hostsharing/hs.hsadmin.ng
1
0
Fork 0
Code Activity

rename hs-admin to hs-office regarding the module name

Browse Source
This commit is contained in:
Michael Hoennig
2022-09-13 13:27:52 +02:00
parent 7465b9df63
commit 4e90f53bf3
43 changed files with 540 additions and 544 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/main/resources/api-definition/hs-admin/api-mappings.yaml → src/main/resources/api-definition/hs-office/api-mappings.yaml
View File

@ -1,7 +1,7 @@
openapi-processor-mapping: v2
options:
package-name: net.hostsharing.hsadminng.hs.admin.generated.api.v1
package-name: net.hostsharing.hsadminng.hs.office.generated.api.v1
model-name-suffix: Resource
map:
@ -12,5 +12,5 @@ map:
- type: string:uuid => java.util.UUID
paths:
/api/hs/admin/partners/{packageUUID}:
/api/hs/office/partners/{packageUUID}:
null: org.openapitools.jackson.nullable.JsonNullable

0
src/main/resources/api-definition/hs-admin/auth.yaml → src/main/resources/api-definition/hs-office/auth.yaml
View File

0
src/main/resources/api-definition/hs-admin/error-responses.yaml → src/main/resources/api-definition/hs-office/error-responses.yaml
View File

10
src/main/resources/api-definition/hs-admin/hs-admin-contact-schemas.yaml → src/main/resources/api-definition/hs-office/hs-office-contact-schemas.yaml
View File

@ -3,7 +3,7 @@ components:
schemas:
HsAdminContactBase:
HsOfficeContactBase:
type: object
properties:
label:
@ -15,14 +15,14 @@ components:
phoneNumbers:
type: string
HsAdminContact:
HsOfficeContact:
allOf:
- type: object
properties:
uuid:
type: string
format: uuid
- $ref: '#/components/schemas/HsAdminContactBase'
- $ref: '#/components/schemas/HsOfficeContactBase'
HsAdminContactUpdate:
$ref: '#/components/schemas/HsAdminContactBase'
HsOfficeContactUpdate:
$ref: '#/components/schemas/HsOfficeContactBase'

14
src/main/resources/api-definition/hs-admin/hs-admin-partner-schemas.yaml → src/main/resources/api-definition/hs-office/hs-office-partner-schemas.yaml
View File

@ -3,7 +3,7 @@ components:
schemas:
HsAdminPartnerBase:
HsOfficePartnerBase:
type: object
properties:
registrationOffice:
@ -19,7 +19,7 @@ components:
type: string
format: date
HsAdminPartner:
HsOfficePartner:
allOf:
- type: object
properties:
@ -27,12 +27,12 @@ components:
type: string
format: uuid
person:
$ref: './hs-admin-person-schemas.yaml#/components/schemas/HsAdminPerson'
$ref: './hs-office-person-schemas.yaml#/components/schemas/HsOfficePerson'
contact:
$ref: './hs-admin-contact-schemas.yaml#/components/schemas/HsAdminContact'
- $ref: '#/components/schemas/HsAdminPartnerBase'
$ref: './hs-office-contact-schemas.yaml#/components/schemas/HsOfficeContact'
- $ref: '#/components/schemas/HsOfficePartnerBase'
HsAdminPartnerUpdate:
HsOfficePartnerUpdate:
allOf:
- type: object
properties:
@ -42,4 +42,4 @@ components:
contactUuid:
type: string
format: uuid
- $ref: '#/components/schemas/HsAdminPartnerBase'
- $ref: '#/components/schemas/HsOfficePartnerBase'

12
src/main/resources/api-definition/hs-admin/hs-admin-partners-with-uuid.yaml → src/main/resources/api-definition/hs-office/hs-office-partners-with-uuid.yaml
View File

@ -1,6 +1,6 @@
get:
tags:
- hs-admin-partners
- hs-office-partners
description: 'Fetch a single business partner by its uuid, if visible for the current subject.'
operationId: getPartnerByUuid
parameters:
@ -18,7 +18,7 @@ get:
content:
'application/json':
schema:
$ref: './hs-admin-partner-schemas.yaml#/components/schemas/HsAdminPartner'
$ref: './hs-office-partner-schemas.yaml#/components/schemas/HsOfficePartner'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
@ -27,7 +27,7 @@ get:
patch:
tags:
- hs-admin-partners
- hs-office-partners
operationId: updatePartner
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'
@ -42,14 +42,14 @@ patch:
content:
'application/json':
schema:
$ref: './hs-admin-partner-schemas.yaml#/components/schemas/HsAdminPartnerUpdate'
$ref: './hs-office-partner-schemas.yaml#/components/schemas/HsOfficePartnerUpdate'
responses:
"200":
description: OK
content:
'application/json':
schema:
$ref: './hs-admin-partner-schemas.yaml#/components/schemas/HsAdminPartner'
$ref: './hs-office-partner-schemas.yaml#/components/schemas/HsOfficePartner'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
"403":
@ -58,7 +58,7 @@ patch:
delete:
tags:
- hs-admin-partners
- hs-office-partners
operationId: deletePartnerByUuid
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'

10
src/main/resources/api-definition/hs-admin/hs-admin-partners.yaml → src/main/resources/api-definition/hs-office/hs-office-partners.yaml
View File

@ -2,7 +2,7 @@ get:
summary: Returns a list of (optionally filtered) business partners.
description: Returns the list of (optionally filtered) business partners which are visible to the current user or any of it's assumed roles.
tags:
- hs-admin-partners
- hs-office-partners
operationId: listPartners
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'
@ -21,7 +21,7 @@ get:
schema:
type: array
items:
$ref: './hs-admin-partner-schemas.yaml#/components/schemas/HsAdminPartner'
$ref: './hs-office-partner-schemas.yaml#/components/schemas/HsOfficePartner'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
"403":
@ -30,7 +30,7 @@ get:
post:
summary: Adds a new business partner.
tags:
- hs-admin-partners
- hs-office-partners
operationId: addPartner
parameters:
- $ref: './auth.yaml#/components/parameters/currentUser'
@ -39,7 +39,7 @@ post:
content:
'application/json':
schema:
$ref: './hs-admin-partner-schemas.yaml#/components/schemas/HsAdminPartner'
$ref: './hs-office-partner-schemas.yaml#/components/schemas/HsOfficePartner'
required: true
responses:
"201":
@ -47,7 +47,7 @@ post:
content:
'application/json':
schema:
$ref: './hs-admin-partner-schemas.yaml#/components/schemas/HsAdminPartner'
$ref: './hs-office-partner-schemas.yaml#/components/schemas/HsOfficePartner'
"401":
$ref: './error-responses.yaml#/components/responses/Unauthorized'
"403":

10
src/main/resources/api-definition/hs-admin/hs-admin-person-schemas.yaml → src/main/resources/api-definition/hs-office/hs-office-person-schemas.yaml
View File

@ -3,7 +3,7 @@ components:
schemas:
HsAdminPersonBase:
HsOfficePersonBase:
type: object
properties:
personType:
@ -20,14 +20,14 @@ components:
familyName:
type: string
HsAdminPerson:
HsOfficePerson:
allOf:
- type: object
properties:
uuid:
type: string
format: uuid
- $ref: '#/components/schemas/HsAdminPersonBase'
- $ref: '#/components/schemas/HsOfficePersonBase'
HsAdminPersonUpdate:
$ref: '#/components/schemas/HsAdminPersonBase'
HsOfficePersonUpdate:
$ref: '#/components/schemas/HsOfficePersonBase'

8
src/main/resources/api-definition/hs-admin/hs-admin.yaml → src/main/resources/api-definition/hs-office/hs-office.yaml
View File

@ -8,9 +8,9 @@ servers:
paths:
/api/hs/admin/partners:
$ref: "./hs-admin-partners.yaml"
/api/hs/office/partners:
$ref: "./hs-office-partners.yaml"
/api/hs/admin/partners/{partnerUUID}:
$ref: "./hs-admin-partners-with-uuid.yaml"
/api/hs/office/partners/{partnerUUID}:
$ref: "./hs-office-partners-with-uuid.yaml"

4
src/main/resources/db/changelog/200-hs-admin-contact.sql → src/main/resources/db/changelog/200-hs-office-contact.sql
View File

@ -1,10 +1,10 @@
--liquibase formatted sql
-- ============================================================================
--changeset hs-admin-contact-MAIN-TABLE:1 endDelimiter:--//
--changeset hs-office-contact-MAIN-TABLE:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create table if not exists hs_admin_contact
create table if not exists hs_office_contact
(
uuid uuid unique references RbacObject (uuid) initially deferred,
label varchar(96) not null,

108
src/main/resources/db/changelog/203-hs-admin-contact-rbac.sql → src/main/resources/db/changelog/203-hs-office-contact-rbac.sql
View File

@ -1,51 +1,51 @@
--liquibase formatted sql
-- ============================================================================
--changeset hs-admin-contact-rbac-OBJECT:1 endDelimiter:--//
--changeset hs-office-contact-rbac-OBJECT:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call generateRelatedRbacObject('hs_admin_contact');
call generateRelatedRbacObject('hs_office_contact');
--//
-- ============================================================================
--changeset hs-admin-contact-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
--changeset hs-office-contact-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create or replace function hsAdminContactOwner(contact hs_admin_contact)
create or replace function hsOfficeContactOwner(contact hs_office_contact)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_contact', contact.uuid, 'owner');
return roleDescriptor('hs_office_contact', contact.uuid, 'owner');
end; $$;
create or replace function hsAdminContactAdmin(contact hs_admin_contact)
create or replace function hsOfficeContactAdmin(contact hs_office_contact)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_contact', contact.uuid, 'admin');
return roleDescriptor('hs_office_contact', contact.uuid, 'admin');
end; $$;
create or replace function hsAdminContactTenant(contact hs_admin_contact)
create or replace function hsOfficeContactTenant(contact hs_office_contact)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_contact', contact.uuid, 'tenant');
return roleDescriptor('hs_office_contact', contact.uuid, 'tenant');
end; $$;
--//
-- ============================================================================
--changeset hs-admin-contact-rbac-ROLES-CREATION:1 endDelimiter:--//
--changeset hs-office-contact-rbac-ROLES-CREATION:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates the roles and their assignments for a new contact for the AFTER INSERT TRIGGER.
*/
create or replace function createRbacRolesForHsAdminContact()
create or replace function createRbacRolesForhsOfficeContact()
returns trigger
language plpgsql
strict as $$
@ -59,7 +59,7 @@ begin
-- the owner role with full access for the creator assigned to the current user
ownerRole := createRole(
hsAdminContactOwner(NEW),
hsOfficeContactOwner(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['*']),
beneathRole(globalAdmin()),
withoutSubRoles(),
@ -69,14 +69,14 @@ begin
-- the tenant role for those related users who can view the data
adminRole := createRole(
hsAdminContactAdmin(NEW),
hsOfficeContactAdmin(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['edit']),
beneathRole(ownerRole)
);
-- the tenant role for those related users who can view the data
perform createRole(
hsAdminContactTenant(NEW),
hsOfficeContactTenant(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['view']),
beneathRole(adminRole)
);
@ -88,82 +88,82 @@ end; $$;
An AFTER INSERT TRIGGER which creates the role structure for a new customer.
*/
create trigger createRbacRolesForHsAdminContact_Trigger
create trigger createRbacRolesForhsOfficeContact_Trigger
after insert
on hs_admin_contact
on hs_office_contact
for each row
execute procedure createRbacRolesForHsAdminContact();
execute procedure createRbacRolesForhsOfficeContact();
--//
-- ============================================================================
--changeset hs-admin-contact-rbac-IDENTITY-VIEW:1 endDelimiter:--//
--changeset hs-office-contact-rbac-IDENTITY-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a view to the contact main table which maps the identifying name
(in this case, the prefix) to the objectUuid.
*/
create or replace view hs_admin_contact_iv as
create or replace view hs_office_contact_iv as
select target.uuid, cleanIdentifier(target.label) as idName
from hs_admin_contact as target;
from hs_office_contact as target;
-- TODO.spec: Is it ok that everybody has access to this information?
grant all privileges on hs_admin_contact_iv to restricted;
grant all privileges on hs_office_contact_iv to restricted;
/*
Returns the objectUuid for a given identifying name (in this case the prefix).
*/
create or replace function hs_admin_contactUuidByIdName(idName varchar)
create or replace function hs_office_contactUuidByIdName(idName varchar)
returns uuid
language sql
strict as $$
select uuid from hs_admin_contact_iv iv where iv.idName = hs_admin_contactUuidByIdName.idName;
select uuid from hs_office_contact_iv iv where iv.idName = hs_office_contactUuidByIdName.idName;
$$;
/*
Returns the identifying name for a given objectUuid (in this case the label).
*/
create or replace function hs_admin_contactIdNameByUuid(uuid uuid)
create or replace function hs_office_contactIdNameByUuid(uuid uuid)
returns varchar
language sql
strict as $$
select idName from hs_admin_contact_iv iv where iv.uuid = hs_admin_contactIdNameByUuid.uuid;
select idName from hs_office_contact_iv iv where iv.uuid = hs_office_contactIdNameByUuid.uuid;
$$;
--//
-- ============================================================================
--changeset hs-admin-contact-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
--changeset hs-office-contact-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a view to the contact main table with row-level limitation
based on the 'view' permission of the current user or assumed roles.
*/
set session session authorization default;
drop view if exists hs_admin_contact_rv;
create or replace view hs_admin_contact_rv as
drop view if exists hs_office_contact_rv;
create or replace view hs_office_contact_rv as
select target.*
from hs_admin_contact as target
where target.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('view', 'hs_admin_contact', currentSubjectsUuids()));
grant all privileges on hs_admin_contact_rv to restricted;
from hs_office_contact as target
where target.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('view', 'hs_office_contact', currentSubjectsUuids()));
grant all privileges on hs_office_contact_rv to restricted;
--//
-- ============================================================================
--changeset hs-admin-contact-rbac-INSTEAD-OF-INSERT-TRIGGER:1 endDelimiter:--//
--changeset hs-office-contact-rbac-INSTEAD-OF-INSERT-TRIGGER:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/**
Instead of insert trigger function for hs_admin_contact_rv.
Instead of insert trigger function for hs_office_contact_rv.
*/
create or replace function insertHsAdminContact()
create or replace function inserthsOfficeContact()
returns trigger
language plpgsql as $$
declare
newUser hs_admin_contact;
newUser hs_office_contact;
begin
insert
into hs_admin_contact
into hs_office_contact
values (new.*)
returning * into newUser;
return newUser;
@ -171,48 +171,48 @@ end;
$$;
/*
Creates an instead of insert trigger for the hs_admin_contact_rv view.
Creates an instead of insert trigger for the hs_office_contact_rv view.
*/
create trigger insertHsAdminContact_Trigger
create trigger inserthsOfficeContact_Trigger
instead of insert
on hs_admin_contact_rv
on hs_office_contact_rv
for each row
execute function insertHsAdminContact();
execute function inserthsOfficeContact();
--//
-- ============================================================================
--changeset hs-admin-contact-rbac-INSTEAD-OF-DELETE-TRIGGER:1 endDelimiter:--//
--changeset hs-office-contact-rbac-INSTEAD-OF-DELETE-TRIGGER:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/**
Instead of delete trigger function for hs_admin_contact_rv.
Instead of delete trigger function for hs_office_contact_rv.
Checks if the current subject (user / assumed role) has the permission to delete the row.
*/
create or replace function deleteHsAdminContact()
create or replace function deletehsOfficeContact()
returns trigger
language plpgsql as $$
begin
if hasGlobalRoleGranted(currentUserUuid()) or
old.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('delete', 'hs_admin_contact', currentSubjectsUuids())) then
delete from hs_admin_contact c where c.uuid = old.uuid;
old.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('delete', 'hs_office_contact', currentSubjectsUuids())) then
delete from hs_office_contact c where c.uuid = old.uuid;
return old;
end if;
raise exception '[403] User % not allowed to delete contact uuid %', currentUser(), old.uuid;
end; $$;
/*
Creates an instead of delete trigger for the hs_admin_contact_rv view.
Creates an instead of delete trigger for the hs_office_contact_rv view.
*/
create trigger deleteHsAdminContact_Trigger
create trigger deletehsOfficeContact_Trigger
instead of delete
on hs_admin_contact_rv
on hs_office_contact_rv
for each row
execute function deleteHsAdminContact();
execute function deletehsOfficeContact();
--/
-- ============================================================================
--changeset hs-admin-contact-rbac-NEW-CONTACT:1 endDelimiter:--//
--changeset hs-office-contact-rbac-NEW-CONTACT:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a global permission for new-contact and assigns it to the hostsharing admins role.
@ -235,7 +235,7 @@ $$;
/**
Used by the trigger to prevent the add-customer to current user respectively assumed roles.
*/
create or replace function addHsAdminContactNotAllowedForCurrentSubjects()
create or replace function addHsOfficeContactNotAllowedForCurrentSubjects()
returns trigger
language PLPGSQL
as $$
@ -247,12 +247,12 @@ end; $$;
/**
Checks if the user or assumed roles are allowed to create a new customer.
*/
create trigger hs_admin_contact_insert_trigger
create trigger hs_office_contact_insert_trigger
before insert
on hs_admin_contact
on hs_office_contact
for each row
-- TODO.spec: who is allowed to create new contacts
when ( not hasAssumedRole() )
execute procedure addHsAdminContactNotAllowedForCurrentSubjects();
execute procedure addHsOfficeContactNotAllowedForCurrentSubjects();
--//

20
src/main/resources/db/changelog/208-hs-admin-contact-test-data.sql → src/main/resources/db/changelog/208-hs-office-contact-test-data.sql
View File

@ -2,13 +2,13 @@
-- ============================================================================
--changeset hs-admin-contact-TEST-DATA-GENERATOR:1 endDelimiter:--//
--changeset hs-office-contact-TEST-DATA-GENERATOR:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a single contact test record.
*/
create or replace procedure createHsAdminContactTestData(contLabel varchar)
create or replace procedure createHsOfficeContactTestData(contLabel varchar)
language plpgsql as $$
declare
currentTask varchar;
@ -24,7 +24,7 @@ begin
raise notice 'creating test contact: %', contLabel;
insert
into hs_admin_contact (label, postaladdress, emailaddresses, phonenumbers)
into hs_office_contact (label, postaladdress, emailaddresses, phonenumbers)
values (contLabel, $address$
Vorname Nachname
Straße Hnr
@ -36,7 +36,7 @@ end; $$;
/*
Creates a range of test contact for mass data generation.
*/
create or replace procedure createTestContactTestData(
create or replace procedure createHsOfficeContactTestData(
startCount integer, -- count of auto generated rows before the run
endCount integer -- count of auto generated rows after the run
)
@ -44,7 +44,7 @@ create or replace procedure createTestContactTestData(
begin
for t in startCount..endCount
loop
call createHsAdminContactTestData(intToVarChar(t, 4) || '#' || t);
call createHsOfficeContactTestData(intToVarChar(t, 4) || '#' || t);
commit;
end loop;
end; $$;
@ -52,15 +52,15 @@ end; $$;
-- ============================================================================
--changeset hs-admin-contact-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
--changeset hs-office-contact-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
-- ----------------------------------------------------------------------------
do language plpgsql $$
begin
call createHsAdminContactTestData('first contact');
call createHsAdminContactTestData('second contact');
call createHsAdminContactTestData('third contact');
call createHsAdminContactTestData('forth contact');
call createHsOfficeContactTestData('first contact');
call createHsOfficeContactTestData('second contact');
call createHsOfficeContactTestData('third contact');
call createHsOfficeContactTestData('forth contact');
end;
$$;
--//

10
src/main/resources/db/changelog/210-hs-admin-person.sql → src/main/resources/db/changelog/210-hs-office-person.sql
View File

@ -1,17 +1,17 @@
--liquibase formatted sql
-- ============================================================================
--changeset hs-admin-person-MAIN-TABLE:1 endDelimiter:--//
--changeset hs-office-person-MAIN-TABLE:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
CREATE TYPE HsAdminPersonType AS ENUM ('NATURAL', 'LEGAL', 'SOLE_REPRESENTATION', 'JOINT_REPRESENTATION');
CREATE TYPE HsOfficePersonType AS ENUM ('NATURAL', 'LEGAL', 'SOLE_REPRESENTATION', 'JOINT_REPRESENTATION');
CREATE CAST (character varying as HsAdminPersonType) WITH INOUT AS IMPLICIT;
CREATE CAST (character varying as HsOfficePersonType) WITH INOUT AS IMPLICIT;
create table if not exists hs_admin_person
create table if not exists hs_office_person
(
uuid uuid unique references RbacObject (uuid) initially deferred,
personType HsAdminPersonType not null,
personType HsOfficePersonType not null,
tradeName varchar(96),
givenName varchar(48),
familyName varchar(48)

108
src/main/resources/db/changelog/213-hs-admin-person-rbac.sql → src/main/resources/db/changelog/213-hs-office-person-rbac.sql
View File

@ -2,51 +2,51 @@
-- ============================================================================
--changeset hs-admin-person-rbac-OBJECT:1 endDelimiter:--//
--changeset hs-office-person-rbac-OBJECT:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call generateRelatedRbacObject('hs_admin_person');
call generateRelatedRbacObject('hs_office_person');
--//
-- ============================================================================
--changeset hs-admin-person-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
--changeset hs-office-person-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create or replace function hsAdminPersonOwner(person hs_admin_person)
create or replace function hsOfficePersonOwner(person hs_office_person)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_person', person.uuid, 'owner');
return roleDescriptor('hs_office_person', person.uuid, 'owner');
end; $$;
create or replace function hsAdminPersonAdmin(person hs_admin_person)
create or replace function hsOfficePersonAdmin(person hs_office_person)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_person', person.uuid, 'admin');
return roleDescriptor('hs_office_person', person.uuid, 'admin');
end; $$;
create or replace function hsAdminPersonTenant(person hs_admin_person)
create or replace function hsOfficePersonTenant(person hs_office_person)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_person', person.uuid, 'tenant');
return roleDescriptor('hs_office_person', person.uuid, 'tenant');
end; $$;
--//
-- ============================================================================
--changeset hs-admin-person-rbac-ROLES-CREATION:1 endDelimiter:--//
--changeset hs-office-person-rbac-ROLES-CREATION:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates the roles and their assignments for a new person for the AFTER INSERT TRIGGER.
*/
create or replace function createRbacRolesForHsAdminPerson()
create or replace function createRbacRolesForHsOfficePerson()
returns trigger
language plpgsql
strict as $$
@ -60,7 +60,7 @@ begin
-- the owner role with full access for the creator assigned to the current user
ownerRole := createRole(
hsAdminPersonOwner(NEW),
hsOfficePersonOwner(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['*']),
beneathRole(globalAdmin()),
withoutSubRoles(),
@ -70,14 +70,14 @@ begin
-- the tenant role for those related users who can view the data
adminRole := createRole(
hsAdminPersonAdmin(NEW),
hsOfficePersonAdmin(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['edit']),
beneathRole(ownerRole)
);
-- the tenant role for those related users who can view the data
perform createRole(
hsAdminPersonTenant(NEW),
hsOfficePersonTenant(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['view']),
beneathRole(adminRole)
);
@ -89,82 +89,82 @@ end; $$;
An AFTER INSERT TRIGGER which creates the role structure for a new customer.
*/
create trigger createRbacRolesForHsAdminPerson_Trigger
create trigger createRbacRolesForHsOfficePerson_Trigger
after insert
on hs_admin_person
on hs_office_person
for each row
execute procedure createRbacRolesForHsAdminPerson();
execute procedure createRbacRolesForHsOfficePerson();
--//
-- ============================================================================
--changeset hs-admin-person-rbac-IDENTITY-VIEW:1 endDelimiter:--//
--changeset hs-office-person-rbac-IDENTITY-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a view to the person main table which maps the identifying name
(in this case, the prefix) to the objectUuid.
*/
create or replace view hs_admin_person_iv as
create or replace view hs_office_person_iv as
select target.uuid, cleanIdentifier(concat(target.tradeName, target.familyName, target.givenName)) as idName
from hs_admin_person as target;
from hs_office_person as target;
-- TODO.spec: Is it ok that everybody has access to this information?
grant all privileges on hs_admin_person_iv to restricted;
grant all privileges on hs_office_person_iv to restricted;
/*
Returns the objectUuid for a given identifying name (in this case the prefix).
*/
create or replace function hs_admin_personUuidByIdName(idName varchar)
create or replace function hsOfficePersonUuidByIdName(idName varchar)
returns uuid
language sql
strict as $$
select uuid from hs_admin_person_iv iv where iv.idName = hs_admin_personUuidByIdName.idName;
select uuid from hs_office_person_iv iv where iv.idName = hsOfficePersonUuidByIdName.idName;
$$;
/*
Returns the identifying name for a given objectUuid (in this case the label).
*/
create or replace function hs_admin_personIdNameByUuid(uuid uuid)
create or replace function hs_office_personIdNameByUuid(uuid uuid)
returns varchar
language sql
strict as $$
select idName from hs_admin_person_iv iv where iv.uuid = hs_admin_personIdNameByUuid.uuid;
select idName from hs_office_person_iv iv where iv.uuid = hs_office_personIdNameByUuid.uuid;
$$;
--//
-- ============================================================================
--changeset hs-admin-person-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
--changeset hs-office-person-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a view to the person main table with row-level limitation
based on the 'view' permission of the current user or assumed roles.
*/
set session session authorization default;
drop view if exists hs_admin_person_rv;
create or replace view hs_admin_person_rv as
drop view if exists hs_office_person_rv;
create or replace view hs_office_person_rv as
select target.*
from hs_admin_person as target
where target.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('view', 'hs_admin_person', currentSubjectsUuids()));
grant all privileges on hs_admin_person_rv to restricted;
from hs_office_person as target
where target.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('view', 'hs_office_person', currentSubjectsUuids()));
grant all privileges on hs_office_person_rv to restricted;
--//
-- ============================================================================
--changeset hs-admin-person-rbac-INSTEAD-OF-INSERT-TRIGGER:1 endDelimiter:--//
--changeset hs-office-person-rbac-INSTEAD-OF-INSERT-TRIGGER:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/**
Instead of insert trigger function for hs_admin_person_rv.
Instead of insert trigger function for hs_office_person_rv.
*/
create or replace function insertHsAdminPerson()
create or replace function insertHsOfficePerson()
returns trigger
language plpgsql as $$
declare
newUser hs_admin_person;
newUser hs_office_person;
begin
insert
into hs_admin_person
into hs_office_person
values (new.*)
returning * into newUser;
return newUser;
@ -172,48 +172,48 @@ end;
$$;
/*
Creates an instead of insert trigger for the hs_admin_person_rv view.
Creates an instead of insert trigger for the hs_office_person_rv view.
*/
create trigger insertHsAdminPerson_Trigger
create trigger insertHsOfficePerson_Trigger
instead of insert
on hs_admin_person_rv
on hs_office_person_rv
for each row
execute function insertHsAdminPerson();
execute function insertHsOfficePerson();
--//
-- ============================================================================
--changeset hs-admin-person-rbac-INSTEAD-OF-DELETE-TRIGGER:1 endDelimiter:--//
--changeset hs-office-person-rbac-INSTEAD-OF-DELETE-TRIGGER:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/**
Instead of delete trigger function for hs_admin_person_rv.
Instead of delete trigger function for hs_office_person_rv.
Checks if the current subject (user / assumed role) has the permission to delete the row.
*/
create or replace function deleteHsAdminPerson()
create or replace function deleteHsOfficePerson()
returns trigger
language plpgsql as $$
begin
if hasGlobalRoleGranted(currentUserUuid()) or
old.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('delete', 'hs_admin_person', currentSubjectsUuids())) then
delete from hs_admin_person c where c.uuid = old.uuid;
old.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('delete', 'hs_office_person', currentSubjectsUuids())) then
delete from hs_office_person c where c.uuid = old.uuid;
return old;
end if;
raise exception '[403] User % not allowed to delete person uuid %', currentUser(), old.uuid;
end; $$;
/*
Creates an instead of delete trigger for the hs_admin_person_rv view.
Creates an instead of delete trigger for the hs_office_person_rv view.
*/
create trigger deleteHsAdminPerson_Trigger
create trigger deleteHsOfficePerson_Trigger
instead of delete
on hs_admin_person_rv
on hs_office_person_rv
for each row
execute function deleteHsAdminPerson();
execute function deleteHsOfficePerson();
--/
-- ============================================================================
--changeset hs-admin-person-rbac-NEW-PERSON:1 endDelimiter:--//
--changeset hs-office-person-rbac-NEW-PERSON:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a global permission for new-person and assigns it to the hostsharing admins role.
@ -236,7 +236,7 @@ $$;
/**
Used by the trigger to prevent the add-customer to current user respectively assumed roles.
*/
create or replace function addHsAdminPersonNotAllowedForCurrentSubjects()
create or replace function addHsOfficePersonNotAllowedForCurrentSubjects()
returns trigger
language PLPGSQL
as $$
@ -248,12 +248,12 @@ end; $$;
/**
Checks if the user or assumed roles are allowed to create a new customer.
*/
create trigger hs_admin_person_insert_trigger
create trigger hs_office_person_insert_trigger
before insert
on hs_admin_person
on hs_office_person
for each row
-- TODO.spec: who is allowed to create new persons
when ( not hasAssumedRole() )
execute procedure addHsAdminPersonNotAllowedForCurrentSubjects();
execute procedure addHsOfficePersonNotAllowedForCurrentSubjects();
--//

22
src/main/resources/db/changelog/218-hs-admin-person-test-data.sql → src/main/resources/db/changelog/218-hs-office-person-test-data.sql
View File

@ -2,14 +2,14 @@
-- ============================================================================
--changeset hs-admin-person-TEST-DATA-GENERATOR:1 endDelimiter:--//
--changeset hs-office-person-TEST-DATA-GENERATOR:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a single person test record.
*/
create or replace procedure createHsAdminPersonTestData(
newPersonType HsAdminPersonType,
create or replace procedure createHsOfficePersonTestData(
newPersonType HsOfficePersonType,
newTradeName varchar,
newFamilyName varchar = null,
newGivenName varchar = null
@ -30,7 +30,7 @@ begin
raise notice 'creating test person: %', fullName;
insert
into hs_admin_person (persontype, tradename, givenname, familyname)
into hs_office_person (persontype, tradename, givenname, familyname)
values (newPersonType, newTradeName, newGivenName, newFamilyName);
end; $$;
--//
@ -46,7 +46,7 @@ create or replace procedure createTestPersonTestData(
begin
for t in startCount..endCount
loop
call createHsAdminPersonTestData('LEGAL', intToVarChar(t, 4));
call createHsOfficePersonTestData('LEGAL', intToVarChar(t, 4));
commit;
end loop;
end; $$;
@ -54,16 +54,16 @@ end; $$;
-- ============================================================================
--changeset hs-admin-person-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
--changeset hs-office-person-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
-- ----------------------------------------------------------------------------
do language plpgsql $$
begin
call createHsAdminPersonTestData('LEGAL', 'First Impressions GmbH');
call createHsAdminPersonTestData('NATURAL', null, 'Peter', 'Smith');
call createHsAdminPersonTestData('LEGAL', 'Rockshop e.K.', 'Sandra', 'Miller');
call createHsAdminPersonTestData('SOLE_REPRESENTATION', 'Ostfriesische Kuhhandel OHG');
call createHsAdminPersonTestData('JOINT_REPRESENTATION', 'Erben Bessler', 'Mel', 'Bessler');
call createHsOfficePersonTestData('LEGAL', 'First Impressions GmbH');
call createHsOfficePersonTestData('NATURAL', null, 'Peter', 'Smith');
call createHsOfficePersonTestData('LEGAL', 'Rockshop e.K.', 'Sandra', 'Miller');
call createHsOfficePersonTestData('SOLE_REPRESENTATION', 'Ostfriesische Kuhhandel OHG');
call createHsOfficePersonTestData('JOINT_REPRESENTATION', 'Erben Bessler', 'Mel', 'Bessler');
end;
$$;
--//

8
src/main/resources/db/changelog/220-hs-admin-partner.sql → src/main/resources/db/changelog/220-hs-office-partner.sql
View File

@ -1,14 +1,14 @@
--liquibase formatted sql
-- ============================================================================
--changeset hs-admin-partner-MAIN-TABLE:1 endDelimiter:--//
--changeset hs-office-partner-MAIN-TABLE:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create table if not exists hs_admin_partner
create table if not exists hs_office_partner
(
uuid uuid unique references RbacObject (uuid) initially deferred, -- on delete cascade
personUuid uuid not null references hs_admin_person(uuid),
contactUuid uuid not null references hs_admin_contact(uuid),
personUuid uuid not null references hs_office_person(uuid),
contactUuid uuid not null references hs_office_contact(uuid),
registrationOffice varchar(96),
registrationNumber varchar(96),
birthName varchar(96),

124
src/main/resources/db/changelog/223-hs-admin-partner-rbac.sql → src/main/resources/db/changelog/223-hs-office-partner-rbac.sql
View File

@ -1,87 +1,87 @@
--liquibase formatted sql
-- ============================================================================
--changeset hs-admin-partner-rbac-OBJECT:1 endDelimiter:--//
--changeset hs-office-partner-rbac-OBJECT:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
call generateRelatedRbacObject('hs_admin_partner');
call generateRelatedRbacObject('hs_office_partner');
--//
-- ============================================================================
--changeset hs-admin-partner-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
--changeset hs-office-partner-rbac-ROLE-DESCRIPTORS:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
create or replace function hsAdminPartnerOwner(partner hs_admin_partner)
create or replace function HsOfficePartnerOwner(partner hs_office_partner)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_partner', partner.uuid, 'owner');
return roleDescriptor('hs_office_partner', partner.uuid, 'owner');
end; $$;
create or replace function hsAdminPartnerAdmin(partner hs_admin_partner)
create or replace function HsOfficePartnerAdmin(partner hs_office_partner)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_partner', partner.uuid, 'admin');
return roleDescriptor('hs_office_partner', partner.uuid, 'admin');
end; $$;
create or replace function hsAdminPartnerTenant(partner hs_admin_partner)
create or replace function HsOfficePartnerTenant(partner hs_office_partner)
returns RbacRoleDescriptor
language plpgsql
strict as $$
begin
return roleDescriptor('hs_admin_partner', partner.uuid, 'tenant');
return roleDescriptor('hs_office_partner', partner.uuid, 'tenant');
end; $$;
--//
-- ============================================================================
--changeset hs-admin-partner-rbac-ROLES-CREATION:1 endDelimiter:--//
--changeset hs-office-partner-rbac-ROLES-CREATION:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates the roles and their assignments for a new partner for the AFTER INSERT TRIGGER.
*/
create or replace function createRbacRolesForHsAdminPartner()
create or replace function createRbacRolesForHsOfficePartner()
returns trigger
language plpgsql
strict as $$
declare
ownerRole uuid;
adminRole uuid;
person hs_admin_person;
contact hs_admin_contact;
person hs_office_person;
contact hs_office_contact;
begin
if TG_OP <> 'INSERT' then
raise exception 'invalid usage of TRIGGER AFTER INSERT';
end if;
select * from hs_admin_person as p where p.uuid = NEW.personUuid into person;
select * from hs_admin_contact as c where c.uuid = NEW.contactUuid into contact;
select * from hs_office_person as p where p.uuid = NEW.personUuid into person;
select * from hs_office_contact as c where c.uuid = NEW.contactUuid into contact;
-- the owner role with full access for the global admins
ownerRole = createRole(
hsAdminPartnerOwner(NEW),
HsOfficePartnerOwner(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['*']),
beneathRole(globalAdmin())
);
-- the admin role with full access for the global admins
adminRole = createRole(
hsAdminPartnerAdmin(NEW),
HsOfficePartnerAdmin(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['edit']),
beneathRole(ownerRole)
);
-- the tenant role for those related users who can view the data
perform createRole(
hsAdminPartnerTenant(NEW),
HsOfficePartnerTenant(NEW),
grantingPermissions(forObjectUuid => NEW.uuid, permitOps => array ['view']),
beneathRoles(array[hsAdminPartnerAdmin(NEW), hsAdminPersonAdmin(person), hsAdminContactAdmin(contact)]),
withSubRoles(array[hsAdminPersonTenant(person), hsAdminContactTenant(contact)])
beneathRoles(array[HsOfficePartnerAdmin(NEW), hsOfficePersonAdmin(person), hsOfficeContactAdmin(contact)]),
withSubRoles(array[hsOfficePersonTenant(person), hsOfficeContactTenant(contact)])
);
return NEW;
@ -91,88 +91,88 @@ end; $$;
An AFTER INSERT TRIGGER which creates the role structure for a new customer.
*/
create trigger createRbacRolesForHsAdminPartner_Trigger
create trigger createRbacRolesForHsOfficePartner_Trigger
after insert
on hs_admin_partner
on hs_office_partner
for each row
execute procedure createRbacRolesForHsAdminPartner();
execute procedure createRbacRolesForHsOfficePartner();
--//
-- ============================================================================
--changeset hs-admin-partner-rbac-IDENTITY-VIEW:1 endDelimiter:--//
--changeset hs-office-partner-rbac-IDENTITY-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a view to the partner main table which maps the identifying name
(in this case, the prefix) to the objectUuid.
*/
create or replace view hs_admin_partner_iv as
create or replace view hs_office_partner_iv as
select target.uuid,
cleanIdentifier(
(select idName from hs_admin_person_iv p where p.uuid = target.personuuid)
(select idName from hs_office_person_iv p where p.uuid = target.personuuid)
|| '-' ||
(select idName from hs_admin_contact_iv c where c.uuid = target.contactuuid)
(select idName from hs_office_contact_iv c where c.uuid = target.contactuuid)
)
as idName
from hs_admin_partner as target;
from hs_office_partner as target;
-- TODO.spec: Is it ok that everybody has access to this information?
grant all privileges on hs_admin_partner_iv to restricted;
grant all privileges on hs_office_partner_iv to restricted;
/*
Returns the objectUuid for a given identifying name (in this case the prefix).
*/
create or replace function hs_admin_partnerUuidByIdName(idName varchar)
create or replace function hs_office_partnerUuidByIdName(idName varchar)
returns uuid
language sql
strict as $$
select uuid from hs_admin_partner_iv iv where iv.idName = hs_admin_partnerUuidByIdName.idName;
select uuid from hs_office_partner_iv iv where iv.idName = hs_office_partnerUuidByIdName.idName;
$$;
/*
Returns the identifying name for a given objectUuid (in this case the label).
*/
create or replace function hs_admin_partnerIdNameByUuid(uuid uuid)
create or replace function hs_office_partnerIdNameByUuid(uuid uuid)
returns varchar
language sql
strict as $$
select idName from hs_admin_partner_iv iv where iv.uuid = hs_admin_partnerIdNameByUuid.uuid;
select idName from hs_office_partner_iv iv where iv.uuid = hs_office_partnerIdNameByUuid.uuid;
$$;
--//
-- ============================================================================
--changeset hs-admin-partner-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
--changeset hs-office-partner-rbac-RESTRICTED-VIEW:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a view to the partner main table with row-level limitation
based on the 'view' permission of the current user or assumed roles.
*/
set session session authorization default;
drop view if exists hs_admin_partner_rv;
create or replace view hs_admin_partner_rv as
drop view if exists hs_office_partner_rv;
create or replace view hs_office_partner_rv as
select target.*
from hs_admin_partner as target
where target.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('view', 'hs_admin_partner', currentSubjectsUuids()));
grant all privileges on hs_admin_partner_rv to restricted;
from hs_office_partner as target
where target.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('view', 'hs_office_partner', currentSubjectsUuids()));
grant all privileges on hs_office_partner_rv to restricted;
--//
-- ============================================================================
--changeset hs-admin-partner-rbac-INSTEAD-OF-INSERT-TRIGGER:1 endDelimiter:--//
--changeset hs-office-partner-rbac-INSTEAD-OF-INSERT-TRIGGER:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/**
Instead of insert trigger function for hs_admin_partner_rv.
Instead of insert trigger function for hs_office_partner_rv.
*/
create or replace function insertHsAdminPartner()
create or replace function insertHsOfficePartner()
returns trigger
language plpgsql as $$
declare
newUser hs_admin_partner;
newUser hs_office_partner;
begin
insert
into hs_admin_partner
into hs_office_partner
values (new.*)
returning * into newUser;
return newUser;
@ -180,48 +180,48 @@ end;
$$;
/*
Creates an instead of insert trigger for the hs_admin_partner_rv view.
Creates an instead of insert trigger for the hs_office_partner_rv view.
*/
create trigger insertHsAdminPartner_Trigger
create trigger insertHsOfficePartner_Trigger
instead of insert
on hs_admin_partner_rv
on hs_office_partner_rv
for each row
execute function insertHsAdminPartner();
execute function insertHsOfficePartner();
--//
-- ============================================================================
--changeset hs-admin-partner-rbac-INSTEAD-OF-DELETE-TRIGGER:1 endDelimiter:--//
--changeset hs-office-partner-rbac-INSTEAD-OF-DELETE-TRIGGER:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/**
Instead of delete trigger function for hs_admin_partner_rv.
Instead of delete trigger function for hs_office_partner_rv.
Checks if the current subject (user / assumed role) has the permission to delete the row.
*/
create or replace function deleteHsAdminPartner()
create or replace function deleteHsOfficePartner()
returns trigger
language plpgsql as $$
begin
if hasGlobalRoleGranted(currentUserUuid()) or
old.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('delete', 'hs_admin_partner', currentSubjectsUuids())) then
delete from hs_admin_partner c where c.uuid = old.uuid;
old.uuid in (select queryAccessibleObjectUuidsOfSubjectIds('delete', 'hs_office_partner', currentSubjectsUuids())) then
delete from hs_office_partner c where c.uuid = old.uuid;
return old;
end if;
raise exception '[403] User % not allowed to delete partner uuid %', currentUser(), old.uuid;
end; $$;
/*
Creates an instead of delete trigger for the hs_admin_partner_rv view.
Creates an instead of delete trigger for the hs_office_partner_rv view.
*/
create trigger deleteHsAdminPartner_Trigger
create trigger deleteHsOfficePartner_Trigger
instead of delete
on hs_admin_partner_rv
on hs_office_partner_rv
for each row
execute function deleteHsAdminPartner();
execute function deleteHsOfficePartner();
--/
-- ============================================================================
--changeset hs-admin-partner-rbac-NEW-CONTACT:1 endDelimiter:--//
--changeset hs-office-partner-rbac-NEW-CONTACT:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a global permission for new-partner and assigns it to the hostsharing admins role.
@ -244,7 +244,7 @@ $$;
/**
Used by the trigger to prevent the add-customer to current user respectively assumed roles.
*/
create or replace function addHsAdminPartnerNotAllowedForCurrentSubjects()
create or replace function addHsOfficePartnerNotAllowedForCurrentSubjects()
returns trigger
language PLPGSQL
as $$
@ -256,12 +256,12 @@ end; $$;
/**
Checks if the user or assumed roles are allowed to create a new customer.
*/
create trigger hs_admin_partner_insert_trigger
create trigger hs_office_partner_insert_trigger
before insert
on hs_admin_partner
on hs_office_partner
for each row
-- TODO.spec: who is allowed to create new partners
when ( not hasAssumedRole() )
execute procedure addHsAdminPartnerNotAllowedForCurrentSubjects();
execute procedure addHsOfficePartnerNotAllowedForCurrentSubjects();
--//

34
src/main/resources/db/changelog/228-hs-admin-partner-test-data.sql → src/main/resources/db/changelog/228-hs-office-partner-test-data.sql
View File

@ -2,33 +2,33 @@
-- ============================================================================
--changeset hs-admin-partner-TEST-DATA-GENERATOR:1 endDelimiter:--//
--changeset hs-office-partner-TEST-DATA-GENERATOR:1 endDelimiter:--//
-- ----------------------------------------------------------------------------
/*
Creates a single partner test record.
*/
create or replace procedure createHsAdminPartnerTestData( personTradeName varchar, contactLabel varchar )
create or replace procedure createHsOfficePartnerTestData( personTradeName varchar, contactLabel varchar )
language plpgsql as $$
declare
currentTask varchar;
idName varchar;
relatedPerson hs_admin_person;
relatedContact hs_admin_contact;
relatedPerson hs_office_person;
relatedContact hs_office_contact;
begin
idName := cleanIdentifier( personTradeName|| '-' || contactLabel);
currentTask := 'creating RBAC test partner ' || idName;
call defineContext(currentTask, null, 'alex@hostsharing.net', 'global#global.admin');
execute format('set local hsadminng.currentTask to %L', currentTask);
select p.* from hs_admin_person p where p.tradeName = personTradeName into relatedPerson;
select c.* from hs_admin_contact c where c.label = contactLabel into relatedContact;
select p.* from hs_office_person p where p.tradeName = personTradeName into relatedPerson;
select c.* from hs_office_contact c where c.label = contactLabel into relatedContact;
raise notice 'creating test partner: %', idName;
raise notice '- using person (%): %', relatedPerson.uuid, relatedPerson;
raise notice '- using contact (%): %', relatedContact.uuid, relatedContact;
insert
into hs_admin_partner (uuid, personuuid, contactuuid)
into hs_office_partner (uuid, personuuid, contactuuid)
values (uuid_generate_v4(), relatedPerson.uuid, relatedContact.uuid);
end; $$;
--//
@ -36,21 +36,21 @@ end; $$;
/*
Creates a range of test partner for mass data generation.
*/
create or replace procedure createTestContactTestData(
create or replace procedure createHsOfficePartnerTestData(
startCount integer, -- count of auto generated rows before the run
endCount integer -- count of auto generated rows after the run
)
language plpgsql as $$
declare
person hs_admin_person;
contact hs_admin_contact;
person hs_office_person;
contact hs_office_contact;
begin
for t in startCount..endCount
loop
select p.* from hs_admin_person p where tradeName = intToVarChar(t, 4) into person;
select c.* from hs_admin_contact c where c.label = intToVarChar(t, 4) || '#' || t into contact;
select p.* from hs_office_person p where tradeName = intToVarChar(t, 4) into person;
select c.* from hs_office_contact c where c.label = intToVarChar(t, 4) || '#' || t into contact;
call createHsAdminPartnerTestData(person.uuid, contact.uuid);
call createHsOfficePartnerTestData(person.uuid, contact.uuid);
commit;
end loop;
end; $$;
@ -58,16 +58,16 @@ end; $$;
-- ============================================================================
--changeset hs-admin-partner-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
--changeset hs-office-partner-TEST-DATA-GENERATION:1 context=dev,tc endDelimiter:--//
-- ----------------------------------------------------------------------------
do language plpgsql $$
begin
call createHsAdminPartnerTestData('First Impressions GmbH', 'first contact');
call createHsOfficePartnerTestData('First Impressions GmbH', 'first contact');
call createHsAdminPartnerTestData('Rockshop e.K.', 'second contact');
call createHsOfficePartnerTestData('Rockshop e.K.', 'second contact');
call createHsAdminPartnerTestData('Ostfriesische Kuhhandel OHG', 'third contact');
call createHsOfficePartnerTestData('Ostfriesische Kuhhandel OHG', 'third contact');
end;
$$;
--//

18
src/main/resources/db/changelog/db.changelog-master.yaml
View File

@ -46,20 +46,20 @@ databaseChangeLog:
- include:
file: db/changelog/138-test-domain-test-data.sql
- include:
file: db/changelog/200-hs-admin-contact.sql
file: db/changelog/200-hs-office-contact.sql
- include:
file: db/changelog/203-hs-admin-contact-rbac.sql
file: db/changelog/203-hs-office-contact-rbac.sql
- include:
file: db/changelog/208-hs-admin-contact-test-data.sql
file: db/changelog/208-hs-office-contact-test-data.sql
- include:
file: db/changelog/210-hs-admin-person.sql
file: db/changelog/210-hs-office-person.sql
- include:
file: db/changelog/213-hs-admin-person-rbac.sql
file: db/changelog/213-hs-office-person-rbac.sql
- include:
file: db/changelog/218-hs-admin-person-test-data.sql
file: db/changelog/218-hs-office-person-test-data.sql
- include:
file: db/changelog/220-hs-admin-partner.sql
file: db/changelog/220-hs-office-partner.sql
- include:
file: db/changelog/223-hs-admin-partner-rbac.sql
file: db/changelog/223-hs-office-partner-rbac.sql
- include:
file: db/changelog/228-hs-admin-partner-test-data.sql
file: db/changelog/228-hs-office-partner-test-data.sql