Janus007/PlanTempusApp
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactoring SetupConsole with DBFactory

Browse source
This commit is contained in:
Janus C. H. Knudsen 2025-02-21 23:34:06 +01:00
parent 8dd01d291d
commit 78d49a9829
20 changed files with 337 additions and 407 deletions
Download patch file Download diff file Expand all files Collapse all files

12
Database/Core/ConnectionFactory/IDbConnectionFactory.cs
View file

@ -1,8 +1,10 @@
namespace PlanTempus.Database.Core.ConnectionFactory
{
public interface IDbConnectionFactory
{
System.Data.IDbConnection Create();
System.Data.IDbConnection Create(string username, string password);
}
public record ConnectionStringParameters(string user, string pwd);
public interface IDbConnectionFactory
{
System.Data.IDbConnection Create();
System.Data.IDbConnection Create(ConnectionStringParameters connectionStringTemplateParameters);
}
}

10
Database/Core/ConnectionFactory/PostgresConnectionFactory.cs
View file

@ -2,9 +2,9 @@
using System.Data;
namespace PlanTempus.Database.Core.ConnectionFactory
{
public class PostgresConnectionFactory : IDbConnectionFactory, IAsyncDisposable
public class PostgresConnectionFactory : IDbConnectionFactory, IAsyncDisposable
{
private readonly NpgsqlDataSource _baseDataSource;
private readonly Action<NpgsqlDataSourceBuilder> _configureDataSource;
@ -29,13 +29,13 @@ namespace PlanTempus.Database.Core.ConnectionFactory
return _baseDataSource.CreateConnection();
}
public IDbConnection Create(string username, string password)
public IDbConnection Create(ConnectionStringParameters param)
{
var connectionStringBuilder = new NpgsqlConnectionStringBuilder(
_baseDataSource.ConnectionString)
{
Username = username,
Password = password
Username = param.user,
Password = param.pwd
};
var tempDataSourceBuilder = new NpgsqlDataSourceBuilder(

149
Database/Core/DCL/SetupApplicationUser.cs
View file

@ -5,105 +5,102 @@ using PlanTempus.Database.Core.ConnectionFactory;
namespace PlanTempus.Database.Core.DCL
{
/// <summary>
/// Only a superadmin or similar can create Application Users
/// </summary>
public class SetupApplicationUser : IDbConfigure<SetupApplicationUser.Command>
{
public class Command
{
public required string Schema { get; init; }
public required string User { get; init; }
public required string Password { get; init; }
}
/// <summary>
/// Only a superadmin or similar can create Application Users
/// </summary>
public class SetupApplicationUser : IDbConfigure<SetupApplicationUser.Command>
{
public class Command
{
public required string Schema { get; init; }
public required string User { get; init; }
public required string Password { get; init; }
}
Command _command;
private readonly IDbConnectionFactory _connectionFactory;
public SetupApplicationUser(IDbConnectionFactory connectionFactory)
{
_connectionFactory = connectionFactory;
}
Command _command;
private readonly IDbConnectionFactory _connectionFactory;
public void With(Command command, ConnectionStringParameters parameters = null)
{
_command = command;
public SetupApplicationUser(IDbConnectionFactory connectionFactory)
{
_connectionFactory = connectionFactory;
}
if (!Validations.IsValidSchemaName(_command.Schema))
throw new ArgumentException("Invalid schema name", _command.Schema);
public void With(Command command)
{
_command = command;
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
using var transaction = conn.OpenWithTransaction();
try
{
CreateSchema(conn);
CreateRole(conn);
GrantSchemaRights(conn);
if (!Validations.IsValidSchemaName(_command.Schema))
throw new ArgumentException("Invalid schema name", _command.Schema);
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
}
}
using var conn = _connectionFactory.Create();
using var transaction = conn.OpenWithTransaction();
try
{
CreateSchema(conn);
CreateRole(conn);
GrantSchemaRights(conn);
private void CreateSchema(IDbConnection db)
{
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
db.ExecuteSql(sql);
}
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
}
}
private void CreateSchema(IDbConnection db)
{
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
db.ExecuteSql(sql);
}
private void CreateRole(IDbConnection db)
{
var sql = $@"
private void CreateRole(IDbConnection db)
{
var sql = $@"
DO $$
BEGIN
IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '{_command.User}') THEN
CREATE ROLE {_command.User} WITH CREATEDB CREATEROLE LOGIN PASSWORD '{_command.Password}';
END IF;
END $$;";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
db.ExecuteSql(sql1);
}
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
db.ExecuteSql(sql1);
}
private void GrantSchemaRights(IDbConnection db)
{
// Grant USAGE og alle CREATE rettigheder på schema niveau
var sql = $@"
private void GrantSchemaRights(IDbConnection db)
{
// Grant USAGE og alle CREATE rettigheder på schema niveau
var sql = $@"
GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};
GRANT ALL ON SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
// Grant rettigheder på eksisterende og fremtidige tabeller
var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql1);
// Grant rettigheder på eksisterende og fremtidige tabeller
var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql1);
var sql2 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT ALL PRIVILEGES ON TABLES TO {_command.User};";
db.ExecuteSql(sql2);
var sql2 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT ALL PRIVILEGES ON TABLES TO {_command.User};";
db.ExecuteSql(sql2);
// Grant sequence rettigheder
var sql3 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql3);
// Grant sequence rettigheder
var sql3 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql3);
// Grant execute på functions
var sql4 = $"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql4);
// Grant execute på functions
var sql4 = $"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql4);
// Grant for fremtidige functions
var sql5 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT EXECUTE ON FUNCTIONS TO {_command.User};";
db.ExecuteSql(sql5);
// Grant for fremtidige functions
var sql5 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT EXECUTE ON FUNCTIONS TO {_command.User};";
db.ExecuteSql(sql5);
// Grant for fremtidige sequences
var sql6 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT USAGE ON SEQUENCES TO {_command.User};";
db.ExecuteSql(sql6);
}
// Grant for fremtidige sequences
var sql6 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT USAGE ON SEQUENCES TO {_command.User};";
db.ExecuteSql(sql6);
}
}
}
}

53
Database/Core/DCL/SetupDbAdmin.cs
View file

@ -21,39 +21,39 @@ namespace PlanTempus.Database.Core.DCL
Command _command;
private readonly IDbConnectionFactory _connectionFactory;
private readonly IDbConnectionFactory _connectionFactory;
public SetupDbAdmin(IDbConnectionFactory connectionFactory)
public SetupDbAdmin(IDbConnectionFactory connectionFactory)
{
_connectionFactory = connectionFactory;
}
_connectionFactory = connectionFactory;
}
public void With(Command command)
public void With(Command command, ConnectionStringParameters parameters = null)
{
_command = command;
if (!Validations.IsValidSchemaName(_command.Schema))
throw new ArgumentException("Invalid schema name", _command.Schema);
using var conn = _connectionFactory.Create();
using var transaction = conn.OpenWithTransaction();
try
{
CreateSchema(conn);
CreateRole(conn);
GrantSchemaRights(conn);
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
using var transaction = conn.OpenWithTransaction();
try
{
CreateSchema(conn);
CreateRole(conn);
GrantSchemaRights(conn);
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
}
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
}
}
}
private void CreateSchema(IDbConnection db)
{
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
@ -69,13 +69,13 @@ namespace PlanTempus.Database.Core.DCL
CREATE ROLE {_command.User} WITH CREATEDB CREATEROLE LOGIN PASSWORD '{_command.Password}';
END IF;
END $$;";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
db.ExecuteSql(sql1);
db.ExecuteSql(sql1);
var sql2 = $"ALTER SCHEMA {_command.Schema} OWNER TO {_command.User};";
db.ExecuteSql(sql2);
db.ExecuteSql(sql2);
}
@ -83,10 +83,9 @@ namespace PlanTempus.Database.Core.DCL
{
// Grant USAGE og alle CREATE rettigheder på schema niveau
//GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};
var sql = $@"
GRANT CREATE ON SCHEMA {_command.Schema} TO {_command.User};";
var sql = $@"GRANT CREATE ON SCHEMA {_command.Schema} TO {_command.User};";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
// Grant rettigheder på eksisterende og fremtidige tabeller
//var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";

67
Database/Core/DCL/SetupOrganizationUser.cs
View file

@ -2,6 +2,7 @@
using Insight.Database;
using PlanTempus.Database.Common;
using PlanTempus.Database.Core;
using PlanTempus.Database.Core.ConnectionFactory;
namespace PlanTempus.Database.Core.DCL
{
@ -14,81 +15,75 @@ namespace PlanTempus.Database.Core.DCL
public required string Password { get; init; }
}
IDbConnection _db;
Command _command;
private readonly IDbConnectionFactory _connectionFactory;
public SetupOrganization(IDbConnection db)
public SetupOrganization(IDbConnectionFactory connectionFactory)
{
_db = db;
_connectionFactory = connectionFactory;
}
public void With(Command command)
public void With(Command command, ConnectionStringParameters parameters = null)
{
_command = command;
if (!Validations.IsValidSchemaName(_command.Schema))
throw new ArgumentException("Invalid schema name", _command.Schema);
using (var transaction = _db.BeginTransaction())
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
using var transaction = conn.OpenWithTransaction();
try
{
try
{
CreateSchema();
CreateRole();
GrantSchemaRights();
CreateSchema(conn);
CreateRole(conn);
GrantSchemaRights(conn);
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupOrganization in Database", ex);
}
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupOrganization in Database", ex);
}
}
private void ExecuteSql(string sql)
{
_db.ExecuteSql(sql);
}
private void CreateSchema()
private void CreateSchema(IDbConnection db)
{
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
ExecuteSql(sql);
db.ExecuteSql(sql);
}
private void CreateRole()
private void CreateRole(IDbConnection db)
{
var sql = $"CREATE ROLE {_command.User} LOGIN PASSWORD '{_command.Password}';";
ExecuteSql(sql);
db.ExecuteSql(sql);
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
ExecuteSql(sql1);
db.ExecuteSql(sql1);
}
private void GrantSchemaRights()
private void GrantSchemaRights(IDbConnection db)
{
var sql = $"GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};";
ExecuteSql(sql);
db.ExecuteSql(sql);
var sql1 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} " +
$"GRANT INSERT, SELECT, UPDATE PRIVILEGES ON TABLES TO {_command.User};";
ExecuteSql(sql1);
db.ExecuteSql(sql1);
var sql2 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
ExecuteSql(sql2);
db.ExecuteSql(sql2);
var sql3 = $"GRANT CREATE TABLE ON SCHEMA {_command.Schema} TO {_command.User};";
ExecuteSql(sql3);
db.ExecuteSql(sql3);
}
public void RevokeCreateTable()
public void RevokeCreateTable(IDbConnection db)
{
var sql = $"REVOKE CREATE TABLE ON SCHEMA {_command.Schema} FROM {_command.User};";
ExecuteSql(sql);
db.ExecuteSql(sql);
}
}
}

168
Database/Core/DDL/SetupIdentitySystem.cs
View file

@ -4,58 +4,58 @@ using System.Data;
namespace PlanTempus.Database.Core.DDL
{
/// <summary>
/// This is by purpose not async await
/// It is intended that this is created with the correct Application User, which is why the schema name is omitted.
/// </summary>
public class SetupIdentitySystem : IDbConfigure<SetupIdentitySystem.Command>
{
public class Command
{
public required string Schema { get; init; }
}
/// <summary>
/// This is by purpose not async await
/// It is intended that this is created with the correct Application User, which is why the schema name is omitted.
/// </summary>
public class SetupIdentitySystem : IDbConfigure<SetupIdentitySystem.Command>
{
public class Command
{
public required string Schema { get; init; }
}
Command _command;
private readonly IDbConnectionFactory _connectionFactory;
Command _command;
private readonly IDbConnectionFactory _connectionFactory;
public SetupIdentitySystem(IDbConnectionFactory connectionFactory)
{
_connectionFactory = connectionFactory;
}
public SetupIdentitySystem(IDbConnectionFactory connectionFactory)
{
_connectionFactory = connectionFactory;
}
/// <summary>
/// Creates the system tables in the specified schema within a transaction.
/// </summary>
/// <param name="schema">The schema name where the tables will be created.</param>
public void With(Command command)
{
_command = command;
/// <summary>
/// Creates the system tables in the specified schema within a transaction.
/// </summary>
/// <param name="schema">The schema name where the tables will be created.</param>
public void With(Command command, ConnectionStringParameters parameters = null)
{
_command = command;
using var conn = _connectionFactory.Create();
using var transaction = conn.OpenWithTransaction();
try
{
CreateUsersTable(conn);
CreateOrganizationsTable(conn);
CreateUserOrganizationsTable(conn);
SetupRLS(conn);
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
using var transaction = conn.OpenWithTransaction();
try
{
CreateUsersTable(conn);
CreateOrganizationsTable(conn);
CreateUserOrganizationsTable(conn);
SetupRLS(conn);
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupIdentitySystem. Transaction is rolled back", ex);
}
}
transaction.Commit();
}
catch (Exception ex)
{
transaction.Rollback();
throw new InvalidOperationException("Failed to SetupIdentitySystem. Transaction is rolled back", ex);
}
}
/// <summary>
/// Creates the users table
/// </summary>
void CreateUsersTable(IDbConnection db)
{
var sql = @$"
/// <summary>
/// Creates the users table
/// </summary>
void CreateUsersTable(IDbConnection db)
{
var sql = @$"
CREATE TABLE IF NOT EXISTS {_command.Schema}.users (
id SERIAL PRIMARY KEY,
email VARCHAR(256) NOT NULL UNIQUE,
@ -70,16 +70,16 @@ namespace PlanTempus.Database.Core.DDL
last_login_at TIMESTAMPTZ NULL
);";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
}
}
/// <summary>
/// Creates the organizations table
/// </summary>
void CreateOrganizationsTable(IDbConnection db)
{
var sql = @$"
/// <summary>
/// Creates the organizations table
/// </summary>
void CreateOrganizationsTable(IDbConnection db)
{
var sql = @$"
CREATE TABLE IF NOT EXISTS {_command.Schema}.organizations (
id SERIAL PRIMARY KEY,
connection_string VARCHAR(500) NOT NULL,
@ -88,16 +88,16 @@ namespace PlanTempus.Database.Core.DDL
created_at TIMESTAMPTZ NOT NULL DEFAULT CURRENT_TIMESTAMP
);";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
}
}
/// <summary>
/// Creates the user_organizations table
/// </summary>
void CreateUserOrganizationsTable(IDbConnection db)
{
var sql = @$"
/// <summary>
/// Creates the user_organizations table
/// </summary>
void CreateUserOrganizationsTable(IDbConnection db)
{
var sql = @$"
CREATE TABLE IF NOT EXISTS {_command.Schema}.user_organizations (
user_id INTEGER NOT NULL REFERENCES {_command.Schema}.users(id),
organization_id INTEGER NOT NULL REFERENCES {_command.Schema}.organizations(id),
@ -106,37 +106,37 @@ namespace PlanTempus.Database.Core.DDL
PRIMARY KEY (user_id, organization_id)
);";
db.ExecuteSql(sql);
db.ExecuteSql(sql);
}
}
/// <summary>
/// Sets up Row Level Security (RLS) for the organizations and user_organizations tables.
/// </summary>
void SetupRLS(IDbConnection db)
{
var sql = new[]
{
$"ALTER TABLE {_command.Schema}.organizations ENABLE ROW LEVEL SECURITY;",
$"ALTER TABLE {_command.Schema}.user_organizations ENABLE ROW LEVEL SECURITY;",
$"DROP POLICY IF EXISTS organization_access ON {_command.Schema}.organizations;",
@$"CREATE POLICY organization_access ON {_command.Schema}.organizations
/// <summary>
/// Sets up Row Level Security (RLS) for the organizations and user_organizations tables.
/// </summary>
void SetupRLS(IDbConnection db)
{
var sql = new[]
{
$"ALTER TABLE {_command.Schema}.organizations ENABLE ROW LEVEL SECURITY;",
$"ALTER TABLE {_command.Schema}.user_organizations ENABLE ROW LEVEL SECURITY;",
$"DROP POLICY IF EXISTS organization_access ON {_command.Schema}.organizations;",
@$"CREATE POLICY organization_access ON {_command.Schema}.organizations
USING (id IN (
SELECT organization_id
FROM {_command.Schema}.user_organizations
WHERE user_id = current_setting('app.user_id', TRUE)::INTEGER
)) WITH CHECK (true);",
$"DROP POLICY IF EXISTS user_organization_access ON {_command.Schema}.user_organizations;",
@$"CREATE POLICY user_organization_access ON {_command.Schema}.user_organizations
$"DROP POLICY IF EXISTS user_organization_access ON {_command.Schema}.user_organizations;",
@$"CREATE POLICY user_organization_access ON {_command.Schema}.user_organizations
USING (user_id = current_setting('app.user_id', TRUE)::INTEGER) WITH CHECK (true);"
};
};
foreach (var statement in sql)
{
db.ExecuteSql(statement);
}
}
foreach (var statement in sql)
{
db.ExecuteSql(statement);
}
}
}
}
}

2
Database/Core/IDbConfigure.cs
View file

@ -2,6 +2,6 @@
{
public interface IDbConfigure<T>
{
void With(T command);
void With(T command, ConnectionFactory.ConnectionStringParameters parameters = null);
}
}

4
Database/Core/Sql/SqlOperations.cs
View file

@ -6,8 +6,6 @@ using System.Data;
namespace PlanTempus.Database.Core.Sql
{
public class DatabaseScope : IDisposable
{
private readonly IDbConnection _connection;
@ -99,6 +97,4 @@ namespace PlanTempus.Database.Core.Sql
}
}
}