Highlights:
AAM-1069 - Getting issue details... STATUS
AAM-1078 - Getting issue details... STATUS
AAM-1085 - Getting issue details... STATUS
AAM-1048 - Getting issue details... STATUS
Bug fixes:
AAM-1074 - Getting issue details... STATUS
Stories:
AAM-1069 - Getting issue details... STATUS
AAM-1078 - Getting issue details... STATUS
Tasks:
AAM-1085 - Getting issue details... STATUS
AAM-1048 - Getting issue details... STATUS
AAM-1075 - Getting issue details... STATUS
AAM-1083 - Getting issue details... STATUS
AAM-1071 - Getting issue details... STATUS
SQL Fixes:
AAM-1069: As a project admin I want to shield archive entities in Asta 7 to only give access to the correct users
alter table field add if not exists create_index bool;
update field set create_index = false;
alter table field alter column create_index set not null;
alter table entity_structure add if not exists create_index bool;
update entity_structure set create_index = true;
alter table entity_structure alter column create_index set not null;
do $$
declare
r record;
ps varchar[] := array ['READ', 'WRITE'];
p varchar;
role varchar;
begin
for r in select id FROM project where archive_initialized = true
loop
execute 'create table if not exists ' || r.id || '.content_access_group
(
_amid uuid default uuid_generate_v4() not null
unique,
created timestamp,
created_by varchar,
updated timestamp,
updated_by varchar,
security_model_name varchar,
id uuid default uuid_generate_v1mc() not null
primary key,
name varchar(36) not null
unique,
description varchar
)';
execute 'alter table ' || r.id || '.content_access_group owner to "archive-manager"';
execute 'create table if not exists ' || r.id || '.content_screening
(
_amid uuid default uuid_generate_v4() not null
unique,
created timestamp,
created_by varchar,
updated timestamp,
updated_by varchar,
id uuid default uuid_generate_v1mc() not null
primary key,
cag_id uuid not null
constraint fk_ccb0a488_a9a9_4162_a149_494ab3ce7dd9
references ' || r.id || '.content_access_group
deferrable initially deferred,
object_id uuid not null,
table_name_reference varchar not null,
scope varchar not null,
level integer not null,
parent_screening_id uuid
constraint fk_9a653aaa_aa8c_4bf9_a69a_9452f876aa75
references ' || r.id || '.content_screening
deferrable initially deferred,
field_names varchar(2000)
)';
execute 'alter table ' || r.id || '.content_screening owner to "archive-manager"';
execute 'create index if not exists index_b49d524e_8148_43aa_9615_b653e50bb633 on ' || r.id ||
'.content_screening (object_id)';
end loop;
end;
$$
do $$
declare
r record;
ps varchar[] := array ['READ', 'WRITE'];
p varchar;
role varchar;
grp varchar;
i int;
begin
for r in select id FROM project where archive_initialized = true
loop
foreach p in array ps
loop
role := format('am|project|%s|CONTENT_SCREENING_%s', r.id, p);
execute format('insert into keycloak.keycloak_role values (%L, ''archive-manager'', false, null,
%L, ''archive-manager'', null, null) on conflict do nothing', uuid_generate_v4(), role);
grp := format('am|project|%s|ADMIN', r.id);
execute format('select count(*) from keycloak.keycloak_group where name = %L', grp) into i;
if i > 0 then
execute format('insert into keycloak.group_role_mapping
values ((select id from keycloak.keycloak_role where name = %L),
(select id from keycloak.keycloak_group where name = %L)) on conflict do nothing', role, grp);
end if;
end loop;
execute format('select count(*) from %s.coding_scheme where name = %L', r.id, 'security') into i;
if i > 0 then
execute format('insert into %s.code_table ("_amid", name, cs_name, created)
values (''c20f0ff2-8119-4f3a-b350-fe81a44ccb92'', ''contentScreeningScope'', ''security'', now())
on conflict do nothing', r.id);
execute format('INSERT INTO %s.code_value (_amid, code, value, ct_name, uid)
VALUES (''347e584a-a9d1-4766-9147-70e307360213'', ''100'', ''Kan ikke gjøre noe'', ''contentScreeningScope'',
''c68170c4-c231-47a6-a57d-a0f05d7a9390'')
on conflict do nothing', r.id);
execute format('INSERT INTO %s.code_value (_amid, code, value, ct_name, uid)
VALUES (''5a114ba7-a31a-4a42-aa8b-7d532904ad0f'', ''90'', ''Kan lese felt'', ''contentScreeningScope'',
''d58a5738-a033-4323-8034-620ba3cf3040'')
on conflict do nothing', r.id);
execute format('INSERT INTO %s.code_value (_amid, code, value, ct_name, uid)
VALUES (''38b23289-7dcf-4a76-bce5-69a2dde2c910'', ''80'', ''Kan lese'', ''contentScreeningScope'',
''b6b0b2f4-d7cd-4a55-9b5f-66d5f0eef624'')
on conflict do nothing', r.id);
execute format('INSERT INTO %s.code_value (_amid, code, value, ct_name, uid)
VALUES (''76677f95-5107-471f-9ba9-6b71d912b204'', ''70'', ''Kan lese felt og skrive felt'', ''contentScreeningScope'',
''c77a1264-2879-482f-84c2-afe2f04d7e11'')
on conflict do nothing', r.id);
execute format('INSERT INTO %s.code_value (_amid, code, value, ct_name, uid)
VALUES (''cbef8ba9-44ff-4c99-897f-64f8661e7aaa'', ''60'', ''Kan lese og skrive felt'', ''contentScreeningScope'',
''e2f44a13-55cd-4c84-9fd7-7f53f3e22911'')
on conflict do nothing', r.id);
execute format('INSERT INTO %s.code_value (_amid, code, value, ct_name, uid)
VALUES (''b8d03172-c516-4b89-84dc-1e29313e69c0'', ''50'', ''Kan lese og skrive'', ''contentScreeningScope'',
''a3675c2b-6e66-46cf-af34-e84e23b79aca'')
on conflict do nothing', r.id);
end if;
end loop;
end;
$$
2. AAM-1078: As an Asta 7 user I want a set of predefined restrictions to select from when setting up a new restriction
update system_template set template_id = 'd10f1600-00db-4733-b4f5-858feb69103f' where name = 'SECURITY_MODULE';
do $$
declare
r record;
begin
for r in select id FROM project where archive_initialized = true
loop
execute 'alter table if exists ' || r.id || '.restriction add column if not exists is_predefined_for_suggestion boolean null';
execute 'alter table if exists ' || r.id || '.restriction alter column name type varchar(1000)';
end loop;
end; $$
3. AAM-1085: Add startdato & sluttdato on PARTICIPANT_MODULE template AKTOR_RELASJON entity
update system_template set template_id = 'ccff22f4-d532-4d1b-add5-5427d1044e09' where name = 'PARTICIPANT_MODULE';
do $$
declare
r record;
begin
for r in select id FROM project where archive_initialized = true
loop
execute 'alter table if exists ' || r.id || '.aktor_relasjon add column if not exists startdato varchar null';
execute 'alter table if exists ' || r.id || '.aktor_relasjon add column if not exists sluttdato varchar null';
execute 'alter table if exists ' || r.id || '.aktor_relasjon drop column if exists object_reference';
end loop;
end; $$
4. AAM-1074: DROP CONSTRAINT PKEY error during import when using two child entities with generated PK's in template
do $$
declare
r record;
sql varchar;
begin
for r in SELECT
tc.table_schema,
tc.constraint_name,
tc.table_name,
kcu.column_name,
ccu.table_schema AS foreign_table_schema,
ccu.table_name AS foreign_table_name,
ccu.column_name AS foreign_column_name
FROM
information_schema.table_constraints AS tc
JOIN information_schema.key_column_usage AS kcu
ON tc.constraint_name = kcu.constraint_name
AND tc.table_schema = kcu.table_schema
JOIN information_schema.constraint_column_usage AS ccu
ON ccu.constraint_name = tc.constraint_name
AND ccu.table_schema = tc.table_schema
WHERE tc.constraint_type = 'FOREIGN KEY' and tc.table_schema in (select id from project where archive_initialized = true)
loop
sql := 'alter table ' || r.table_schema || '.' || r.table_name ||' drop constraint if exists '|| r.constraint_name;
-- raise notice '%', sql;
execute sql;
end loop;
for r in select schemaname, tablename, indexname from pg_indexes where schemaname in (select id from project where archive_initialized = true) and indexname like 'index%'
loop
sql := 'drop index if exists ' || r.schemaname || '.' || r.indexname;
execute sql;
-- raise notice '%', sql;
end loop;
end;
$$;
How to Upgrade
Upload the latest
SECURITY_MODULEandPARTICIPANT_MODULEtemplates in your current version (most likely 1.38) of Asta7.Upgrade to 1.39.1
Go to the asta7 directory and run the following script
4. Restart the keycloak and gui-server containers
docker restart am-keycloak gui-server
After Asta7 is up and running import an empty file in all the initialized projects. You should also delete the old SECURITY_MODULE and PARTICIPANT_MODULE templates.
How to Run SQL Fixes Manually
Copy the SQL fixes to a file, let’s assume the file name is
upgrade.sql.Copy the
upgrade.sqlfile to the Postgres containerdocker cp /path_to_file/upgrade.sql am-postgres:/tmp
Run the
upgrade.sqlfile using the Postgres shell, with the default credentials the command would bedocker exec -e PGPASSWORD=archive-manager am-postgres psql -U archive-manager am_db -f /tmp/upgrade.sql