More work on this Console Host
This commit is contained in:
parent
1501ff442a
commit
8dd01d291d
11 changed files with 336 additions and 344 deletions
|
|
@ -1,114 +1,109 @@
|
|||
using System.Data;
|
||||
using Insight.Database;
|
||||
using PlanTempus.Database.Common;
|
||||
using PlanTempus.Database.Core;
|
||||
using PlanTempus.Database.Core.ConnectionFactory;
|
||||
|
||||
namespace PlanTempus.Database.Core.DCL
|
||||
{
|
||||
|
||||
/// <summary>
|
||||
/// Only a superadmin or similar can create Application Users
|
||||
/// </summary>
|
||||
public class SetupApplicationUser : IDbConfigure<SetupApplicationUser.Command>
|
||||
{
|
||||
public class Command
|
||||
{
|
||||
public required string Schema { get; init; }
|
||||
public required string User { get; init; }
|
||||
public required string Password { get; init; }
|
||||
}
|
||||
/// <summary>
|
||||
/// Only a superadmin or similar can create Application Users
|
||||
/// </summary>
|
||||
public class SetupApplicationUser : IDbConfigure<SetupApplicationUser.Command>
|
||||
{
|
||||
public class Command
|
||||
{
|
||||
public required string Schema { get; init; }
|
||||
public required string User { get; init; }
|
||||
public required string Password { get; init; }
|
||||
}
|
||||
|
||||
|
||||
IDbConnection _db;
|
||||
Command _command;
|
||||
Command _command;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
|
||||
public SetupApplicationUser(IDbConnection db)
|
||||
{
|
||||
_db = db;
|
||||
}
|
||||
public SetupApplicationUser(IDbConnectionFactory connectionFactory)
|
||||
{
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
public void With(Command command)
|
||||
{
|
||||
_command = command;
|
||||
public void With(Command command)
|
||||
{
|
||||
_command = command;
|
||||
|
||||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
|
||||
using (var transaction = _db.OpenWithTransaction())
|
||||
{
|
||||
try
|
||||
{
|
||||
CreateSchema();
|
||||
CreateRole();
|
||||
GrantSchemaRights();
|
||||
using var conn = _connectionFactory.Create();
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
}
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
|
||||
}
|
||||
private void ExecuteSql(string sql)
|
||||
{
|
||||
_db.ExecuteSql(sql);
|
||||
}
|
||||
}
|
||||
|
||||
private void CreateSchema()
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
ExecuteSql(sql);
|
||||
}
|
||||
private void CreateSchema(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
private void CreateRole()
|
||||
{
|
||||
var sql = $@"
|
||||
private void CreateRole(IDbConnection db)
|
||||
{
|
||||
var sql = $@"
|
||||
DO $$
|
||||
BEGIN
|
||||
IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '{_command.User}') THEN
|
||||
CREATE ROLE {_command.User} WITH CREATEDB CREATEROLE LOGIN PASSWORD '{_command.Password}';
|
||||
END IF;
|
||||
END $$;";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
ExecuteSql(sql1);
|
||||
}
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
db.ExecuteSql(sql1);
|
||||
}
|
||||
|
||||
private void GrantSchemaRights()
|
||||
{
|
||||
// Grant USAGE og alle CREATE rettigheder på schema niveau
|
||||
var sql = $@"
|
||||
private void GrantSchemaRights(IDbConnection db)
|
||||
{
|
||||
// Grant USAGE og alle CREATE rettigheder på schema niveau
|
||||
var sql = $@"
|
||||
GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};
|
||||
GRANT ALL ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
// Grant rettigheder på eksisterende og fremtidige tabeller
|
||||
var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql1);
|
||||
// Grant rettigheder på eksisterende og fremtidige tabeller
|
||||
var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql1);
|
||||
|
||||
var sql2 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT ALL PRIVILEGES ON TABLES TO {_command.User};";
|
||||
ExecuteSql(sql2);
|
||||
var sql2 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT ALL PRIVILEGES ON TABLES TO {_command.User};";
|
||||
db.ExecuteSql(sql2);
|
||||
|
||||
// Grant sequence rettigheder
|
||||
var sql3 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql3);
|
||||
// Grant sequence rettigheder
|
||||
var sql3 = $"GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql3);
|
||||
|
||||
// Grant execute på functions
|
||||
var sql4 = $"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
ExecuteSql(sql4);
|
||||
// Grant execute på functions
|
||||
var sql4 = $"GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
db.ExecuteSql(sql4);
|
||||
|
||||
// Grant for fremtidige functions
|
||||
var sql5 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT EXECUTE ON FUNCTIONS TO {_command.User};";
|
||||
ExecuteSql(sql5);
|
||||
// Grant for fremtidige functions
|
||||
var sql5 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT EXECUTE ON FUNCTIONS TO {_command.User};";
|
||||
db.ExecuteSql(sql5);
|
||||
|
||||
// Grant for fremtidige sequences
|
||||
var sql6 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT USAGE ON SEQUENCES TO {_command.User};";
|
||||
ExecuteSql(sql6);
|
||||
}
|
||||
// Grant for fremtidige sequences
|
||||
var sql6 = $"ALTER DEFAULT PRIVILEGES IN SCHEMA {_command.Schema} GRANT USAGE ON SEQUENCES TO {_command.User};";
|
||||
db.ExecuteSql(sql6);
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2,6 +2,7 @@
|
|||
using Insight.Database;
|
||||
using PlanTempus.Database.Common;
|
||||
using PlanTempus.Database.Core;
|
||||
using PlanTempus.Database.Core.ConnectionFactory;
|
||||
|
||||
namespace PlanTempus.Database.Core.DCL
|
||||
{
|
||||
|
|
@ -19,13 +20,13 @@ namespace PlanTempus.Database.Core.DCL
|
|||
}
|
||||
|
||||
|
||||
IDbConnection _db;
|
||||
Command _command;
|
||||
private readonly IDbConnectionFactory _connectionFactory;
|
||||
|
||||
public SetupDbAdmin(IDbConnection db)
|
||||
public SetupDbAdmin(IDbConnectionFactory connectionFactory)
|
||||
{
|
||||
_db = db;
|
||||
}
|
||||
_connectionFactory = connectionFactory;
|
||||
}
|
||||
|
||||
|
||||
public void With(Command command)
|
||||
|
|
@ -35,36 +36,31 @@ namespace PlanTempus.Database.Core.DCL
|
|||
if (!Validations.IsValidSchemaName(_command.Schema))
|
||||
throw new ArgumentException("Invalid schema name", _command.Schema);
|
||||
|
||||
using (var transaction = _db.OpenWithTransaction())
|
||||
{
|
||||
try
|
||||
{
|
||||
CreateSchema();
|
||||
CreateRole();
|
||||
GrantSchemaRights();
|
||||
using var conn = _connectionFactory.Create();
|
||||
using var transaction = conn.OpenWithTransaction();
|
||||
try
|
||||
{
|
||||
CreateSchema(conn);
|
||||
CreateRole(conn);
|
||||
GrantSchemaRights(conn);
|
||||
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
}
|
||||
transaction.Commit();
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
transaction.Rollback();
|
||||
throw new InvalidOperationException("Failed to SetupApplicationUser in Database", ex);
|
||||
}
|
||||
|
||||
}
|
||||
private void ExecuteSql(string sql)
|
||||
{
|
||||
_db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
private void CreateSchema()
|
||||
}
|
||||
|
||||
private void CreateSchema(IDbConnection db)
|
||||
{
|
||||
var sql = $"CREATE SCHEMA IF NOT EXISTS {_command.Schema}";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
}
|
||||
|
||||
private void CreateRole()
|
||||
private void CreateRole(IDbConnection db)
|
||||
{
|
||||
var sql = $@"
|
||||
DO $$
|
||||
|
|
@ -73,24 +69,24 @@ namespace PlanTempus.Database.Core.DCL
|
|||
CREATE ROLE {_command.User} WITH CREATEDB CREATEROLE LOGIN PASSWORD '{_command.Password}';
|
||||
END IF;
|
||||
END $$;";
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
var sql1 = $"ALTER ROLE {_command.User} SET search_path='{_command.Schema}';";
|
||||
ExecuteSql(sql1);
|
||||
db.ExecuteSql(sql1);
|
||||
|
||||
var sql2 = $"ALTER SCHEMA {_command.Schema} OWNER TO {_command.User};";
|
||||
ExecuteSql(sql2);
|
||||
db.ExecuteSql(sql2);
|
||||
|
||||
}
|
||||
|
||||
private void GrantSchemaRights()
|
||||
private void GrantSchemaRights(IDbConnection db)
|
||||
{
|
||||
// Grant USAGE og alle CREATE rettigheder på schema niveau
|
||||
//GRANT USAGE ON SCHEMA {_command.Schema} TO {_command.User};
|
||||
var sql = $@"
|
||||
GRANT CREATE ON SCHEMA {_command.Schema} TO {_command.User};";
|
||||
|
||||
ExecuteSql(sql);
|
||||
db.ExecuteSql(sql);
|
||||
|
||||
// Grant rettigheder på eksisterende og fremtidige tabeller
|
||||
//var sql1 = $"GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA {_command.Schema} TO {_command.User};";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue