From: Lucas Werkmeister <mail@lucaswerkmeister.de>
Date: Sat, 25 Feb 2017 12:31:24 +0000 (+0100)
Subject: upd: terminology in database
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=248c19aee75f896005872549b65f17701ded1fd2;ds=sidebyside

upd: terminology in database

The userGroup enum is updated to remove all assurance terms, and also
remove the (unused) arbitrator role entirely.

Since PostgreSQL offers no way to rename or drop enum values, we create
a new enum, migrate the table to it and then drop the old enum.

Change-Id: I200c2b0463ded9d75b2e963d5a02bfc25326b357
---

diff --git a/src/club/wpia/gigi/database/DatabaseConnection.java b/src/club/wpia/gigi/database/DatabaseConnection.java
index 0d595707..26449809 100644
--- a/src/club/wpia/gigi/database/DatabaseConnection.java
+++ b/src/club/wpia/gigi/database/DatabaseConnection.java
@@ -122,7 +122,7 @@ public class DatabaseConnection {
 
     }
 
-    public static final int CURRENT_SCHEMA_VERSION = 26;
+    public static final int CURRENT_SCHEMA_VERSION = 27;
 
     public static final int CONNECTION_TIMEOUT = 24 * 60 * 60;
 
diff --git a/src/club/wpia/gigi/database/tableStructure.sql b/src/club/wpia/gigi/database/tableStructure.sql
index 304d85d9..57825338 100644
--- a/src/club/wpia/gigi/database/tableStructure.sql
+++ b/src/club/wpia/gigi/database/tableStructure.sql
@@ -328,7 +328,7 @@ CREATE TABLE IF NOT EXISTS "arbitrations" (
 DROP TABLE IF EXISTS "user_groups";
 
 DROP TYPE IF EXISTS "userGroup";
-CREATE TYPE "userGroup" AS enum('supporter','arbitrator','blockedassuree','blockedassurer','blockedlogin','ttp-assurer','ttp-applicant', 'codesigning', 'orgassurer', 'blockedcert', 'nucleus-assurer', 'locate-agent', 'verify-notification');
+CREATE TYPE "userGroup" AS enum('supporter','blocked-applicant','blocked-agent','blocked-login','ttp-agent','ttp-applicant', 'codesigning', 'org-agent', 'blocked-cert', 'nucleus-agent', 'locate-agent', 'verify-notification');
 
 CREATE TABLE IF NOT EXISTS "user_groups" (
   "id" serial NOT NULL,
@@ -375,7 +375,7 @@ CREATE TABLE "schemeVersion" (
   "version" smallint NOT NULL,
   PRIMARY KEY ("version")
 );
-INSERT INTO "schemeVersion" (version)  VALUES(26);
+INSERT INTO "schemeVersion" (version)  VALUES(27);
 
 DROP TABLE IF EXISTS `passwordResetTickets`;
 CREATE TABLE `passwordResetTickets` (
diff --git a/src/club/wpia/gigi/database/upgrade/from_26.sql b/src/club/wpia/gigi/database/upgrade/from_26.sql
new file mode 100644
index 00000000..98445015
--- /dev/null
+++ b/src/club/wpia/gigi/database/upgrade/from_26.sql
@@ -0,0 +1,15 @@
+DELETE FROM "user_groups" WHERE "permission" = 'arbitrator'::"userGroup";
+
+ALTER TYPE "userGroup" RENAME TO "oldUserGroup";
+CREATE TYPE "userGroup" AS enum('supporter','blocked-agent','blocked-applicant','blocked-login','ttp-agent','ttp-applicant', 'codesigning', 'org-agent', 'blocked-cert', 'nucleus-agent', 'locate-agent', 'verify-notification');
+ALTER TABLE "user_groups" ALTER COLUMN "permission" SET DATA TYPE "userGroup" USING
+    CASE "permission" WHEN 'blockedassurer' THEN 'blocked-agent'::"userGroup"
+                      WHEN 'blockedassuree' THEN 'blocked-applicant'::"userGroup"
+                      WHEN 'ttp-assurer' THEN 'ttp-agent'::"userGroup"
+                      WHEN 'orgassurer' THEN 'org-agent'::"userGroup"
+                      WHEN 'nucleus-assurer' THEN 'nucleus-agent'::"userGroup"
+                      WHEN 'blockedcert' THEN 'blocked-cert'::"userGroup"
+                      WHEN 'blockedlogin' THEN 'blocked-login'::"userGroup"
+                      ELSE "permission"::text::"userGroup"
+    END;
+DROP TYPE "oldUserGroup";
diff --git a/src/club/wpia/gigi/dbObjects/Group.java b/src/club/wpia/gigi/dbObjects/Group.java
index 1acc461b..778c46e0 100644
--- a/src/club/wpia/gigi/dbObjects/Group.java
+++ b/src/club/wpia/gigi/dbObjects/Group.java
@@ -8,16 +8,15 @@ import club.wpia.gigi.output.template.TranslateCommand;
 
 public enum Group implements DBEnum {
     SUPPORTER("supporter", "supporter", true, false, true), //
-    ARBITRATOR("arbitrator", "arbitrator", true, false, true), //
-    BLOCKEDASSURER("blockedassurer", "may not verify", true, false, false), //
-    BLOCKEDASSUREE("blockedassuree", "may not be verified", true, false, false), //
-    BLOCKEDLOGIN("blockedlogin", "may not login", true, false, false), //
-    BLOCKEDCERT("blockedcert", "may not issue certificates", true, false, false), //
-    TTP_ASSURER("ttp-assurer", "may verify via TTP", true, false, true), //
+    BLOCKED_AGENT("blocked-agent", "may not verify", true, false, false), //
+    BLOCKED_APPLICANT("blocked-applicant", "may not be verified", true, false, false), //
+    BLOCKED_LOGIN("blocked-login", "may not login", true, false, false), //
+    BLOCKED_CERT("blocked-cert", "may not issue certificates", true, false, false), //
+    TTP_AGENT("ttp-agent", "may verify via TTP", true, false, true), //
     TTP_APPLICANT("ttp-applicant", "requests to be verified via ttp", false, true, false), //
     CODESIGNING("codesigning", "may issue codesigning certificates", true, false, false), //
-    ORGASSURER("orgassurer", "may verify organisations", true, false, true), //
-    NUCLEUS_ASSURER("nucleus-assurer", "may enter nucleus verifications", true, false, true), //
+    ORG_AGENT("org-agent", "may verify organisations", true, false, true), //
+    NUCLEUS_AGENT("nucleus-agent", "may enter nucleus verifications", true, false, true), //
     LOCATE_AGENT("locate-agent", "wants access to the locate agent system", false, true, false), //
     VERIFY_NOTIFICATION("verify-notification", "wants to receive an email notification for any Verification they enter", false, true, false);
 
diff --git a/src/club/wpia/gigi/dbObjects/Organisation.java b/src/club/wpia/gigi/dbObjects/Organisation.java
index 1e8a38d4..c47a7837 100644
--- a/src/club/wpia/gigi/dbObjects/Organisation.java
+++ b/src/club/wpia/gigi/dbObjects/Organisation.java
@@ -67,7 +67,7 @@ public class Organisation extends CertificateOwner {
     private String postalAddress;
 
     public Organisation(String name, Country country, String province, String city, String email, String optionalName, String postalAddress, User creator) throws GigiApiException {
-        if ( !creator.isInGroup(Group.ORGASSURER)) {
+        if ( !creator.isInGroup(Group.ORG_AGENT)) {
             throw new GigiApiException("Only Organisation RA Agents may create organisations.");
         }
         if (country == null) {
@@ -148,7 +148,7 @@ public class Organisation extends CertificateOwner {
         if ( !admin.canVerify()) {
             throw new GigiApiException("Cannot add person who is not RA Agent.");
         }
-        if ( !actor.isInGroup(Group.ORGASSURER) && !isMaster(actor)) {
+        if ( !actor.isInGroup(Group.ORG_AGENT) && !isMaster(actor)) {
             throw new GigiApiException("Only Organisation RA Agents or Organisation Administrators may add admins to an organisation.");
         }
         try (GigiPreparedStatement ps1 = new GigiPreparedStatement("SELECT 1 FROM `org_admin` WHERE `orgid`=? AND `memid`=? AND `deleted` IS NULL")) {
@@ -169,7 +169,7 @@ public class Organisation extends CertificateOwner {
     }
 
     public void removeAdmin(User admin, User actor) throws GigiApiException {
-        if ( !actor.isInGroup(Group.ORGASSURER) && !isMaster(actor)) {
+        if ( !actor.isInGroup(Group.ORG_AGENT) && !isMaster(actor)) {
             throw new GigiApiException("Only Organisation RA Agents or Organisation Administrators may delete admins from an organisation.");
         }
         try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE org_admin SET deleter=?, deleted=NOW() WHERE orgid=? AND memid=?")) {
diff --git a/src/club/wpia/gigi/pages/LoginPage.java b/src/club/wpia/gigi/pages/LoginPage.java
index f4418891..69b93863 100644
--- a/src/club/wpia/gigi/pages/LoginPage.java
+++ b/src/club/wpia/gigi/pages/LoginPage.java
@@ -188,7 +188,7 @@ public class LoginPage extends Page {
         return uc;
     }
 
-    private static final Group LOGIN_BLOCKED = Group.BLOCKEDLOGIN;
+    private static final Group LOGIN_BLOCKED = Group.BLOCKED_LOGIN;
 
     private void loginSession(HttpServletRequest req, User user) {
         if (user.isInGroup(LOGIN_BLOCKED)) {
diff --git a/src/club/wpia/gigi/pages/account/certs/CertificateAdd.java b/src/club/wpia/gigi/pages/account/certs/CertificateAdd.java
index d628c588..c04dcb3b 100644
--- a/src/club/wpia/gigi/pages/account/certs/CertificateAdd.java
+++ b/src/club/wpia/gigi/pages/account/certs/CertificateAdd.java
@@ -24,6 +24,6 @@ public class CertificateAdd extends ManagedFormPage {
 
     @Override
     public boolean isPermitted(AuthorizationContext ac) {
-        return super.isPermitted(ac) && !ac.isInGroup(Group.BLOCKEDCERT);
+        return super.isPermitted(ac) && !ac.isInGroup(Group.BLOCKED_CERT);
     }
 }
diff --git a/src/club/wpia/gigi/pages/admin/TTPAdminPage.java b/src/club/wpia/gigi/pages/admin/TTPAdminPage.java
index d3c1c590..3e7c4e86 100644
--- a/src/club/wpia/gigi/pages/admin/TTPAdminPage.java
+++ b/src/club/wpia/gigi/pages/admin/TTPAdminPage.java
@@ -90,6 +90,6 @@ public class TTPAdminPage extends Page {
 
     @Override
     public boolean isPermitted(AuthorizationContext ac) {
-        return ac != null && ac.isInGroup(Group.TTP_ASSURER);
+        return ac != null && ac.isInGroup(Group.TTP_AGENT);
     }
 }
diff --git a/src/club/wpia/gigi/pages/orga/CreateOrgPage.java b/src/club/wpia/gigi/pages/orga/CreateOrgPage.java
index a4f129a2..4eab3d6e 100644
--- a/src/club/wpia/gigi/pages/orga/CreateOrgPage.java
+++ b/src/club/wpia/gigi/pages/orga/CreateOrgPage.java
@@ -12,7 +12,7 @@ import club.wpia.gigi.util.AuthorizationContext;
 
 public class CreateOrgPage extends ManagedFormPage {
 
-    public static final Group ORG_AGENT = Group.ORGASSURER;
+    public static final Group ORG_AGENT = Group.ORG_AGENT;
 
     public static final String DEFAULT_PATH = "/orga/new";
 
diff --git a/src/club/wpia/gigi/util/Notary.java b/src/club/wpia/gigi/util/Notary.java
index a619da53..da807522 100644
--- a/src/club/wpia/gigi/util/Notary.java
+++ b/src/club/wpia/gigi/util/Notary.java
@@ -55,9 +55,9 @@ public class Notary {
         }
     }
 
-    public static final Group AGENT_BLOCKED = Group.BLOCKEDASSURER;
+    public static final Group AGENT_BLOCKED = Group.BLOCKED_AGENT;
 
-    public static final Group APPLICANT_BLOCKED = Group.BLOCKEDASSUREE;
+    public static final Group APPLICANT_BLOCKED = Group.BLOCKED_APPLICANT;
 
     public static final Group VERIFY_NOTIFICATION = Group.VERIFY_NOTIFICATION;
 
@@ -207,12 +207,12 @@ public class Notary {
         }
 
         if (t == VerificationType.NUCLEUS) {
-            if ( !agent.isInGroup(Group.NUCLEUS_ASSURER)) {
+            if ( !agent.isInGroup(Group.NUCLEUS_AGENT)) {
                 throw new GigiApiException("RA Agent needs to be Nucleus RA Agent.");
             }
             return;
         } else if (t == VerificationType.TTP_ASSISTED) {
-            if ( !agent.isInGroup(Group.TTP_ASSURER)) {
+            if ( !agent.isInGroup(Group.TTP_AGENT)) {
                 throw new GigiApiException("RA Agent needs to be TTP RA Agent.");
             }
             if ( !applicant.isInGroup(Group.TTP_APPLICANT)) {
diff --git a/tests/club/wpia/gigi/TestOrga.java b/tests/club/wpia/gigi/TestOrga.java
index 2c08c309..73b294f3 100644
--- a/tests/club/wpia/gigi/TestOrga.java
+++ b/tests/club/wpia/gigi/TestOrga.java
@@ -18,13 +18,13 @@ public class TestOrga extends BusinessTest {
     @Test
     public void testAddRm() throws GigiApiException, IOException {
         User u1 = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u1.grantGroup(getSupporter(), Group.ORGASSURER);
+        u1.grantGroup(getSupporter(), Group.ORG_AGENT);
         User u2 = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u2.grantGroup(getSupporter(), Group.ORGASSURER);
+        u2.grantGroup(getSupporter(), Group.ORG_AGENT);
         User u3 = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u3.grantGroup(getSupporter(), Group.ORGASSURER);
+        u3.grantGroup(getSupporter(), Group.ORG_AGENT);
         User u4 = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@email.org", TEST_PASSWORD));
-        u4.grantGroup(getSupporter(), Group.ORGASSURER);
+        u4.grantGroup(getSupporter(), Group.ORG_AGENT);
         Organisation o1 = new Organisation("name", Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "prov", "city", "email", "optional name", "postal address", u1);
         assertEquals(0, o1.getAllAdmins().size());
         o1.addAdmin(u2, u1, false);
diff --git a/tests/club/wpia/gigi/TestUserGroupMembership.java b/tests/club/wpia/gigi/TestUserGroupMembership.java
index d0e7a2bf..4ecd38f5 100644
--- a/tests/club/wpia/gigi/TestUserGroupMembership.java
+++ b/tests/club/wpia/gigi/TestUserGroupMembership.java
@@ -20,7 +20,7 @@ import club.wpia.gigi.testUtils.BusinessTest;
 
 public class TestUserGroupMembership extends BusinessTest {
 
-    private final Group ttpGroup = Group.TTP_ASSURER;
+    private final Group ttpGroup = Group.TTP_AGENT;
 
     private final Group supporter = Group.SUPPORTER;
 
diff --git a/tests/club/wpia/gigi/api/IssueCert.java b/tests/club/wpia/gigi/api/IssueCert.java
index 757e50a7..5c4791e5 100644
--- a/tests/club/wpia/gigi/api/IssueCert.java
+++ b/tests/club/wpia/gigi/api/IssueCert.java
@@ -88,7 +88,7 @@ public class IssueCert extends ClientTest {
     @Test
     public void testIssueOrgCert() throws Exception {
         makeAgent(id);
-        u.grantGroup(getSupporter(), Group.ORGASSURER);
+        u.grantGroup(getSupporter(), Group.ORG_AGENT);
 
         Organisation o1 = new Organisation("name", Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "pr", "st", "test@mail", "", "", u);
         o1.addAdmin(u, u, false);
diff --git a/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java b/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java
index 2e3c3862..d518dea4 100644
--- a/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java
+++ b/tests/club/wpia/gigi/pages/wot/TestTTPAdmin.java
@@ -33,7 +33,7 @@ public class TestTTPAdmin extends ClientTest {
 
     public void testTTPAdmin(boolean hasRight) throws IOException, GigiApiException {
         if (hasRight) {
-            grant(u, Group.TTP_ASSURER);
+            grant(u, Group.TTP_AGENT);
         }
         grant(u, TTPAdminPage.TTP_APPLICANT);
         cookie = login(u.getEmail(), TEST_PASSWORD);
diff --git a/tests/club/wpia/gigi/testUtils/OrgTest.java b/tests/club/wpia/gigi/testUtils/OrgTest.java
index 949bd2d1..6a0c4d1c 100644
--- a/tests/club/wpia/gigi/testUtils/OrgTest.java
+++ b/tests/club/wpia/gigi/testUtils/OrgTest.java
@@ -12,7 +12,7 @@ public class OrgTest extends ClientTest {
 
     public OrgTest() throws IOException, GigiApiException {
         makeAgent(u.getId());
-        u.grantGroup(getSupporter(), Group.ORGASSURER);
+        u.grantGroup(getSupporter(), Group.ORG_AGENT);
         clearCaches();
         cookie = login(email, TEST_PASSWORD);
     }
diff --git a/tests/club/wpia/gigi/testUtils/RestrictedApiTest.java b/tests/club/wpia/gigi/testUtils/RestrictedApiTest.java
index 3a0f4515..37adb6be 100644
--- a/tests/club/wpia/gigi/testUtils/RestrictedApiTest.java
+++ b/tests/club/wpia/gigi/testUtils/RestrictedApiTest.java
@@ -43,7 +43,7 @@ public class RestrictedApiTest extends ClientTest {
         initEnvironment();
         try {
             User u = User.getById(createVerificationUser("f", "l", createUniqueName() + "@email.com", TEST_PASSWORD));
-            grant(u, Group.ORGASSURER);
+            grant(u, Group.ORG_AGENT);
             clearCaches();
             u = User.getById(u.getId());
             selfOrg = new Organisation(Organisation.SELF_ORG_NAME, Country.getCountryByCode("DE", CountryCodeType.CODE_2_CHARS), "NA", "NA", "contact@example.org", "", "", u);
diff --git a/tests/club/wpia/gigi/util/TestNotary.java b/tests/club/wpia/gigi/util/TestNotary.java
index 45217fd8..4028ebda 100644
--- a/tests/club/wpia/gigi/util/TestNotary.java
+++ b/tests/club/wpia/gigi/util/TestNotary.java
@@ -135,7 +135,7 @@ public class TestNotary extends BusinessTest {
     @Test
     public void testNucleus() throws SQLException, GigiApiException, IOException {
         User agent = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
-        agent.grantGroup(getSupporter(), Group.NUCLEUS_ASSURER);
+        agent.grantGroup(getSupporter(), Group.NUCLEUS_AGENT);
         User applicant = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
         Name n1 = applicant.getPreferredName();
         Name n2 = new Name(applicant, new NamePart(NamePartType.FIRST_NAME, "F2"), new NamePart(NamePartType.LAST_NAME, "L2"));
@@ -157,9 +157,9 @@ public class TestNotary extends BusinessTest {
     @Test
     public void testNucleusProcess() throws SQLException, GigiApiException, IOException {
         User agent1 = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
-        agent1.grantGroup(getSupporter(), Group.NUCLEUS_ASSURER);
+        agent1.grantGroup(getSupporter(), Group.NUCLEUS_AGENT);
         User agent2 = User.getById(createVerificationUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
-        agent2.grantGroup(getSupporter(), Group.NUCLEUS_ASSURER);
+        agent2.grantGroup(getSupporter(), Group.NUCLEUS_AGENT);
         User applicant = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.org", TEST_PASSWORD));
         Notary.verify(agent1, applicant, applicant.getPreferredName(), applicant.getDoB(), 50, "test", validVerificationDateString(), VerificationType.NUCLEUS, DE);
         Notary.verify(agent2, applicant, applicant.getPreferredName(), applicant.getDoB(), 50, "test", validVerificationDateString(), VerificationType.NUCLEUS, DE);
diff --git a/util-testing/club/wpia/gigi/pages/Manager.templ b/util-testing/club/wpia/gigi/pages/Manager.templ
index 7cef1608..e63552d4 100644
--- a/util-testing/club/wpia/gigi/pages/Manager.templ
+++ b/util-testing/club/wpia/gigi/pages/Manager.templ
@@ -18,15 +18,14 @@ Email: <input type="text" name="email"/>
 </td><td>
 <select name="priv">
 <option>supporter</option>
-<option>arbitrator</option>
-<option>blockedassuree</option>
-<option>blockedassurer</option>
-<option>blockedlogin</option>
-<option>ttp-assurer</option>
+<option>blocked-applicant</option>
+<option>blocked-agent</option>
+<option>blocked-login</option>
+<option>ttp-agent</option>
 <option>ttp-applicant</option>
-<option>nucleus-assurer</option>
+<option>nucleus-agent</option>
 <option>codesigning</option>
-<option>orgassurer</option>
+<option>org-agent</option>
 </select>
 <input type="submit" name="addpriv" value="Grant Privillege"/>
 <input type="submit" name="delpriv" value="Revoke Privillege"/>