From cbbe3597a02b4066d4f7c00a5351078b974a5fdb Mon Sep 17 00:00:00 2001 From: Gerald Baulig Date: Tue, 19 Mar 2024 10:38:47 +0100 Subject: [PATCH] fix(contextquery): remove empty contextQuery since it irritates ACS --- README.adoc | 4 + datasets/demo-shop/jobs/job_identity.json | 2 +- datasets/system/README.md | 17 +-- datasets/system/data/seed-data/rules.yaml | 135 ++---------------- datasets/system/data/seed-data/tax_types.yaml | 17 ++- datasets/system/jobs/job_identity.json | 18 --- datasets/system/jobs/job_rules.json | 26 ++++ package-lock.json | 1 + package.json | 17 +-- 9 files changed, 73 insertions(+), 164 deletions(-) create mode 100644 datasets/system/jobs/job_rules.json diff --git a/README.adoc b/README.adoc index 84d4038..3c69242 100644 --- a/README.adoc +++ b/README.adoc @@ -112,6 +112,10 @@ System: npm run import:system:identity +- Imports policy-sets, policies and rules from system data: + + npm run import:system:rules + - Imports commands, contact-point-types, countries, locales, organizations, tax-types, taxes and timezones from system data: npm run import:system:master diff --git a/datasets/demo-shop/jobs/job_identity.json b/datasets/demo-shop/jobs/job_identity.json index 3ca6330..e571232 100644 --- a/datasets/demo-shop/jobs/job_identity.json +++ b/datasets/demo-shop/jobs/job_identity.json @@ -8,7 +8,7 @@ "name": "users", "operation": "sync", "filter": "users*.yaml", - "mutation": "mutation mutateUsers($var: [IIoRestorecommerceUserUser!]!){ identity { user { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" + "mutation": "mutation mutate($var: [IIoRestorecommerceUserUser!]!){ identity { user { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" } ] } diff --git a/datasets/system/README.md b/datasets/system/README.md index 1fde743..41c6aa3 100644 --- a/datasets/system/README.md +++ b/datasets/system/README.md @@ -17,14 +17,15 @@ Resources are imported using the [gql-bot](https://github.com/restorecommerce/gq All data is imported via the GraphQL API exposed by the [facade-srv](https://github.com/restorecommerce/facade-srv). All possible operations are exposed through JS scripts. -These scripts either execute GraphQL mutations/ queries through the `import.js` script. +These scripts either execute GraphQL mutations/ queries through the `dataset.js` script. The `import.js` also includes command-line options such as specifying if we wish to import the data locally or into the production environment. ### Current supported jobs are - master (imports resources `commands` `contact_points_types`, `countries`, `locales`, `organizations`, `tax_types`, `taxes`, `timezones`) -- identity (imports `users`, `policies`, `policy_sets`, `roles`, `rules`) +- identity (imports `users`, `roles`) +- rules (imports `policies`, `policy_sets`, `rules`) - extra (imports resources `unit_codes`) > NOTE: Resources must be imported in a specific order! @@ -44,19 +45,19 @@ to import the data locally or into the production environment. - `node ./transform.js` -3. Import datasets using [`import.js script`](./import.js): +3. Import datasets using [`dataset.js script`](./import.js): - - `node ./import.js import -t -d system -j ` + - `node ./dataset.js import -t -d system -j ` 4. Examples: - - `node ./import.js import -t -d system -j master` - - `node ./import.js import -t -d system -j identity` - - `node ./import.js import -t -d system -j extra` + - `node ./dataset.js import -t -d system -j master` + - `node ./dataset.js import -t -d system -j identity` + - `node ./dataset.js import -t -d system -j extra` ### Supported environment variables: `GQL_ENDPOINT`. -All flags are optional, and they can be listed by typing `node ./import.js -h`. +All flags are optional, and they can be listed by typing `node ./dataset.js -h`. The API key can be obtained from the [`facade-srv`](https://github.com/restorecommerce/facade-srv/blob/master/cfg/config.json#L21) configuration. The API key is generated during system startup from the `facade-srv` (Check the log message of facade-srv `Bootstrap API Key is`). In case `facade-srv` is a local container use the following command to extract the `Bootstrap API-KEY`: diff --git a/datasets/system/data/seed-data/rules.yaml b/datasets/system/data/seed-data/rules.yaml index 5714e29..23f4173 100644 --- a/datasets/system/data/seed-data/rules.yaml +++ b/datasets/system/data/seed-data/rules.yaml @@ -9,9 +9,6 @@ resources: [ ] condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -31,9 +28,6 @@ resources: [ ] condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -55,9 +49,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -67,8 +58,8 @@ - id: urn:restorecommerce:acs:names:ownerInstance value: system --- - id: administrator-permits-all-scoped - name: Admin Permits All Rule + id: administrator-permits-all-hr-scoped + name: Admin Permits All Rule HR Scoped description: Permits all if subject is Admin within hierarchical scope target: subjects: @@ -81,9 +72,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -94,7 +82,7 @@ value: system --- id: administrator-permits-read-scoped - name: Admin Permits Read Rule + name: Admin Permits Read Rule HR Scoped description: Permits read if subject is Admin within hierarchical scope target: resources: [ ] @@ -109,9 +97,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -135,9 +120,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -163,9 +145,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -189,9 +168,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -217,9 +193,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -245,9 +218,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -273,9 +243,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -301,9 +268,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -329,9 +293,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -362,9 +323,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -397,9 +355,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -427,9 +382,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -457,9 +409,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -503,9 +452,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -533,9 +479,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -563,9 +506,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -589,9 +529,6 @@ effect: PERMIT condition: "{ filters: [ { field: 'meta.owners[*].attributes[0].value', operation: 'in', value: 'system' } ] }" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -621,9 +558,6 @@ effect: PERMIT condition: "" evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -643,9 +577,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -656,9 +588,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -678,9 +607,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -691,9 +618,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -713,9 +637,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -726,9 +648,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -748,9 +667,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -761,9 +678,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -783,9 +697,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -796,9 +708,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -818,9 +727,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -831,9 +738,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -853,9 +757,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -867,9 +769,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -889,9 +788,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -903,9 +800,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: @@ -925,9 +819,7 @@ - id: urn:restorecommerce:acs:names:roleScopingEntity value: urn:restorecommerce:acs:model:organization.Organization actions: [ ] - resources: - - id: urn:restorecommerce:acs:names:model:entity - value: urn:restorecommerce:acs:model:order.Order + resources: [ ] effect: PERMIT condition: " @@ -939,9 +831,6 @@ ) " evaluationCacheable: false - contextQuery: - filters: [ ] - query: "" meta: modifiedBy: "" owners: diff --git a/datasets/system/data/seed-data/tax_types.yaml b/datasets/system/data/seed-data/tax_types.yaml index 8920b40..25e2c4e 100644 --- a/datasets/system/data/seed-data/tax_types.yaml +++ b/datasets/system/data/seed-data/tax_types.yaml @@ -1,7 +1,8 @@ --- id: value-added-tax type: Value Added Tax - description: Value Added Tax is imposed on each stage of the supply chain and ultimately + description: > + Value Added Tax is imposed on each stage of the supply chain and ultimately charged in full to the final purchaser. meta: modifiedBy: system @@ -26,7 +27,8 @@ --- id: sales-tax type: Sales Tax - description: Sales Tax is the style of tax often used in the USA, where many governmental + description: > + Sales Tax is the style of tax often used in the USA, where many governmental entities impose their own tax on every purchase. It's typically added as a line item in the subtotal. Sales tax is collected on retail sales at the time of the sale to the final consumer, and only the final sale in the supply chain is subject @@ -42,7 +44,8 @@ --- id: visitors-tax type: Visitor's Tax - description: Tax to be payed for visitors of certain localities, such as health + description: > + Tax to be payed for visitors of certain localities, such as health resorts. meta: modifiedBy: system @@ -55,7 +58,8 @@ --- id: corporate-tax type: Corporate Tax - description: A direct tax imposed by a jurisdiction on the income or capital of + description: > + A direct tax imposed by a jurisdiction on the income or capital of corporations or analogous legal entities meta: modifiedBy: system @@ -68,8 +72,9 @@ --- id: individual-income-tax type: Individual Income Tax - description: 'The individual income tax is levied on the wages, salaries, dividends, - interest, and other income a person earns throughout the year. ' + description: > + The individual income tax is levied on the wages, salaries, dividends, + interest, and other income a person earns throughout the year. meta: modifiedBy: system owners: diff --git a/datasets/system/jobs/job_identity.json b/datasets/system/jobs/job_identity.json index 472424e..5bbd508 100644 --- a/datasets/system/jobs/job_identity.json +++ b/datasets/system/jobs/job_identity.json @@ -4,24 +4,6 @@ "concurrency": 1 }, "tasks": [ - { - "name": "rules", - "operation": "sync", - "filter": "rules.yaml", - "mutation": "mutation mutateRules($var: [IIoRestorecommerceRuleRule!]!){ access_control { rule { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" - }, - { - "name": "policies", - "operation": "sync", - "filter": "policies.yaml", - "mutation": "mutation mutatePolicies($var: [IIoRestorecommercePolicyPolicy!]!){ access_control { policy { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" - }, - { - "name": "policy_sets", - "operation": "sync", - "filter": "policy_sets.yaml", - "mutation": "mutation mutatePolicySets($var: [IIoRestorecommercePolicySetPolicySet!]!){ access_control { policy_set { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" - }, { "name": "roles", "operation": "sync", diff --git a/datasets/system/jobs/job_rules.json b/datasets/system/jobs/job_rules.json new file mode 100644 index 0000000..2658952 --- /dev/null +++ b/datasets/system/jobs/job_rules.json @@ -0,0 +1,26 @@ +{ + "options": { + "base": "./datasets/system/data/seed-data/", + "concurrency": 1 + }, + "tasks": [ + { + "name": "rules", + "operation": "sync", + "filter": "rules.yaml", + "mutation": "mutation mutateRules($var: [IIoRestorecommerceRuleRule!]!){ access_control { rule { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" + }, + { + "name": "policies", + "operation": "sync", + "filter": "policies.yaml", + "mutation": "mutation mutatePolicies($var: [IIoRestorecommercePolicyPolicy!]!){ access_control { policy { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" + }, + { + "name": "policy_sets", + "operation": "sync", + "filter": "policy_sets.yaml", + "mutation": "mutation mutatePolicySets($var: [IIoRestorecommercePolicySetPolicySet!]!){ access_control { policy_set { Mutate( input: { items: $var, totalCount: 0, mode: UPSERT } ) { details{items {status {id, code, message}}, operationStatus { code message } } } } }}" + } + ] +} diff --git a/package-lock.json b/package-lock.json index 168f0c4..b19dca3 100644 --- a/package-lock.json +++ b/package-lock.json @@ -103,6 +103,7 @@ } }, "datasets/system/generator/unit-codes": { + "name": "@restorecommerce/dataset-system-units-transformer", "version": "0.1.0", "license": "MIT", "dependencies": { diff --git a/package.json b/package.json index ccafdc6..38a82df 100644 --- a/package.json +++ b/package.json @@ -31,14 +31,15 @@ "build": "tsc -d -P tsconfig.objects.json", "env:token": "echo $(docker logs --tail 10000 restorecommerce_facade_srv 2> /dev/null | grep 'Bootstrap API Key is:' | awk '{print \"\rACCESS_TOKEN=\"$7}') > .env && cat .env", "import": "npm-run-all import:system import:demoshop", - "import:system": "npm-run-all import:system:master import:system:identity import:system:extra", - "import:system:master": "node import.js import -d system -j master", - "import:system:identity": "node import.js import -d system -j identity", - "import:system:extra": "node import.js import -d system -j extra", - "import:demoshop": "npm-run-all import:demoshop:master import:demoshop:identity import:demoshop:catalog", - "import:demoshop:master": "node import.js import -d demo-shop -j master", - "import:demoshop:identity": "node import.js import -d demo-shop -j identity", - "import:demoshop:catalog": "node import.js import -d demo-shop -j catalog", + "import:system": "npm-run-all import:system:master import:system:identity import:system:rules import:system:extra", + "import:system:master": "node dataset.js import -d system -j master", + "import:system:rules": "node dataset.js import -d system -j rules", + "import:system:identity": "node dataset.js import -d system -j identity", + "import:system:extra": "node dataset.js import -d system -j extra", + "import:demoshop": "npm-run-all import:demoshop:master import:demoshop:catalog", + "import:demoshop:master": "node dataset.js import -d demo-shop -j master", + "import:demoshop:identity": "node dataset.js import -d demo-shop -j identity", + "import:demoshop:catalog": "node dataset.js import -d demo-shop -j catalog", "import:demoshop:objects": "node ./dataset/demo-shop/objects/object_importer.js", "transform": "npm-run-all transform:system transform:demoshop", "transform:system": "npm-run-all transform:system:unitcodes",