DeforaNetworks/corteza
DeforaNetworks/corteza
3
0
Fork 0
Code

Cleanup svc functions, add actionlog & rbac

Browse Source
This commit is contained in:
Tomaž Jerman 2023-06-25 15:25:45 +02:00
parent 71d3cf6518
commit caabf6647e
9 changed files with 205 additions and 529 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/system/component.cue
View File

@ -74,6 +74,8 @@ component: schema.#component & {
"resource-translations.manage": description: "List, search, create, or update resource translations"
"dal-schema-alterations.manage": description: "List, search, apply, or dismiss DAL alterations"
"data-privacy-request.create": description: "Create data privacy requests"
"data-privacy-requests.search": description: "List, search or filter data privacy requests"
}

12
server/system/rest.yaml
View File

@ -960,18 +960,6 @@ endpoints:
path: "/{alterationID}"
parameters:
path: [ { type: uint64, name: alterationID, required: true, title: "Alteration ID" } ]
- name: delete
method: DELETE
title: Remove alteration
path: "/{alterationID}"
parameters:
path: [ { type: uint64, name: alterationID, required: true, title: "Alteration ID" } ]
- name: undelete
method: POST
title: Undelete alteration
path: "/{alterationID}/undelete"
parameters:
path: [ { type: uint64, name: alterationID, required: true, title: "Alteration ID" } ]
- name: apply
method: POST

10
server/system/rest/dal_schema_alteration.go
View File

@ -40,8 +40,6 @@ type (
alterationService interface {
Search(ctx context.Context, filter types.DalSchemaAlterationFilter) (types.DalSchemaAlterationSet, types.DalSchemaAlterationFilter, error)
FindByID(ctx context.Context, ID uint64) (*types.DalSchemaAlteration, error)
DeleteByID(ctx context.Context, ID uint64) error
UndeleteByID(ctx context.Context, ID uint64) error
Apply(context.Context, ...uint64) error
Dismiss(context.Context, ...uint64) error
}
@ -88,14 +86,6 @@ func (ctrl DalSchemaAlteration) Read(ctx context.Context, r *request.DalSchemaAl
return ctrl.makePayload(ctx, res, err)
}
func (ctrl DalSchemaAlteration) Delete(ctx context.Context, r *request.DalSchemaAlterationDelete) (interface{}, error) {
return api.OK(), ctrl.svc.DeleteByID(ctx, r.AlterationID)
}
func (ctrl DalSchemaAlteration) Undelete(ctx context.Context, r *request.DalSchemaAlterationUndelete) (interface{}, error) {
return api.OK(), ctrl.svc.UndeleteByID(ctx, r.AlterationID)
}
func (ctrl DalSchemaAlteration) Apply(ctx context.Context, r *request.DalSchemaAlterationApply) (interface{}, error) {
return api.OK(), ctrl.svc.Apply(ctx, r.AlterationID...)
}

46
server/system/rest/handlers/dalSchemaAlteration.go
View File

@ -21,20 +21,16 @@ type (
DalSchemaAlterationAPI interface {
List(context.Context, *request.DalSchemaAlterationList) (interface{}, error)
Read(context.Context, *request.DalSchemaAlterationRead) (interface{}, error)
Delete(context.Context, *request.DalSchemaAlterationDelete) (interface{}, error)
Undelete(context.Context, *request.DalSchemaAlterationUndelete) (interface{}, error)
Apply(context.Context, *request.DalSchemaAlterationApply) (interface{}, error)
Dismiss(context.Context, *request.DalSchemaAlterationDismiss) (interface{}, error)
}
// HTTP API interface
DalSchemaAlteration struct {
List func(http.ResponseWriter, *http.Request)
Read func(http.ResponseWriter, *http.Request)
Delete func(http.ResponseWriter, *http.Request)
Undelete func(http.ResponseWriter, *http.Request)
Apply func(http.ResponseWriter, *http.Request)
Dismiss func(http.ResponseWriter, *http.Request)
List func(http.ResponseWriter, *http.Request)
Read func(http.ResponseWriter, *http.Request)
Apply func(http.ResponseWriter, *http.Request)
Dismiss func(http.ResponseWriter, *http.Request)
}
)
@ -72,38 +68,6 @@ func NewDalSchemaAlteration(h DalSchemaAlterationAPI) *DalSchemaAlteration {
api.Send(w, r, value)
},
Delete: func(w http.ResponseWriter, r *http.Request) {
defer r.Body.Close()
params := request.NewDalSchemaAlterationDelete()
if err := params.Fill(r); err != nil {
api.Send(w, r, err)
return
}
value, err := h.Delete(r.Context(), params)
if err != nil {
api.Send(w, r, err)
return
}
api.Send(w, r, value)
},
Undelete: func(w http.ResponseWriter, r *http.Request) {
defer r.Body.Close()
params := request.NewDalSchemaAlterationUndelete()
if err := params.Fill(r); err != nil {
api.Send(w, r, err)
return
}
value, err := h.Undelete(r.Context(), params)
if err != nil {
api.Send(w, r, err)
return
}
api.Send(w, r, value)
},
Apply: func(w http.ResponseWriter, r *http.Request) {
defer r.Body.Close()
params := request.NewDalSchemaAlterationApply()
@ -144,8 +108,6 @@ func (h DalSchemaAlteration) MountRoutes(r chi.Router, middlewares ...func(http.
r.Use(middlewares...)
r.Get("/dal/schema/alterations/", h.List)
r.Get("/dal/schema/alterations/{alterationID}", h.Read)
r.Delete("/dal/schema/alterations/{alterationID}", h.Delete)
r.Post("/dal/schema/alterations/{alterationID}/undelete", h.Undelete)
r.Post("/dal/schema/alterations/apply", h.Apply)
r.Post("/dal/schema/alterations/dismiss", h.Dismiss)
})

84
server/system/rest/request/dalSchemaAlteration.go
View File

@ -72,20 +72,6 @@ type (
AlterationID uint64 `json:",string"`
}
DalSchemaAlterationDelete struct {
// AlterationID PATH parameter
//
// Alteration ID
AlterationID uint64 `json:",string"`
}
DalSchemaAlterationUndelete struct {
// AlterationID PATH parameter
//
// Alteration ID
AlterationID uint64 `json:",string"`
}
DalSchemaAlterationApply struct {
// AlterationID GET parameter
//
@ -236,76 +222,6 @@ func (r *DalSchemaAlterationRead) Fill(req *http.Request) (err error) {
return err
}
// NewDalSchemaAlterationDelete request
func NewDalSchemaAlterationDelete() *DalSchemaAlterationDelete {
return &DalSchemaAlterationDelete{}
}
// Auditable returns all auditable/loggable parameters
func (r DalSchemaAlterationDelete) Auditable() map[string]interface{} {
return map[string]interface{}{
"alterationID": r.AlterationID,
}
}
// Auditable returns all auditable/loggable parameters
func (r DalSchemaAlterationDelete) GetAlterationID() uint64 {
return r.AlterationID
}
// Fill processes request and fills internal variables
func (r *DalSchemaAlterationDelete) Fill(req *http.Request) (err error) {
{
var val string
// path params
val = chi.URLParam(req, "alterationID")
r.AlterationID, err = payload.ParseUint64(val), nil
if err != nil {
return err
}
}
return err
}
// NewDalSchemaAlterationUndelete request
func NewDalSchemaAlterationUndelete() *DalSchemaAlterationUndelete {
return &DalSchemaAlterationUndelete{}
}
// Auditable returns all auditable/loggable parameters
func (r DalSchemaAlterationUndelete) Auditable() map[string]interface{} {
return map[string]interface{}{
"alterationID": r.AlterationID,
}
}
// Auditable returns all auditable/loggable parameters
func (r DalSchemaAlterationUndelete) GetAlterationID() uint64 {
return r.AlterationID
}
// Fill processes request and fills internal variables
func (r *DalSchemaAlterationUndelete) Fill(req *http.Request) (err error) {
{
var val string
// path params
val = chi.URLParam(req, "alterationID")
r.AlterationID, err = payload.ParseUint64(val), nil
if err != nil {
return err
}
}
return err
}
// NewDalSchemaAlterationApply request
func NewDalSchemaAlterationApply() *DalSchemaAlterationApply {
return &DalSchemaAlterationApply{}

72
server/system/service/access_control.gen.go generated
View File

@ -500,6 +500,11 @@ func (svc accessControl) List() (out []map[string]string) {
"any": types.ComponentRbacResource(),
"op": "resource-translations.manage",
},
{
"type": types.ComponentResourceType,
"any": types.ComponentRbacResource(),
"op": "dal-schema-alterations.manage",
},
{
"type": types.ComponentResourceType,
"any": types.ComponentRbacResource(),
@ -1112,6 +1117,14 @@ func (svc accessControl) CanManageResourceTranslations(ctx context.Context) bool
return svc.can(ctx, "resource-translations.manage", r)
}
// CanManageDalSchemaAlterations checks if current user can list, search, apply, or dismiss dal alterations
//
// This function is auto-generated
func (svc accessControl) CanManageDalSchemaAlterations(ctx context.Context) bool {
r := &types.Component{}
return svc.can(ctx, "dal-schema-alterations.manage", r)
}
// CanCreateDataPrivacyRequest checks if current user can create data privacy requests
//
// This function is auto-generated
@ -1327,35 +1340,36 @@ func rbacResourceOperations(r string) map[string]bool {
}
case types.ComponentResourceType:
return map[string]bool{
"grant": true,
"action-log.read": true,
"settings.read": true,
"settings.manage": true,
"auth-client.create": true,
"auth-clients.search": true,
"role.create": true,
"roles.search": true,
"user.create": true,
"users.search": true,
"dal-connection.create": true,
"dal-connections.search": true,
"dal-sensitivity-level.manage": true,
"application.create": true,
"applications.search": true,
"application.flag.self": true,
"application.flag.global": true,
"template.create": true,
"templates.search": true,
"report.create": true,
"reports.search": true,
"reminder.assign": true,
"queue.create": true,
"queues.search": true,
"apigw-route.create": true,
"apigw-routes.search": true,
"resource-translations.manage": true,
"data-privacy-request.create": true,
"data-privacy-requests.search": true,
"grant": true,
"action-log.read": true,
"settings.read": true,
"settings.manage": true,
"auth-client.create": true,
"auth-clients.search": true,
"role.create": true,
"roles.search": true,
"user.create": true,
"users.search": true,
"dal-connection.create": true,
"dal-connections.search": true,
"dal-sensitivity-level.manage": true,
"application.create": true,
"applications.search": true,
"application.flag.self": true,
"application.flag.global": true,
"template.create": true,
"templates.search": true,
"report.create": true,
"reports.search": true,
"reminder.assign": true,
"queue.create": true,
"queues.search": true,
"apigw-route.create": true,
"apigw-routes.search": true,
"resource-translations.manage": true,
"dal-schema-alterations.manage": true,
"data-privacy-request.create": true,
"data-privacy-requests.search": true,
}
}

192
server/system/service/dal_schema_alteration.go
View File

@ -31,6 +31,7 @@ type (
}
dalSchemaAlterationAccessController interface {
CanManageDalSchemaAlterations(ctx context.Context) bool
}
)
@ -56,9 +57,9 @@ func (svc dalSchemaAlteration) FindByID(ctx context.Context, dalSchemaAlteration
uaProps.setDalSchemaAlteration(a)
// if !svc.ac.CanReadDalSchemaAlteration(ctx, u) {
// return DalSchemaAlterationErrNotAllowedToRead()
// }
if !svc.ac.CanManageDalSchemaAlterations(ctx) {
return DalSchemaAlterationErrNotAllowedToManage()
}
return nil
}()
@ -74,18 +75,10 @@ func (svc dalSchemaAlteration) Search(ctx context.Context, filter types.DalSchem
uaProps = &dalSchemaAlterationActionProps{filter: &filter}
)
// For each fetched item, store backend will check if it is valid or not
// if !svc.ac.CanReadDalSchemaAlteration(ctx, res) {
// return false, nil
// }
// return true, nil
// }
err = func() error {
// if !svc.ac.CanSearchDalSchemaAlterations(ctx) {
// return DalSchemaAlterationErrNotAllowedToSearch()
// }
if !svc.ac.CanManageDalSchemaAlterations(ctx) {
return DalSchemaAlterationErrNotAllowedToManage()
}
aa, f, err = store.SearchDalSchemaAlterations(ctx, svc.store, filter)
return err
@ -94,77 +87,12 @@ func (svc dalSchemaAlteration) Search(ctx context.Context, filter types.DalSchem
return aa, f, svc.recordAction(ctx, uaProps, DalSchemaAlterationActionSearch, err)
}
func (svc dalSchemaAlteration) DeleteByID(ctx context.Context, dalSchemaAlterationID uint64) (err error) {
var (
u *types.DalSchemaAlteration
uaProps = &dalSchemaAlterationActionProps{dalSchemaAlteration: &types.DalSchemaAlteration{ID: dalSchemaAlterationID}}
)
err = func() (err error) {
if u, err = loadDalSchemaAlteration(ctx, svc.store, dalSchemaAlterationID); err != nil {
return
}
// if !svc.ac.CanDeleteDalSchemaAlteration(ctx, u) {
// return DalSchemaAlterationErrNotAllowedToDelete()
// }
// if err = svc.eventbus.WaitFor(ctx, event.DalSchemaAlterationBeforeDelete(nil, u)); err != nil {
// return
// }
u.DeletedAt = now()
if err = store.UpdateDalSchemaAlteration(ctx, svc.store, u); err != nil {
return
}
// _ = svc.eventbus.WaitFor(ctx, event.DalSchemaAlterationAfterDelete(nil, u))
return nil
}()
return svc.recordAction(ctx, uaProps, DalSchemaAlterationActionDelete, err)
}
func (svc dalSchemaAlteration) UndeleteByID(ctx context.Context, dalSchemaAlterationID uint64) (err error) {
var (
u *types.DalSchemaAlteration
uaProps = &dalSchemaAlterationActionProps{dalSchemaAlteration: &types.DalSchemaAlteration{ID: dalSchemaAlterationID}}
)
err = func() (err error) {
if u, err = loadDalSchemaAlteration(ctx, svc.store, dalSchemaAlterationID); err != nil {
return
}
uaProps.setDalSchemaAlteration(u)
// if err = uniqueDalSchemaAlterationCheck(ctx, svc.store, u); err != nil {
// return err
// }
// if !svc.ac.CanDeleteDalSchemaAlteration(ctx, u) {
// return DalSchemaAlterationErrNotAllowedToDelete()
// }
u.DeletedAt = nil
if err = store.UpdateDalSchemaAlteration(ctx, svc.store, u); err != nil {
return
}
return nil
}()
return svc.recordAction(ctx, uaProps, DalSchemaAlterationActionUndelete, err)
}
// ModelAlterations returns all non deleted, non completed, and non dismissed alterations for the given model
func (svc dalSchemaAlteration) ModelAlterations(ctx context.Context, m *dal.Model) (out []*dal.Alteration, err error) {
return svc.modelAlterations(ctx, svc.store, m)
}
func (svc dalSchemaAlteration) modelAlterations(ctx context.Context, s store.Storer, m *dal.Model) (out []*dal.Alteration, err error) {
// @todo boilerplate code around this
aux, _, err := store.SearchDalSchemaAlterations(ctx, s, types.DalSchemaAlterationFilter{
Resource: []string{m.Resource},
Deleted: filter.StateExcluded,
@ -206,6 +134,10 @@ func (svc dalSchemaAlteration) modelAlterations(ctx context.Context, s store.Sto
return
}
// SetAlterations updates the DB state to reflect the given alterations
//
// This function should only be invoked by internal proceses so it doesn't need
// to check for permissions.
func (svc dalSchemaAlteration) SetAlterations(ctx context.Context, s store.Storer, m *dal.Model, stale []*dal.Alteration, aa ...*dal.Alteration) (err error) {
if len(stale)+len(aa) == 0 {
return
@ -216,8 +148,6 @@ func (svc dalSchemaAlteration) SetAlterations(ctx context.Context, s store.Store
u = intAuth.GetIdentityFromContext(ctx).Identity()
)
// @todo boilerplate code around this
// @todo this won't work entirely; if someone defines a dal connection to the same DSN as the primary one,
// they can easily bypass this.
// We'll need to do some checking on the DSN; potentially when defining the connection itself.
@ -295,48 +225,71 @@ func (svc dalSchemaAlteration) SetAlterations(ctx context.Context, s store.Store
}
func (svc dalSchemaAlteration) Apply(ctx context.Context, ids ...uint64) (err error) {
// @todo boilerplate (RBAC and such); we might have special RBAC rules for this;
// originally, we wanted to hook into ComposeModule resource (or any resource that defined a model)
aux, _, err := store.SearchDalSchemaAlterations(ctx, svc.store, types.DalSchemaAlterationFilter{
AlterationID: id.Strings(ids...),
})
if err != nil {
return
}
var (
uaProps = &dalSchemaAlterationActionProps{}
)
alts := svc.appliableAlterations(aux...)
pkgAlts, err := svc.toPkgAlterations(ctx, alts...)
if err != nil {
return
}
errors, err := svc.dal.ApplyAlteration(ctx, pkgAlts...)
if err != nil {
return
}
for i, e := range errors {
if e != nil {
aux[i].Error = e.Error()
} else {
aux[i].CompletedAt = now()
aux[i].CompletedBy = intAuth.GetIdentityFromContext(ctx).Identity()
err = func() (err error) {
if !svc.ac.CanManageDalSchemaAlterations(ctx) {
return DalSchemaAlterationErrNotAllowedToManage()
}
}
err = store.UpdateDalSchemaAlteration(ctx, svc.store, aux...)
if err != nil {
return
}
aux, _, err := store.SearchDalSchemaAlterations(ctx, svc.store, types.DalSchemaAlterationFilter{
AlterationID: id.Strings(ids...),
})
if err != nil {
return
}
alts := svc.appliableAlterations(aux...)
pkgAlts, err := svc.toPkgAlterations(ctx, alts...)
if err != nil {
return
}
ii := make([]uint64, len(alts))
for i, a := range alts {
ii[i] = a.ID
}
uaProps.setApply(ii)
errors, err := svc.dal.ApplyAlteration(ctx, pkgAlts...)
if err != nil {
return
}
for i, e := range errors {
if e != nil {
aux[i].Error = e.Error()
} else {
aux[i].CompletedAt = now()
aux[i].CompletedBy = intAuth.GetIdentityFromContext(ctx).Identity()
}
}
err = store.UpdateDalSchemaAlteration(ctx, svc.store, aux...)
if err != nil {
return
}
return svc.reloadAlteredModels(ctx, svc.store, alts)
}()
return svc.recordAction(ctx, uaProps, DalSchemaAlterationActionApply, err)
return svc.reloadAlteredModels(ctx, svc.store, alts)
}
func (svc dalSchemaAlteration) Dismiss(ctx context.Context, ids ...uint64) (err error) {
// @todo boilerplate (RBAC and such); we might have special RBAC rules for this;
// originally, we wanted to hook into ComposeModule resource (or any resource that defined a model)
var (
uaProps = &dalSchemaAlterationActionProps{}
)
err = store.Tx(ctx, svc.store, func(ctx context.Context, s store.Storer) (err error) {
if !svc.ac.CanManageDalSchemaAlterations(ctx) {
return DalSchemaAlterationErrNotAllowedToManage()
}
return store.Tx(ctx, svc.store, func(ctx context.Context, s store.Storer) (err error) {
alt, _, err := store.SearchDalSchemaAlterations(ctx, s, types.DalSchemaAlterationFilter{
AlterationID: id.Strings(ids...),
})
@ -344,6 +297,13 @@ func (svc dalSchemaAlteration) Dismiss(ctx context.Context, ids ...uint64) (err
return
}
ii := make([]uint64, len(alt))
for i, a := range alt {
ii[i] = a.ID
}
uaProps.setApply(ii)
alt = svc.appliableAlterations(alt...)
identity := intAuth.GetIdentityFromContext(ctx).Identity()
for _, a := range alt {
@ -359,6 +319,8 @@ func (svc dalSchemaAlteration) Dismiss(ctx context.Context, ids ...uint64) (err
return svc.reloadAlteredModels(ctx, s, alt)
})
return svc.recordAction(ctx, uaProps, DalSchemaAlterationActionDismiss, err)
}
func (svc dalSchemaAlteration) appliableAlterations(aa ...*types.DalSchemaAlteration) (out types.DalSchemaAlterationSet) {

273
server/system/service/dal_schema_alteration_actions.gen.go generated
View File

@ -23,7 +23,8 @@ type (
dalSchemaAlterationActionProps struct {
dalSchemaAlteration *types.DalSchemaAlteration
new *types.DalSchemaAlteration
update *types.DalSchemaAlteration
apply []uint64
dismiss []uint64
existing *types.DalSchemaAlteration
filter *types.DalSchemaAlterationFilter
}
@ -71,12 +72,21 @@ func (p *dalSchemaAlterationActionProps) setNew(new *types.DalSchemaAlteration)
return p
}
// setUpdate updates dalSchemaAlterationActionProps's update
// setApply updates dalSchemaAlterationActionProps's apply
//
// This function is auto-generated.
//
func (p *dalSchemaAlterationActionProps) setUpdate(update *types.DalSchemaAlteration) *dalSchemaAlterationActionProps {
p.update = update
func (p *dalSchemaAlterationActionProps) setApply(apply []uint64) *dalSchemaAlterationActionProps {
p.apply = apply
return p
}
// setDismiss updates dalSchemaAlterationActionProps's dismiss
//
// This function is auto-generated.
//
func (p *dalSchemaAlterationActionProps) setDismiss(dismiss []uint64) *dalSchemaAlterationActionProps {
p.dismiss = dismiss
return p
}
@ -113,9 +123,8 @@ func (p dalSchemaAlterationActionProps) Serialize() actionlog.Meta {
if p.new != nil {
m.Set("new.ID", p.new.ID, true)
}
if p.update != nil {
m.Set("update.ID", p.update.ID, true)
}
m.Set("apply", p.apply, true)
m.Set("dismiss", p.dismiss, true)
if p.existing != nil {
m.Set("existing.ID", p.existing.ID, true)
}
@ -178,18 +187,8 @@ func (p dalSchemaAlterationActionProps) Format(in string, err error) string {
)
pairs = append(pairs, "{{new.ID}}", fns(p.new.ID))
}
if p.update != nil {
// replacement for "{{update}}" (in order how fields are defined)
pairs = append(
pairs,
"{{update}}",
fns(
p.update.ID,
),
)
pairs = append(pairs, "{{update.ID}}", fns(p.update.ID))
}
pairs = append(pairs, "{{apply}}", fns(p.apply))
pairs = append(pairs, "{{dismiss}}", fns(p.dismiss))
if p.existing != nil {
// replacement for "{{existing}}" (in order how fields are defined)
@ -277,6 +276,46 @@ func DalSchemaAlterationActionSearch(props ...*dalSchemaAlterationActionProps) *
return a
}
// DalSchemaAlterationActionApply returns "system:dal-schema-alteration.apply" action
//
// This function is auto-generated.
//
func DalSchemaAlterationActionApply(props ...*dalSchemaAlterationActionProps) *dalSchemaAlterationAction {
a := &dalSchemaAlterationAction{
timestamp: time.Now(),
resource: "system:dal-schema-alteration",
action: "apply",
log: "applied {{dalSchemaAlteration}}",
severity: actionlog.Info,
}
if len(props) > 0 {
a.props = props[0]
}
return a
}
// DalSchemaAlterationActionDismiss returns "system:dal-schema-alteration.dismiss" action
//
// This function is auto-generated.
//
func DalSchemaAlterationActionDismiss(props ...*dalSchemaAlterationActionProps) *dalSchemaAlterationAction {
a := &dalSchemaAlterationAction{
timestamp: time.Now(),
resource: "system:dal-schema-alteration",
action: "dismiss",
log: "dismissed {{dalSchemaAlteration}}",
severity: actionlog.Info,
}
if len(props) > 0 {
a.props = props[0]
}
return a
}
// DalSchemaAlterationActionLookup returns "system:dal-schema-alteration.lookup" action
//
// This function is auto-generated.
@ -297,46 +336,6 @@ func DalSchemaAlterationActionLookup(props ...*dalSchemaAlterationActionProps) *
return a
}
// DalSchemaAlterationActionDelete returns "system:dal-schema-alteration.delete" action
//
// This function is auto-generated.
//
func DalSchemaAlterationActionDelete(props ...*dalSchemaAlterationActionProps) *dalSchemaAlterationAction {
a := &dalSchemaAlterationAction{
timestamp: time.Now(),
resource: "system:dal-schema-alteration",
action: "delete",
log: "deleted {{dalSchemaAlteration}}",
severity: actionlog.Notice,
}
if len(props) > 0 {
a.props = props[0]
}
return a
}
// DalSchemaAlterationActionUndelete returns "system:dal-schema-alteration.undelete" action
//
// This function is auto-generated.
//
func DalSchemaAlterationActionUndelete(props ...*dalSchemaAlterationActionProps) *dalSchemaAlterationAction {
a := &dalSchemaAlterationAction{
timestamp: time.Now(),
resource: "system:dal-schema-alteration",
action: "undelete",
log: "undeleted {{dalSchemaAlteration}}",
severity: actionlog.Notice,
}
if len(props) > 0 {
a.props = props[0]
}
return a
}
// *********************************************************************************************************************
// *********************************************************************************************************************
// Error constructors
@ -445,12 +444,12 @@ func DalSchemaAlterationErrInvalidID(mm ...*dalSchemaAlterationActionProps) *err
return e
}
// DalSchemaAlterationErrNotAllowedToRead returns "system:dal-schema-alteration.notAllowedToRead" as *errors.Error
// DalSchemaAlterationErrNotAllowedToManage returns "system:dal-schema-alteration.notAllowedToManage" as *errors.Error
//
//
// This function is auto-generated.
//
func DalSchemaAlterationErrNotAllowedToRead(mm ...*dalSchemaAlterationActionProps) *errors.Error {
func DalSchemaAlterationErrNotAllowedToManage(mm ...*dalSchemaAlterationActionProps) *errors.Error {
var p = &dalSchemaAlterationActionProps{}
if len(mm) > 0 {
p = mm[0]
@ -459,162 +458,18 @@ func DalSchemaAlterationErrNotAllowedToRead(mm ...*dalSchemaAlterationActionProp
var e = errors.New(
errors.KindInternal,
p.Format("not allowed to read this dal schema alteration", nil),
p.Format("not allowed to manage DAL schema alterations", nil),
errors.Meta("type", "notAllowedToRead"),
errors.Meta("type", "notAllowedToManage"),
errors.Meta("resource", "system:dal-schema-alteration"),
// action log entry; no formatting, it will be applied inside recordAction fn.
errors.Meta(dalSchemaAlterationLogMetaKey{}, "failed to read {{dalSchemaAlteration.ID}}; insufficient permissions"),
errors.Meta(dalSchemaAlterationLogMetaKey{}, "failed to manage DAL schema alterations; insufficient permissions"),
errors.Meta(dalSchemaAlterationPropsMetaKey{}, p),
// translation namespace & key
errors.Meta(locale.ErrorMetaNamespace{}, "system"),
errors.Meta(locale.ErrorMetaKey{}, "dal-schema-alteration.errors.notAllowedToRead"),
errors.StackSkip(1),
)
if len(mm) > 0 {
}
return e
}
// DalSchemaAlterationErrNotAllowedToSearch returns "system:dal-schema-alteration.notAllowedToSearch" as *errors.Error
//
//
// This function is auto-generated.
//
func DalSchemaAlterationErrNotAllowedToSearch(mm ...*dalSchemaAlterationActionProps) *errors.Error {
var p = &dalSchemaAlterationActionProps{}
if len(mm) > 0 {
p = mm[0]
}
var e = errors.New(
errors.KindInternal,
p.Format("not allowed to list or search dal schema alterations", nil),
errors.Meta("type", "notAllowedToSearch"),
errors.Meta("resource", "system:dal-schema-alteration"),
// action log entry; no formatting, it will be applied inside recordAction fn.
errors.Meta(dalSchemaAlterationLogMetaKey{}, "failed to search for dal schema alterations; insufficient permissions"),
errors.Meta(dalSchemaAlterationPropsMetaKey{}, p),
// translation namespace & key
errors.Meta(locale.ErrorMetaNamespace{}, "system"),
errors.Meta(locale.ErrorMetaKey{}, "dal-schema-alteration.errors.notAllowedToSearch"),
errors.StackSkip(1),
)
if len(mm) > 0 {
}
return e
}
// DalSchemaAlterationErrNotAllowedToListUsers returns "system:dal-schema-alteration.notAllowedToListUsers" as *errors.Error
//
//
// This function is auto-generated.
//
func DalSchemaAlterationErrNotAllowedToListUsers(mm ...*dalSchemaAlterationActionProps) *errors.Error {
var p = &dalSchemaAlterationActionProps{}
if len(mm) > 0 {
p = mm[0]
}
var e = errors.New(
errors.KindInternal,
p.Format("not allowed to list dal schema alterations", nil),
errors.Meta("type", "notAllowedToListUsers"),
errors.Meta("resource", "system:dal-schema-alteration"),
// action log entry; no formatting, it will be applied inside recordAction fn.
errors.Meta(dalSchemaAlterationLogMetaKey{}, "failed to list dalSchemaAlteration; insufficient permissions"),
errors.Meta(dalSchemaAlterationPropsMetaKey{}, p),
// translation namespace & key
errors.Meta(locale.ErrorMetaNamespace{}, "system"),
errors.Meta(locale.ErrorMetaKey{}, "dal-schema-alteration.errors.notAllowedToListUsers"),
errors.StackSkip(1),
)
if len(mm) > 0 {
}
return e
}
// DalSchemaAlterationErrNotAllowedToDelete returns "system:dal-schema-alteration.notAllowedToDelete" as *errors.Error
//
//
// This function is auto-generated.
//
func DalSchemaAlterationErrNotAllowedToDelete(mm ...*dalSchemaAlterationActionProps) *errors.Error {
var p = &dalSchemaAlterationActionProps{}
if len(mm) > 0 {
p = mm[0]
}
var e = errors.New(
errors.KindInternal,
p.Format("not allowed to delete this dal schema alteration", nil),
errors.Meta("type", "notAllowedToDelete"),
errors.Meta("resource", "system:dal-schema-alteration"),
// action log entry; no formatting, it will be applied inside recordAction fn.
errors.Meta(dalSchemaAlterationLogMetaKey{}, "failed to delete {{dalSchemaAlteration.ID}}; insufficient permissions"),
errors.Meta(dalSchemaAlterationPropsMetaKey{}, p),
// translation namespace & key
errors.Meta(locale.ErrorMetaNamespace{}, "system"),
errors.Meta(locale.ErrorMetaKey{}, "dal-schema-alteration.errors.notAllowedToDelete"),
errors.StackSkip(1),
)
if len(mm) > 0 {
}
return e
}
// DalSchemaAlterationErrNotAllowedToUndelete returns "system:dal-schema-alteration.notAllowedToUndelete" as *errors.Error
//
//
// This function is auto-generated.
//
func DalSchemaAlterationErrNotAllowedToUndelete(mm ...*dalSchemaAlterationActionProps) *errors.Error {
var p = &dalSchemaAlterationActionProps{}
if len(mm) > 0 {
p = mm[0]
}
var e = errors.New(
errors.KindInternal,
p.Format("not allowed to undelete this dal schema alteration", nil),
errors.Meta("type", "notAllowedToUndelete"),
errors.Meta("resource", "system:dal-schema-alteration"),
// action log entry; no formatting, it will be applied inside recordAction fn.
errors.Meta(dalSchemaAlterationLogMetaKey{}, "failed to undelete {{dalSchemaAlteration.ID}}; insufficient permissions"),
errors.Meta(dalSchemaAlterationPropsMetaKey{}, p),
// translation namespace & key
errors.Meta(locale.ErrorMetaNamespace{}, "system"),
errors.Meta(locale.ErrorMetaKey{}, "dal-schema-alteration.errors.notAllowedToUndelete"),
errors.Meta(locale.ErrorMetaKey{}, "dal-schema-alteration.errors.notAllowedToManage"),
errors.StackSkip(1),
)

43
server/system/service/dal_schema_alteration_actions.yaml
View File

@ -19,9 +19,10 @@ props:
- name: new
type: "*types.DalSchemaAlteration"
fields: [ ID ]
- name: update
type: "*types.DalSchemaAlteration"
fields: [ ID ]
- name: apply
type: "[]uint64"
- name: dismiss
type: "[]uint64"
- name: existing
type: "*types.DalSchemaAlteration"
fields: [ ID ]
@ -34,16 +35,18 @@ actions:
log: "searched for matching dalSchemaAlterations"
severity: info
- action: apply
log: "applied {{dalSchemaAlteration}}"
severity: info
- action: dismiss
log: "dismissed {{dalSchemaAlteration}}"
severity: info
- action: lookup
log: "looked-up for a {{dalSchemaAlteration}}"
severity: info
- action: delete
log: "deleted {{dalSchemaAlteration}}"
- action: undelete
log: "undeleted {{dalSchemaAlteration}}"
errors:
- error: notFound
message: "dalSchemaAlteration not found"
@ -53,22 +56,6 @@ errors:
message: "invalid ID"
severity: warning
- error: notAllowedToRead
message: "not allowed to read this dal schema alteration"
log: "failed to read {{dalSchemaAlteration.ID}}; insufficient permissions"
- error: notAllowedToSearch
message: "not allowed to list or search dal schema alterations"
log: "failed to search for dal schema alterations; insufficient permissions"
- error: notAllowedToListUsers
message: "not allowed to list dal schema alterations"
log: "failed to list dalSchemaAlteration; insufficient permissions"
- error: notAllowedToDelete
message: "not allowed to delete this dal schema alteration"
log: "failed to delete {{dalSchemaAlteration.ID}}; insufficient permissions"
- error: notAllowedToUndelete
message: "not allowed to undelete this dal schema alteration"
log: "failed to undelete {{dalSchemaAlteration.ID}}; insufficient permissions"
- error: notAllowedToManage
message: "not allowed to manage DAL schema alterations"
log: "failed to manage DAL schema alterations; insufficient permissions"