[Fusionforge-commits] r9833 - trunk/gforge/db

Roland Mas lolando at libremir.placard.fr.eu.org
Fri May 21 09:55:48 CEST 2010


Author: lolando
Date: 2010-05-21 09:55:48 +0200 (Fri, 21 May 2010)
New Revision: 9833

Modified:
   trunk/gforge/db/20100518-pfo-rbac.sql
Log:
Implemented old-to-new conversion in a PL/pgSQL function

Modified: trunk/gforge/db/20100518-pfo-rbac.sql
===================================================================
--- trunk/gforge/db/20100518-pfo-rbac.sql	2010-05-21 07:55:35 UTC (rev 9832)
+++ trunk/gforge/db/20100518-pfo-rbac.sql	2010-05-21 07:55:48 UTC (rev 9833)
@@ -58,17 +58,183 @@
 CREATE OR REPLACE FUNCTION insert_pfo_role_setting (role_id integer, section_name text, ref_id integer, perm_val integer) RETURNS void AS $$
 BEGIN
 	-- RAISE NOTICE 'insert_pfo_role_setting (%,%,%,%)', role_id, section_name, ref_id, perm_val ;
-	INSERT INTO pfo_role_setting VALUES (role_id, section_name, ref_id, perm_val) ;
+	IF perm_val != 0 THEN
+	   INSERT INTO pfo_role_setting VALUES (role_id, section_name, ref_id, perm_val) ;
+	END IF ;
 END ;
 $$ LANGUAGE plpgsql ;
 
 CREATE OR REPLACE FUNCTION migrate_rbac_permissions_to_pfo_rbac () RETURNS void AS $$
 DECLARE
-	os role_setting%ROWTYPE ;
+	r role%ROWTYPE ;
 	nrid integer := 0 ;
 	nsec text := '' ;
 	nref integer := 0 ;
 	nval integer := 0 ;
+	opid integer := 0 ;
+BEGIN
+	FOR r IN SELECT * FROM role
+	LOOP
+		SELECT role_id INTO nrid FROM pfo_role WHERE old_role_id = r.role_id ;
+		SELECT group_id INTO opid FROM role WHERE role_id = r.role_id ;
+
+		PERFORM insert_pfo_role_setting (nrid, 'project_read', opid, 1) ;
+
+		nsec = 'project_admin' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+
+		nsec = 'forge_admin' ;
+		nref = -1 ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'approve_news' ;
+		nref = -1 ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'forge_stats' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+
+		nsec = 'tracker_admin' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'new_tracker' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'tracker' ;
+		FOR nref IN SELECT group_artifact_id FROM artifact_group_list WHERE group_id = opid
+		LOOP
+			nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+			PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		END LOOP ;
+
+		nsec = 'pm_admin' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'new_pm' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'pm' ;
+		FOR nref IN SELECT group_project_id FROM project_group_list WHERE group_id = opid
+		LOOP
+			nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+			PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		END LOOP ;
+
+		nsec = 'forum_admin' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'new_forum' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'forum' ;
+		FOR nref IN SELECT group_forum_id FROM forum_group_list WHERE group_id = opid
+		LOOP
+			nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+			PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		END LOOP ;
+
+		nsec = 'docman' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'scm' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'frs' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'webcal' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		nsec = 'plugin_mediawiki_edit' ;
+		nref = opid ;
+		nval = pfo_rbac_permissions_from_old (r.role_id, nsec, nref) ;
+		PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		
+	END LOOP ;
+
+END ;
+$$ LANGUAGE plpgsql ;
+
+CREATE OR REPLACE FUNCTION migrate_role_observer_to_pfo_rbac () RETURNS void AS $$
+DECLARE
+	g groups%ROWTYPE ;
+	t artifact_group_list%ROWTYPE ;
+	f forum_group_list%ROWTYPE ;
+	p project_group_list%ROWTYPE ;
+	need_loggedin boolean := false ;
+BEGIN
+	FOR g IN SELECT * FROM groups WHERE is_public = 1
+	LOOP
+		INSERT INTO role_project_refs VALUES (1, g.group_id) ;
+		PERFORM insert_pfo_role_setting (1, 'project_read', g.group_id, 1) ;
+
+		IF g.enable_anonscm = 1 THEN
+		   PERFORM insert_pfo_role_setting (1, 'scm', g.group_id, 1) ;
+		END IF ;
+
+		FOR t IN SELECT * FROM artifact_group_list WHERE group_id = g.group_id AND is_public = 1
+		LOOP
+			IF t.allow_anon = 1 THEN
+			   PERFORM insert_pfo_role_setting (1, 'tracker', t.group_artifact_id, 1) ;
+			ELSE
+			   need_loggedin = true ;
+			   PERFORM insert_pfo_role_setting (2, 'tracker', t.group_artifact_id, 1) ;
+			END IF ;
+		END LOOP ;
+		
+		FOR p IN SELECT * FROM project_group_list WHERE group_id = g.group_id AND is_public = 1
+		LOOP
+			PERFORM insert_pfo_role_setting (1, 'pm', p.group_project_id, 1) ;
+		END LOOP ;
+		
+		FOR f IN SELECT * FROM forum_group_list WHERE group_id = g.group_id AND is_public = 1
+		LOOP
+			IF f.allow_anonymous = 1 THEN
+			   IF f.moderation_level = 0 THEN
+			      PERFORM insert_pfo_role_setting (1, 'forum', f.group_forum_id, 3) ;
+			   ELSE
+			      PERFORM insert_pfo_role_setting (1, 'forum', f.group_forum_id, 2) ;
+			   END IF ;
+			ELSE
+			   need_loggedin = true ;
+			   IF f.moderation_level = 0 THEN
+			      PERFORM insert_pfo_role_setting (2, 'forum', f.group_forum_id, 3) ;
+			   ELSE
+			      PERFORM insert_pfo_role_setting (2, 'forum', f.group_forum_id, 2) ;
+			   END IF ;
+			END IF ;
+		END LOOP ;
+		
+		IF need_loggedin THEN
+		   INSERT INTO role_project_refs VALUES (2, g.group_id) ;
+		END IF ;
+
+	END LOOP ;
+
+END ;
+$$ LANGUAGE plpgsql ;
+
+CREATE OR REPLACE FUNCTION pfo_rbac_permissions_from_old (rid integer, nsec text, nref integer) RETURNS integer AS $$
+DECLARE
+	os role_setting%ROWTYPE ;
+	onsec text ;
+	onref integer ;
+	onval integer ;
+	r pfo_role%ROWTYPE ;
 	mastergroupid integer := 1 ;
 	newsgroupid integer := 0 ;
 	statsgroupid integer := 0 ;
@@ -78,202 +244,162 @@
 	SELECT group_id INTO newsgroupid FROM groups WHERE unix_group_name = 'newsadmin' ;
 	SELECT group_id INTO statsgroupid FROM groups WHERE unix_group_name = 'stats' ;
 
-	INSERT INTO pfo_role_setting (SELECT role_id, 'project_read', home_group_id, 1 FROM pfo_role WHERE home_group_id IS NOT NULL) ;
+	SELECT * INTO r FROM pfo_role WHERE old_role_id = rid ;
 
-	FOR os IN SELECT * FROM role_setting ORDER BY role_id, section_name, ref_id
+	IF nsec = 'project_read' AND nref = r.home_group_id THEN
+	   RETURN 1 ;
+	END IF ;
+
+	FOR os IN SELECT * FROM role_setting WHERE role_id = rid ORDER BY role_id, section_name, ref_id
 	LOOP
-		SELECT role_id INTO nrid FROM pfo_role WHERE old_role_id = os.role_id ;
 		SELECT group_id INTO opid FROM role WHERE role_id = os.role_id ;
-		-- RAISE NOTICE '% > %, %/%/%', os.role_id, nrid, os.section_name, os.ref_id, os.value ;
 
 		IF os.section_name = 'projectadmin' THEN
 		   CONTINUE WHEN os.value != 'A' ;
-		   nsec = 'project_admin' ;
-		   nref = opid ;
-		   nval = 1 ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = 'project_admin' AND nref = opid THEN
+		      RETURN 1 ;
+		   END IF ;
 		   
-		   nref = -1 ;
-		   IF opid = mastergroupid THEN
-		   	  nsec = 'forge_admin' ;
-		   	  PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = 'forge_admin' AND nref = -1 AND opid = mastergroupid THEN
+		      RETURN 1 ;
 		   END IF ;
-		   IF opid = newsgroupid THEN
-		   	  nsec = 'approve_news' ;
-		   	  PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = 'approve_news' AND nref = -1 AND opid = newsgroupid THEN
+		      RETURN 1 ;
 		   END IF ;
-		   IF opid = statsgroupid THEN
-		   	  nsec = 'forge_stats' ;
-		   	  PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = 'forge_stats' AND nref = -1 AND opid = statsgroupid THEN
+		      RETURN 1 ;
 		   END IF ;
 
 		ELSIF os.section_name IN ('trackeradmin', 'pmadmin', 'forumadmin') THEN
 		   CONTINUE WHEN os.value != '2' ;
-		   nsec = CASE WHEN os.section_name = 'trackeradmin' THEN 'tracker_admin'
+		   onsec = CASE WHEN os.section_name = 'trackeradmin' THEN 'tracker_admin'
 		   	       WHEN os.section_name = 'pmadmin' THEN 'pm_admin'
 		   	       WHEN os.section_name = 'forumadmin' THEN 'forum_admin' END ;
-		   nref = opid ;
-		   nval = 1 ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = opid THEN
+		      RETURN 1 ;
+		   END IF ;
 
 		ELSIF os.section_name IN ('tracker', 'newtracker') THEN
 		   CONTINUE WHEN os.value = '-1' ;
-		   nsec = CASE WHEN os.section_name = 'tracker' THEN os.section_name
+		   onsec = CASE WHEN os.section_name = 'tracker' THEN os.section_name
 		   	       WHEN os.section_name = 'newtracker' THEN 'new_tracker' END ;
-		   nref = CASE WHEN os.section_name = 'tracker' THEN os.ref_id
+		   onref = CASE WHEN os.section_name = 'tracker' THEN os.ref_id
 		   	       WHEN os.section_name = 'newtracker' THEN opid END ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' THEN 3
 		   	       WHEN os.value = '2' THEN 7
 		   	       WHEN os.value = '3' THEN 5 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name IN ('pm', 'newpm') THEN
 		   CONTINUE WHEN os.value = '-1' ;
-		   nsec = CASE WHEN os.section_name = 'pm' THEN os.section_name
+		   onsec = CASE WHEN os.section_name = 'pm' THEN os.section_name
 		   	       WHEN os.section_name = 'newpm' THEN 'new_pm' END ;
-		   nref = CASE WHEN os.section_name = 'pm' THEN os.ref_id
+		   onref = CASE WHEN os.section_name = 'pm' THEN os.ref_id
 		   	       WHEN os.section_name = 'newpm' THEN opid END ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' THEN 3
 		   	       WHEN os.value = '2' THEN 7
 		   	       WHEN os.value = '3' THEN 5 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'forum' THEN
 		   CONTINUE WHEN os.value = '-1' ;
-		   nsec = os.section_name ;
-		   nref = os.ref_id ;
-		   SELECT moderation_level INTO tmp FROM forum_group_list WHERE group_forum_id = nref ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onsec = os.section_name ;
+		   onref = os.ref_id ;
+		   SELECT moderation_level INTO tmp FROM forum_group_list WHERE group_forum_id = onref ;
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' AND tmp >= 2 THEN 2
 		   	       WHEN os.value = '1' AND tmp <= 1 THEN 3
 		   	       WHEN os.value = '2' THEN 4 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'newforum' THEN
 		   CONTINUE WHEN os.value = '-1' ;
-		   nsec = 'new_forum' ;
-		   nref = opid ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onsec = 'new_forum' ;
+		   onref = opid ;
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' THEN 2
 		   	       WHEN os.value = '2' THEN 4 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'docman' THEN
-		   nsec = os.section_name ;
-		   nref = opid ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onsec = os.section_name ;
+		   onref = opid ;
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' THEN 4 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'frs' THEN
-		   nsec = os.section_name ;
-		   nref = opid ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onsec = os.section_name ;
+		   onref = opid ;
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' THEN 3 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'scm' THEN
 		   CONTINUE WHEN os.value = '-1' ;
-		   nsec = os.section_name ;
-		   nref = opid ;
-		   nval = CASE WHEN os.value = '0' THEN 1
+		   onsec = os.section_name ;
+		   onref = opid ;
+		   onval = CASE WHEN os.value = '0' THEN 1
 		   	       WHEN os.value = '1' THEN 2 END ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'webcal' THEN
 		   CONTINUE WHEN os.value = '0' ;
-		   nsec = os.section_name ;
-		   nref = opid ;
-		   nval = os.value ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   onsec = os.section_name ;
+		   onref = opid ;
+		   onval = os.value ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSIF os.section_name = 'plugin_mediawiki_edit' THEN
 		   CONTINUE WHEN os.value = '0' ;
-		   nsec = os.section_name ;
-		   nref = opid ;
-		   nval = os.value ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   onsec = os.section_name ;
+		   onref = opid ;
+		   onval = os.value ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		ELSE
 		   RAISE EXCEPTION 'Unknown setting % for role %', os.section_name, os.role_id ;
 		   CONTINUE WHEN os.value = '0' ;
-		   nsec = os.section_name ;
-		   nref = os.ref_id ;
-		   nval = os.value::integer ;
-		   PERFORM insert_pfo_role_setting (nrid, nsec, nref, nval) ;
+		   onsec = os.section_name ;
+		   onref = os.ref_id ;
+		   onval = os.value::integer ;
+		   IF nsec = onsec AND nref = onref THEN
+		      RETURN onval ;
+		   END IF ;
 
 		END IF ;
 
 	END LOOP ;
 
-END ;
-$$ LANGUAGE plpgsql ;
+	RETURN 0 ;
 
-CREATE OR REPLACE FUNCTION migrate_role_observer_to_pfo_rbac () RETURNS void AS $$
-DECLARE
-	g groups%ROWTYPE ;
-	t artifact_group_list%ROWTYPE ;
-	f forum_group_list%ROWTYPE ;
-	p project_group_list%ROWTYPE ;
-	need_loggedin boolean := false ;
-BEGIN
-	FOR g IN SELECT * FROM groups WHERE is_public = 1
-	LOOP
-		INSERT INTO role_project_refs VALUES (1, g.group_id) ;
-		PERFORM insert_pfo_role_setting (1, 'project_read', g.group_id, 1) ;
-
-		IF g.enable_anonscm = 1 THEN
-		   PERFORM insert_pfo_role_setting (1, 'scm', g.group_id, 1) ;
-		END IF ;
-
-		FOR t IN SELECT * FROM artifact_group_list WHERE group_id = g.group_id AND is_public = 1
-		LOOP
-			IF t.allow_anon = 1 THEN
-			   PERFORM insert_pfo_role_setting (1, 'tracker', t.group_artifact_id, 1) ;
-			ELSE
-			   need_loggedin = true ;
-			   PERFORM insert_pfo_role_setting (2, 'tracker', t.group_artifact_id, 1) ;
-			END IF ;
-		END LOOP ;
-		
-		FOR p IN SELECT * FROM project_group_list WHERE group_id = g.group_id AND is_public = 1
-		LOOP
-			PERFORM insert_pfo_role_setting (1, 'pm', p.group_project_id, 1) ;
-		END LOOP ;
-		
-		FOR f IN SELECT * FROM forum_group_list WHERE group_id = g.group_id AND is_public = 1
-		LOOP
-			IF f.allow_anonymous = 1 THEN
-			   IF f.moderation_level = 0 THEN
-			      PERFORM insert_pfo_role_setting (1, 'forum', f.group_forum_id, 3) ;
-			   ELSE
-			      PERFORM insert_pfo_role_setting (1, 'forum', f.group_forum_id, 2) ;
-			   END IF ;
-			ELSE
-			   need_loggedin = true ;
-			   IF f.moderation_level = 0 THEN
-			      PERFORM insert_pfo_role_setting (2, 'forum', f.group_forum_id, 3) ;
-			   ELSE
-			      PERFORM insert_pfo_role_setting (2, 'forum', f.group_forum_id, 2) ;
-			   END IF ;
-			END IF ;
-		END LOOP ;
-		
-		IF need_loggedin THEN
-		   INSERT INTO role_project_refs VALUES (2, g.group_id) ;
-		END IF ;
-
-	END LOOP ;
-
 END ;
 $$ LANGUAGE plpgsql ;
 
-
 SELECT migrate_rbac_permissions_to_pfo_rbac () ;
--- SELECT g.unix_group_name, r.role_name, s.section_name, s.ref_id, s.perm_val FROM groups g, pfo_role r, pfo_role_setting s WHERE g.group_id = r.home_group_id AND r.role_id = s.role_id ORDER BY s.role_id, s.ref_id ;
+-- SELECT g.unix_group_name, r.role_name, s.section_name, s.ref_id, s.perm_val, pfo_rbac_permissions_from_old(r.old_role_id,s.section_name,s.ref_id) as calc FROM groups g, pfo_role r, pfo_role_setting s WHERE g.group_id = r.home_group_id AND r.role_id = s.role_id ORDER BY s.section_name, s.role_id, s.ref_id ;
 
+
 SELECT migrate_role_observer_to_pfo_rbac () ;
 -- SELECT r.role_name, s.section_name, s.ref_id, s.perm_val FROM pfo_role r, pfo_role_setting s WHERE r.home_group_id IS NULL AND r.role_id = s.role_id ORDER BY s.role_id, s.ref_id ;
 -- SELECT count(*) FROM pfo_role_setting ;




More information about the Fusionforge-commits mailing list