Refactoring SetupConsole with DBFactory
This commit is contained in:
parent
8dd01d291d
commit
78d49a9829
20 changed files with 337 additions and 407 deletions
|
|
@ -5,105 +5,102 @@ using PlanTempus.Database.Core.ConnectionFactory;
|
|||
|
||||
namespace PlanTempus.Database.Core.DCL
|
||||
{
|
||||
/// <summary>
|
||||
/// Only a superadmin or similar can create Application Users
|
||||
/// </summary>
|
||||
public class SetupApplicationUser : IDbConfigure<SetupApplicationUser.Command>
|
||||
{
|
||||
public class Command
|
||||
{
|
||||
public required string Schema { get; init; }
|
||||
public required string User { get; init; }
|
||||
public required string Password { get; init; }
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// Only a superadmin or similar can create Application Users
|
||||
/// </summary>
|
||||
public class SetupApplicationUser : IDbConfigure<SetupApplicationUser.Command>
|
||||
{
|
||||
public class Command
|
||||
{
|
||||
public required string Schema { get; init; }
|
||||
public required string User { get; init; }
|
||||
public required string Password { get; init; }
|
||||
}
|
||||
Command _command;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
|
||||
public SetupApplicationUser(IDbConnectionFactory connectionFactory)
|
||||
{
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
Command _command;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
public void With(Command command, ConnectionStringParameters parameters = null)
|
||||
{
|
||||
_command = command;
|
||||
|
||||
public SetupApplicationUser(IDbConnectionFactory connectionFactory)
|
||||
{
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
|
||||
public void With(Command command)
|
||||
{
|
||||
_command = command;
|
||||
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
|
||||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
}
|
||||
|
||||
using var conn = _connectionFactory.Create();
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
private void CreateSchema(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void CreateSchema(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
private void CreateRole(IDbConnection db)
|
||||
{
|
||||
var sql = $@"
|
||||
private void CreateRole(IDbConnection db)
|
||||
{
|
||||
var sql = $@"
|
||||
DO $$
|
||||
BEGIN
|
||||
IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '{_command.User}') THEN
|
||||
CREATE ROLE {_command.User} WITH CREATEDB CREATEROLE LOGIN PASSWORD '{_command.Password}';
|
||||
END IF;
|
||||
END $$;";
|
||||
db.ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
db.ExecuteSql(sql1);
|
||||
}
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
db.ExecuteSql(sql1);
|
||||
}
|
||||
|
||||
private void GrantSchemaRights(IDbConnection db)
|
||||
{
|
||||
// Grant USAGE og alle CREATE rettigheder på schema niveau
|
||||
var sql = $@"
|
||||
private void GrantSchemaRights(IDbConnection db)
|
||||
{
|
||||
// Grant USAGE og alle CREATE rettigheder på schema niveau
|
||||
var sql = $@"
|
||||
GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};
|
||||
GRANT ALL ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
// Grant rettigheder på eksisterende og fremtidige tabeller
|
||||
var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql1);
|
||||
// Grant rettigheder på eksisterende og fremtidige tabeller
|
||||
var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql1);
|
||||
|
||||
var sql2 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT ALL PRIVILEGES ON TABLES TO {_command.User};";
|
||||
db.ExecuteSql(sql2);
|
||||
var sql2 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT ALL PRIVILEGES ON TABLES TO {_command.User};";
|
||||
db.ExecuteSql(sql2);
|
||||
|
||||
// Grant sequence rettigheder
|
||||
var sql3 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql3);
|
||||
// Grant sequence rettigheder
|
||||
var sql3 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql3);
|
||||
|
||||
// Grant execute på functions
|
||||
var sql4 = $"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql4);
|
||||
// Grant execute på functions
|
||||
var sql4 = $"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql4);
|
||||
|
||||
// Grant for fremtidige functions
|
||||
var sql5 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT EXECUTE ON FUNCTIONS TO {_command.User};";
|
||||
db.ExecuteSql(sql5);
|
||||
// Grant for fremtidige functions
|
||||
var sql5 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT EXECUTE ON FUNCTIONS TO {_command.User};";
|
||||
db.ExecuteSql(sql5);
|
||||
|
||||
// Grant for fremtidige sequences
|
||||
var sql6 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT USAGE ON SEQUENCES TO {_command.User};";
|
||||
db.ExecuteSql(sql6);
|
||||
}
|
||||
// Grant for fremtidige sequences
|
||||
var sql6 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT USAGE ON SEQUENCES TO {_command.User};";
|
||||
db.ExecuteSql(sql6);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -21,39 +21,39 @@ namespace PlanTempus.Database.Core.DCL
|
|||
|
||||
|
||||
Command _command;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
|
||||
public SetupDbAdmin(IDbConnectionFactory connectionFactory)
|
||||
public SetupDbAdmin(IDbConnectionFactory connectionFactory)
|
||||
{
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
|
||||
public void With(Command command)
|
||||
public void With(Command command, ConnectionStringParameters parameters = null)
|
||||
{
|
||||
_command = command;
|
||||
|
||||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
|
||||
using var conn = _connectionFactory.Create();
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private void CreateSchema(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
|
|
@ -69,13 +69,13 @@ namespace PlanTempus.Database.Core.DCL
|
|||
CREATE ROLE {_command.User} WITH CREATEDB CREATEROLE LOGIN PASSWORD '{_command.Password}';
|
||||
END IF;
|
||||
END $$;";
|
||||
db.ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
db.ExecuteSql(sql1);
|
||||
db.ExecuteSql(sql1);
|
||||
|
||||
var sql2 = $"ALTER SCHEMA {_command.Schema} OWNER TO {_command.User};";
|
||||
db.ExecuteSql(sql2);
|
||||
db.ExecuteSql(sql2);
|
||||
|
||||
}
|
||||
|
||||
|
|
@ -83,10 +83,9 @@ namespace PlanTempus.Database.Core.DCL
|
|||
{
|
||||
// Grant USAGE og alle CREATE rettigheder på schema niveau
|
||||
//GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};
|
||||
var sql = $@"
|
||||
GRANT CREATE ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
var sql = $@"GRANT CREATE ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
|
||||
db.ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
// Grant rettigheder på eksisterende og fremtidige tabeller
|
||||
//var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
using Insight.Database;
|
||||
using PlanTempus.Database.Common;
|
||||
using PlanTempus.Database.Core;
|
||||
using PlanTempus.Database.Core.ConnectionFactory;
|
||||
|
||||
namespace PlanTempus.Database.Core.DCL
|
||||
{
|
||||
|
|
@ -14,81 +15,75 @@ namespace PlanTempus.Database.Core.DCL
|
|||
public required string Password { get; init; }
|
||||
}
|
||||
|
||||
IDbConnection _db;
|
||||
Command _command;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
|
||||
public SetupOrganization(IDbConnection db)
|
||||
|
||||
public SetupOrganization(IDbConnectionFactory connectionFactory)
|
||||
{
|
||||
_db = db;
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
public void With(Command command)
|
||||
public void With(Command command, ConnectionStringParameters parameters = null)
|
||||
{
|
||||
|
||||
_command = command;
|
||||
|
||||
|
||||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
|
||||
using (var transaction = _db.BeginTransaction())
|
||||
using var conn = parameters is null ? _connectionFactory.Create() : _connectionFactory.Create(parameters);
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
try
|
||||
{
|
||||
CreateSchema();
|
||||
CreateRole();
|
||||
GrantSchemaRights();
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupOrganization in Database", ex);
|
||||
}
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupOrganization in Database", ex);
|
||||
}
|
||||
|
||||
}
|
||||
private void ExecuteSql(string sql)
|
||||
{
|
||||
_db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
private void CreateSchema()
|
||||
|
||||
private void CreateSchema(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
private void CreateRole()
|
||||
private void CreateRole(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE ROLE {_command.User} LOGIN PASSWORD '{_command.Password}';";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
ExecuteSql(sql1);
|
||||
db.ExecuteSql(sql1);
|
||||
|
||||
}
|
||||
|
||||
private void GrantSchemaRights()
|
||||
private void GrantSchemaRights(IDbConnection db)
|
||||
{
|
||||
var sql = $"GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
var sql1 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} " +
|
||||
$"GRANT INSERT, SELECT, UPDATE PRIVILEGES ON TABLES TO {_command.User};";
|
||||
ExecuteSql(sql1);
|
||||
db.ExecuteSql(sql1);
|
||||
|
||||
var sql2 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql2);
|
||||
db.ExecuteSql(sql2);
|
||||
|
||||
var sql3 = $"GRANT CREATE TABLE ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql3);
|
||||
db.ExecuteSql(sql3);
|
||||
}
|
||||
public void RevokeCreateTable()
|
||||
public void RevokeCreateTable(IDbConnection db)
|
||||
{
|
||||
var sql = $"REVOKE CREATE TABLE ON SCHEMA {_command.Schema} FROM {_command.User};";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue