mikras_utils 0.4.3 → 0.5.0
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 46a6caa587baa5d73d1eee1af5a8cf764fc64e70be223f0b66aae6f1f41c6b91
|
|
4
|
+
data.tar.gz: a13096682ea8ec58b36b0154922b7e56fa914e51a756eda8a0f434106e8b1cc2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ac6234c5bcdbc6b2bcf1301c8a6b2c23c4a71a43abaeb47e37c3908126c3d8bfd25bafa439d7ec59a3070f6f5b4706edafc454191a4725d46ab487dad0bf1686
|
|
7
|
+
data.tar.gz: 005a114875b9eedbbf2d87d20fa752d8fbde45fd18773bee8d7a7f16373e80d65f0d9a8b9546c3bff67b3c9f429a3119cef8d13e96dbaa916ca6bd19d3f6aa51
|
|
@@ -28,8 +28,8 @@ module MkAcl
|
|
|
28
28
|
and ref_schema_name = '#{spec.app_schema}'
|
|
29
29
|
)
|
|
30
30
|
|
|
31
|
-
# Assign table references
|
|
32
31
|
for child_table_name, child_table_uid, parent_table_name, parent_table_uid, parent_link_field in links
|
|
32
|
+
# Detect uncovered tables
|
|
33
33
|
if !spec.key?(child_table_name)
|
|
34
34
|
@uncovered_tables << child_table_name
|
|
35
35
|
next
|
|
@@ -38,9 +38,11 @@ module MkAcl
|
|
|
38
38
|
next
|
|
39
39
|
end
|
|
40
40
|
|
|
41
|
+
# Find referenced table objects
|
|
41
42
|
child_table = spec[child_table_name] or raise "Can't find table #{parent_table_name.inspect}"
|
|
42
43
|
parent_table = spec[parent_table_name] or raise "Can't find referenced table #{parent_table_name.inspect}"
|
|
43
44
|
|
|
45
|
+
# Assign table references
|
|
44
46
|
child_table.references[parent_table.name] = [parent_table, parent_link_field]
|
|
45
47
|
end
|
|
46
48
|
|
|
@@ -33,10 +33,13 @@ module MkAcl
|
|
|
33
33
|
insert into acl_portal.acl_tables (
|
|
34
34
|
schema_name, table_name, domain,
|
|
35
35
|
parent_schema_name, parent_table_name, parent_link_field,
|
|
36
|
-
acl)
|
|
36
|
+
acl_link_fields, acl)
|
|
37
37
|
values (
|
|
38
38
|
'#{app_schema}', '#{table}', #{conn.quote_value(table.domain)},
|
|
39
|
-
|
|
39
|
+
#{PgConn.quote_value(table.parent && table.app_schema)},
|
|
40
|
+
#{PgConn.quote_value(table.parent)},
|
|
41
|
+
#{PgConn.quote_value(table.parent_link_field)},
|
|
42
|
+
#{PgConn.quote_value(table.references.values.map(&:last), elem_type: 'text')},
|
|
40
43
|
#{table.acl || 'false'})
|
|
41
44
|
returning id as "table_id"
|
|
42
45
|
\\gset
|
|
@@ -47,14 +47,14 @@ module MkAcl
|
|
|
47
47
|
attr_reader :spec
|
|
48
48
|
forward_to :@spec, :app_schema, :acl_schema
|
|
49
49
|
|
|
50
|
-
# Hash from referenced table name to a tuple of the table object and the
|
|
51
|
-
# link field. Initialized by the analyzer
|
|
52
|
-
attr_accessor :references
|
|
53
|
-
|
|
54
50
|
# Table name and uid
|
|
55
51
|
attr_reader :name
|
|
56
52
|
attr_reader :uid # SCHEMA.TABLE name
|
|
57
53
|
|
|
54
|
+
# Hash from referenced table name to a tuple of the table object and the
|
|
55
|
+
# link field. Initialized by the analyzer
|
|
56
|
+
attr_accessor :references
|
|
57
|
+
|
|
58
58
|
# Parent domain table. Initialized by the analyzer
|
|
59
59
|
attr_accessor :parent
|
|
60
60
|
|
|
@@ -91,6 +91,7 @@ module MkAcl
|
|
|
91
91
|
@uid = "#{app_schema}.#{@name}"
|
|
92
92
|
@record_name = Prick::Inflector.singularize(@name)
|
|
93
93
|
@parent_name = parent_name
|
|
94
|
+
@parent_link_fields = []
|
|
94
95
|
@domain = domain
|
|
95
96
|
@acl = acl
|
|
96
97
|
@actions = {}
|
|
@@ -108,7 +109,7 @@ module MkAcl
|
|
|
108
109
|
indent {
|
|
109
110
|
puts "domain: #{domain}" if domain
|
|
110
111
|
puts "parent: #{parent}" if parent
|
|
111
|
-
puts "references: [#{references.values.map
|
|
112
|
+
puts "references: [#{references.values.map { |k,v| "#{v}->#{k.name}" }.join(' ')}]"
|
|
112
113
|
for action_name in %w(insert select update delete)
|
|
113
114
|
actions[action_name]&.dump
|
|
114
115
|
end
|
|
@@ -166,11 +167,11 @@ module MkAcl
|
|
|
166
167
|
|
|
167
168
|
attr_reader :action
|
|
168
169
|
forward_to :action, :table, :name
|
|
169
|
-
attr_accessor :roles
|
|
170
|
-
attr_accessor :filter # Goes into the postgres policy
|
|
171
|
-
attr_accessor :assert # Goes into the postgres trigger
|
|
172
|
-
attr_accessor :fields # Only used for insert and update
|
|
173
|
-
attr_accessor :tables # Only used for attach
|
|
170
|
+
attr_accessor :roles # Roles that this rule applies to
|
|
171
|
+
attr_accessor :filter # Goes into the postgres policy, may be nil
|
|
172
|
+
attr_accessor :assert # Goes into the postgres trigger, may be nil
|
|
173
|
+
attr_accessor :fields # Only used for insert and update, nil otherwise
|
|
174
|
+
attr_accessor :tables # Only used for attach, nil otherwise
|
|
174
175
|
attr_reader :ordinal
|
|
175
176
|
|
|
176
177
|
# admin, internal, etc.
|
|
@@ -183,8 +184,10 @@ module MkAcl
|
|
|
183
184
|
@action = action
|
|
184
185
|
@ordinal = ordinal
|
|
185
186
|
@roles = []
|
|
186
|
-
@
|
|
187
|
-
@
|
|
187
|
+
@filter = nil
|
|
188
|
+
@assert = nil
|
|
189
|
+
@fields = %w(insert update).include?(action.name) ? [] : nil
|
|
190
|
+
@tables = %w(attach).include?(action.name) ? [] : nil
|
|
188
191
|
|
|
189
192
|
action.send :attach_rule, self
|
|
190
193
|
end
|
|
@@ -193,8 +196,8 @@ module MkAcl
|
|
|
193
196
|
puts "roles: [#{roles.join(' ')}]"
|
|
194
197
|
puts "filter: #{filter}" if filter
|
|
195
198
|
puts "assert: #{assert}" if assert
|
|
196
|
-
puts "fields: [#{fields.join(' ')}]" if !fields.empty?
|
|
197
|
-
puts "tables: [#{tables.join(' ')}]" if !tables.empty?
|
|
199
|
+
puts "fields: [#{fields.join(' ')}]" if fields && !fields.empty?
|
|
200
|
+
puts "tables: [#{tables.join(' ')}]" if tables && !tables.empty?
|
|
198
201
|
puts "ordinal: #{ordinal}"
|
|
199
202
|
end
|
|
200
203
|
end
|
data/lib/mikras_utils/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: mikras_utils
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Claus Rasmussen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2025-01-
|
|
11
|
+
date: 2025-01-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: pg_conn
|