));
 
 -- access control via view-rule with join to recursive permissions - really fast (38ms for 1 million rows)
 SET SESSION SESSION AUTHORIZATION DEFAULT;
-ALTER TABLE customer ENABLE ROW LEVEL SECURITY;
+ALTER TABLE test.customer ENABLE ROW LEVEL SECURITY;
 DROP VIEW IF EXISTS cust_view;
 CREATE OR REPLACE VIEW cust_view AS
 SELECT *
-FROM customer;
+FROM test.customer;
 CREATE OR REPLACE RULE "_RETURN" AS
     ON SELECT TO cust_view
     DO INSTEAD
-    SELECT c.uuid, c.reference, c.prefix FROM customer AS c
-      JOIN queryAllPermissionsOfSubjectId(currentUserUuid()) AS p
-           ON p.objectTable='test_customer' AND p.objectUuid=c.uuid;
+    SELECT c.uuid, c.reference, c.prefix FROM test.customer AS c
+      JOIN rbac.queryAllPermissionsOfSubjectId(rbac.currentSubjectUuid()) AS p
+           ON p.objectTable='test.customer' AND p.objectUuid=c.uuid;
 GRANT ALL PRIVILEGES ON cust_view TO restricted;
 
 SET SESSION SESSION AUTHORIZATION restricted;
-SET hsadminng.currentUser TO 'alex@example.com';
+SET hsadminng.currentSubject TO 'alex@example.com';
 SELECT * from cust_view;
 
 
@@ -67,23 +67,23 @@ DROP VIEW IF EXISTS cust_view;
 CREATE OR REPLACE VIEW cust_view AS
     SELECT c.uuid, c.reference, c.prefix
       FROM customer AS c
-      JOIN queryAllPermissionsOfSubjectId(currentUserUuid()) AS p
+      JOIN queryAllPermissionsOfSubjectId(rbac.currentSubjectUuid()) AS p
            ON p.objectUuid=c.uuid;
 GRANT ALL PRIVILEGES ON cust_view TO restricted;
 
 SET SESSION SESSION AUTHORIZATION restricted;
--- SET hsadminng.currentUser TO 'alex@example.com';
-SET hsadminng.currentUser TO 'superuser-alex@hostsharing.net';
--- SET hsadminng.currentUser TO 'aaaaouq@example.com';
+-- SET hsadminng.currentSubject TO 'alex@example.com';
+SET hsadminng.currentSubject TO 'superuser-alex@hostsharing.net';
+-- SET hsadminng.currentSubject TO 'aaaaouq@example.com';
 SELECT * from cust_view where reference=1144150;
 
-select rr.uuid, rr.type from RbacGrants g
-    join RbacReference RR on g.ascendantUuid = RR.uuid
+select rr.uuid, rr.type from rbac.RbacGrants g
+    join rbac.RbacReference RR on g.ascendantUuid = RR.uuid
     where g.descendantUuid in (
-        select uuid from queryAllPermissionsOfSubjectId(findRbacUser('alex@example.com'))
-            where objectTable='test_customer');
+        select uuid from rbac.queryAllPermissionsOfSubjectId(findRbacSubject('alex@example.com'))
+            where objectTable='test.customer');
 
-call grantRoleToUser(findRoleId('test_customer#aaa:ADMIN'), findRbacUser('aaaaouq@example.com'));
+call rbac.grantRoleToUser(rbac.findRoleId('test.customer#aaa:ADMIN'), rbac.findRbacSubject('aaaaouq@example.com'));
 
-select queryAllPermissionsOfSubjectId(findRbacUser('aaaaouq@example.com'));
+select rbac.queryAllPermissionsOfSubjectId(findRbacSubject('aaaaouq@example.com'));
 

sql/recursive-cte-experiments-for-accessible-uuids.sql

@@ -1,6 +1,6 @@
 -- just a permanent playground to explore optimization of the central recursive CTE query for RBAC
 
-select * from hs_statistics_view;
+select * from hs_statistics_v;
 
 -- ========================================================
 
@@ -17,7 +17,7 @@ with recursive
                         1 as level,
                         true
             from rbacgrants
-            where (rbacgrants.ascendantuuid = any (currentsubjectsuuids()))
+            where (rbacgrants.ascendantuuid = any (rbac.currentSubjectOrAssumedRolesUuids()))
               and rbacgrants.assumed
         union all
         select distinct g.descendantuuid,