improve test code coverage and generic array return from native queries
This commit is contained in:
Michael Hoennig
@ -1,16 +0,0 @@
|
||||
package net.hostsharing.hsadminng.config;
|
||||
|
||||
import com.vladmihalcea.hibernate.type.array.UUIDArrayType;
|
||||
import org.hibernate.dialect.PostgreSQL95Dialect;
|
||||
|
||||
import java.sql.Types;
|
||||
|
||||
@SuppressWarnings("unused") // configured in application.yml
|
||||
public class PostgreSQL95CustomDialect extends PostgreSQL95Dialect {
|
||||
|
||||
public PostgreSQL95CustomDialect() {
|
||||
this.registerHibernateType(Types.OTHER, "pg-uuid");
|
||||
this.registerHibernateType(Types.ARRAY, UUIDArrayType.class.getName());
|
||||
}
|
||||
|
||||
}
|
||||
@ -0,0 +1,15 @@
|
||||
package net.hostsharing.hsadminng.config;
|
||||
|
||||
import org.hibernate.dialect.PostgreSQL95Dialect;
|
||||
|
||||
import java.sql.Types;
|
||||
|
||||
@SuppressWarnings("unused") // configured in application.yml
|
||||
public class PostgresCustomDialect extends PostgreSQL95Dialect {
|
||||
|
||||
public PostgresCustomDialect() {
|
||||
this.registerHibernateType(Types.OTHER, "pg-uuid");
|
||||
this.registerHibernateType(Types.ARRAY, "array");
|
||||
}
|
||||
|
||||
}
|
||||
@ -1,5 +1,7 @@
|
||||
package net.hostsharing.hsadminng.context;
|
||||
|
||||
import com.vladmihalcea.hibernate.type.array.StringArrayType;
|
||||
import com.vladmihalcea.hibernate.type.array.UUIDArrayType;
|
||||
import lombok.AllArgsConstructor;
|
||||
import lombok.SneakyThrows;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
@ -54,12 +56,12 @@ public class Context {
|
||||
final String assumedRoles) {
|
||||
final var query = em.createNativeQuery(
|
||||
"""
|
||||
call defineContext(
|
||||
cast(:currentTask as varchar),
|
||||
cast(:currentRequest as varchar),
|
||||
cast(:currentUser as varchar),
|
||||
cast(:assumedRoles as varchar));
|
||||
""");
|
||||
call defineContext(
|
||||
cast(:currentTask as varchar),
|
||||
cast(:currentRequest as varchar),
|
||||
cast(:currentUser as varchar),
|
||||
cast(:assumedRoles as varchar));
|
||||
""");
|
||||
query.setParameter("currentTask", shortenToMaxLength(currentTask, 96));
|
||||
query.setParameter("currentRequest", shortenToMaxLength(currentRequest, 512)); // TODO.SPEC: length?
|
||||
query.setParameter("currentUser", currentUser);
|
||||
@ -80,11 +82,17 @@ public class Context {
|
||||
}
|
||||
|
||||
public String[] getAssumedRoles() {
|
||||
return (String[]) em.createNativeQuery("select assumedRoles()").getSingleResult();
|
||||
return (String[]) em.createNativeQuery("select assumedRoles() as roles")
|
||||
.unwrap(org.hibernate.query.NativeQuery.class)
|
||||
.addScalar("roles", StringArrayType.INSTANCE)
|
||||
.getSingleResult();
|
||||
}
|
||||
|
||||
public UUID[] currentSubjectsUuids() {
|
||||
return (UUID[]) em.createNativeQuery("select currentSubjectsUuids()").getSingleResult();
|
||||
return (UUID[]) em.createNativeQuery("select currentSubjectsUuids() as uuids")
|
||||
.unwrap(org.hibernate.query.NativeQuery.class)
|
||||
.addScalar("uuids", UUIDArrayType.INSTANCE) // TODO.BLOG
|
||||
.getSingleResult();
|
||||
}
|
||||
|
||||
private static String getCallerMethodNameFromStack() {
|
||||
|
||||
@ -16,7 +16,7 @@ spring:
|
||||
jpa:
|
||||
properties:
|
||||
hibernate:
|
||||
dialect: net.hostsharing.hsadminng.config.PostgreSQL95CustomDialect
|
||||
dialect: net.hostsharing.hsadminng.config.PostgresCustomDialect
|
||||
|
||||
liquibase:
|
||||
contexts: dev
|
||||
|
||||
@ -28,6 +28,7 @@ create or replace function determineCurrentSubjectsUuids(currentUserUuid uuid, a
|
||||
language plpgsql as $$
|
||||
declare
|
||||
roleName varchar(63);
|
||||
roleNameParts varchar(63);
|
||||
objectTableToAssume varchar(63);
|
||||
objectNameToAssume varchar(63);
|
||||
objectUuidToAssume uuid;
|
||||
@ -48,10 +49,10 @@ begin
|
||||
|
||||
foreach roleName in array string_to_array(assumedRoles, ';')
|
||||
loop
|
||||
roleName = overlay(roleName placing '#' from length(roleName) + 1 - strpos(reverse(roleName), '.'));
|
||||
objectTableToAssume = split_part(roleName, '#', 1);
|
||||
objectNameToAssume = split_part(roleName, '#', 2);
|
||||
roleTypeToAssume = split_part(roleName, '#', 3);
|
||||
roleNameParts = overlay(roleName placing '#' from length(roleName) + 1 - strpos(reverse(roleName), '.'));
|
||||
objectTableToAssume = split_part(roleNameParts, '#', 1);
|
||||
objectNameToAssume = split_part(roleNameParts, '#', 2);
|
||||
roleTypeToAssume = split_part(roleNameParts, '#', 3);
|
||||
|
||||
objectUuidToAssume = findObjectUuidByIdName(objectTableToAssume, objectNameToAssume);
|
||||
|
||||
@ -60,7 +61,10 @@ begin
|
||||
where r.objectUuid = objectUuidToAssume
|
||||
and r.roleType = roleTypeToAssume
|
||||
into roleUuidToAssume;
|
||||
if (not isGranted(currentUserUuid, roleUuidToAssume)) then
|
||||
if roleUuidToAssume is null then
|
||||
raise exception '[403] role % not accessible for user %', roleName, currentUser();
|
||||
end if;
|
||||
if not isGranted(currentUserUuid, roleUuidToAssume) then
|
||||
raise exception '[403] user % has no permission to assume role %', currentUser(), roleName;
|
||||
end if;
|
||||
roleIdsToAssume := roleIdsToAssume || roleUuidToAssume;
|
||||
@ -160,7 +164,7 @@ begin
|
||||
if (currentSubjectsUuids is null or length(currentSubjectsUuids) = 0 ) then
|
||||
currentUserName := currentUser();
|
||||
if (length(currentUserName) > 0) then
|
||||
raise exception '[401] currentUserUuid cannot be determined, unknown user name "%"', currentUserName;
|
||||
raise exception '[401] currentSubjectsUuids (%) cannot be determined, unknown user name "%"', currentSubjectsUuids, currentUserName;
|
||||
else
|
||||
raise exception '[401] currentSubjectsUuids cannot be determined, please call `defineContext(...)` first;"';
|
||||
end if;
|
||||
|
||||
Reference in New Issue
Block a user