Merge pull request #1003 from NASA-AMMOS/feat/users-table

Users Table

db-tests/src/test/java/gov/nasa/jpl/aerie/database/MerlinDatabaseTestHelper.java

@@ -7,8 +7,24 @@
 final class MerlinDatabaseTestHelper {
   private final Connection connection;
 
-  MerlinDatabaseTestHelper(Connection connection) {
+  MerlinDatabaseTestHelper(Connection connection) throws SQLException {
     this.connection = connection;
+    insertUser("Merlin DB Tests");
+  }
+
+  void insertUser(final String username) throws SQLException {
+    insertUser(username, "admin");
+  }
+
+  void insertUser(final String username, final String defaultRole) throws SQLException {
+    try (final var statement = connection.createStatement()) {
+      statement.execute(
+              """
+              INSERT INTO metadata.users (username, default_role)
+              VALUES ('%s', '%s');
+              """.formatted(username, defaultRole)
+          );
+    }
   }
 
   int insertFileUpload() throws SQLException {
@@ -32,7 +48,7 @@ int insertMissionModel(final int fileId) throws SQLException {
           .executeQuery(
               """
                   INSERT INTO mission_model (name, mission, owner, version, jar_id)
-                  VALUES ('test-mission-model-%s', 'test-mission', 'tester', '0', %s)
+                  VALUES ('test-mission-model-%s', 'test-mission', 'Merlin DB Tests', '0', %s)
                   RETURNING id;"""
                   .formatted(UUID.randomUUID().toString(), fileId)
           );

db-tests/src/test/java/gov/nasa/jpl/aerie/database/PlanCollaborationTests.java

@@ -80,6 +80,10 @@ void beforeAll() throws SQLException, IOException, InterruptedException {
     helper.startDatabase();
     connection = helper.connection();
     merlinHelper = new MerlinDatabaseTestHelper(connection);
+    merlinHelper.insertUser("PlanCollaborationTests");
+    merlinHelper.insertUser("PlanCollaborationTests Reviewer");
+    merlinHelper.insertUser("PlanCollaborationTests Requester");
+    merlinHelper.insertUser("TagsTest");
   }
 
   @AfterAll
@@ -104,7 +108,7 @@ private void updateActivityName(String newName, int activityId, int planId) thro
   int duplicatePlan(final int planId, final String newPlanName) throws SQLException {
     try (final var statement = connection.createStatement()) {
       final var res = statement.executeQuery("""
-        select duplicate_plan(%s, '%s', 'DBTests') as id;
+        select duplicate_plan(%s, '%s', 'PlanCollaborationTests') as id;
       """.formatted(planId, newPlanName));
       res.next();
       return res.getInt("id");

db-tests/src/test/java/gov/nasa/jpl/aerie/database/TagsTests.java

@@ -75,6 +75,7 @@ void beforeAll() throws SQLException, IOException, InterruptedException {
     helper.startDatabase();
     setConnection(helper);
     merlinHelper = new MerlinDatabaseTestHelper(connection);
+    merlinHelper.insertUser("TagsTest");
   }
 
   @AfterAll

deployment/hasura/metadata/databases/AerieMerlin/tables/metadata/user_roles.yaml

@@ -0,0 +1,17 @@
+table:
+  name: user_roles
+  schema: metadata
+configuration:
+  custom_name: "user_roles"
+is_enum: true
+select_permissions:
+  - role: user
+    permission:
+      columns: [role, description]
+      filter: {}
+      allow_aggregations: true
+  - role: viewer
+    permission:
+      columns: [role, description]
+      filter: {}
+      allow_aggregations: true

deployment/hasura/metadata/databases/AerieMerlin/tables/metadata/users.yaml

@@ -0,0 +1,16 @@
+table:
+  name: users
+  schema: metadata
+configuration:
+  custom_name: "users"
+select_permissions:
+  - role: user
+    permission:
+      columns: [username]
+      filter: {}
+      allow_aggregations: true
+  - role: viewer
+    permission:
+      columns: [username]
+      filter: {}
+      allow_aggregations: true

deployment/hasura/metadata/databases/AerieMerlin/tables/metadata/users_allowed_roles.yaml

@@ -0,0 +1,16 @@
+table:
+  name: users_allowed_roles
+  schema: metadata
+configuration:
+  custom_name: "users_allowed_roles"
+select_permissions:
+  - role: user
+    permission:
+      columns: [username, allowed_role]
+      filter: {"username":{"_eq":"X-Hasura-User-Id"}}
+      allow_aggregations: true
+  - role: viewer
+    permission:
+      columns: [username, allowed_role]
+      filter: {"username":{"_eq":"X-Hasura-User-Id"}}
+      allow_aggregations: true

deployment/hasura/metadata/databases/AerieMerlin/tables/metadata/users_and_roles_view.yaml

@@ -0,0 +1,16 @@
+table:
+  name: users_and_roles
+  schema: metadata
+configuration:
+  custom_name: "users_and_roles"
+select_permissions:
+  - role: user
+    permission:
+      columns: [username, hasura_default_role, hasura_allowed_roles]
+      filter: {"username":{"_eq":"X-Hasura-User-Id"}}
+      allow_aggregations: false
+  - role: viewer
+    permission:
+      columns: [ username, hasura_default_role, hasura_allowed_roles ]
+      filter: { "username": { "_eq": "X-Hasura-User-Id" } }
+      allow_aggregations: false

deployment/hasura/metadata/databases/AerieMerlin/tables/tables.yaml

@@ -48,3 +48,7 @@
 - "!include metadata/activity_directive_tags.yaml"
 - "!include metadata/constraint_tags.yaml"
 - "!include metadata/plan_tags.yaml"
+- "!include metadata/users_allowed_roles.yaml"
+- "!include metadata/user_roles.yaml"
+- "!include metadata/users.yaml"
+- "!include metadata/users_and_roles_view.yaml"

deployment/hasura/metadata/databases/AerieUI/tables/public_view.yaml

@@ -22,7 +22,7 @@ insert_permissions:
 update_permissions:
   - role: user
     permission:
-      columns: [definition, name]
+      columns: [definition, name, owner]
       filter: {"owner":{"_eq":"x-hasura-user-id"}}
 delete_permissions:
   - role: user

deployment/hasura/migrations/AerieMerlin/19_users/down.sql

@@ -0,0 +1,139 @@
+--------------- TABLES ---------------
+-- MERGE REQUEST
+comment on column merge_request.requester_username is null;
+comment on column merge_request.reviewer_username is null;
+
+alter table public.merge_request
+  drop constraint merge_request_reviewer_exists,
+  drop constraint merge_request_requester_exists;
+update public.merge_request
+  set requester_username = ''
+  where requester_username is null;
+alter table public.merge_request
+  alter column requester_username set not null;
+
+comment on column merge_request.requester_username is e''
+  'The username of the user who created this merge request.';
+comment on column merge_request.reviewer_username is e''
+  'The username of the user who reviews this merge request. Is empty until the request enters review.';
+
+-- MERGE REQUEST COMMENT
+comment on column merge_request_comment.commenter_username is null;
+
+alter table public.merge_request_comment
+  drop constraint merge_request_commenter_exists,
+  alter column commenter_username set default '';
+update public.merge_request_comment
+  set commenter_username = default
+  where commenter_username is null;
+alter table public.merge_request_comment
+  alter column commenter_username set not null;
+
+comment on column merge_request_comment.commenter_username is e''
+  'The username of the user who left this comment.';
+
+-- SIMULATION TEMPLATE
+alter table public.simulation_template
+  drop constraint simulation_template_owner_exists,
+  alter column owner set default '';
+
+update simulation_template
+  set owner = default
+  where owner is null;
+
+alter table public.simulation_template
+  alter column owner set not null;
+
+-- SIMULATION DATASET
+alter table simulation_dataset
+  drop constraint simulation_dataset_requested_by_exists,
+  alter column requested_by set default '';
+
+update simulation_dataset
+  set requested_by = default
+  where requested_by is null;
+
+alter table simulation_dataset
+  alter column requested_by set not null;
+
+-- PLAN COLLABORATORS
+alter table public.plan_collaborators
+  drop constraint plan_collaborator_collaborator_fkey;
+
+-- PLAN
+alter table public.plan
+  drop constraint plan_updated_by_exists,
+  drop constraint plan_owner_exists,
+  alter column updated_by set default '',
+  alter column owner set default '';
+
+update public.plan
+  set owner = default
+  where owner is null;
+update public.plan
+  set updated_by = default
+  where updated_by is null;
+
+alter table public.plan
+  alter column updated_by set not null,
+  alter column owner set not null;
+
+-- MISSION MODEL
+alter table public.mission_model
+  drop constraint mission_model_owner_exists;
+
+-- CONSTRAINTS
+alter table public."constraint"
+  drop constraint constraint_updated_by_exists,
+  drop constraint constraint_owner_exists,
+  alter column updated_by set default '',
+  alter column owner set default '';
+update public."constraint"
+  set owner = default
+  where owner is null;
+update public."constraint"
+  set updated_by = default
+  where updated_by is null;
+alter table public."constraint"
+  alter column updated_by drop not null,
+  alter column owner set not null;
+
+-- ACTIVITY PRESETS
+alter table public.activity_presets
+  drop constraint activity_presets_owner_exists,
+  alter column owner set default '';
+update public.activity_presets
+  set owner = default
+  where owner is null;
+alter table public.activity_presets
+  alter column owner set not null;
+
+-- TAGS
+alter table metadata.tags
+  drop constraint tags_owner_exists,
+  alter column owner set default '';
+update metadata.tags
+  set owner = default
+  where owner is null;
+alter table metadata.tags
+  alter column owner set not null;
+
+-- USERS AND ROLES VIEW
+comment on view metadata.users_and_roles is null;
+drop view metadata.users_and_roles;
+
+-- USERS ALLOWED ROLES
+comment on table metadata.users_allowed_roles is null;
+drop table metadata.users_allowed_roles;
+
+-- USERS
+comment on column metadata.users.default_role is null;
+comment on column metadata.users.username is null;
+comment on table metadata.users is null;
+drop table metadata.users;
+
+-- USER ROLES
+comment on table metadata.user_roles is null;
+drop table metadata.user_roles;
+
+call migrations.mark_migration_rolled_back('19');