Merge pull request #17 from UnityFoundation-io/backend/updates-to-local-dev-setup

HootDunk · web-flow · commit 2581155ba03c · 2024-02-23T15:26:02.000-06:00
add local docker compose that starts database with initial data
diff --git a/UnityAuth/docker-compose.local.yml b/UnityAuth/docker-compose.local.yml
@@ -0,0 +1,18 @@
+# Use root/example as user/password credentials
+version: '3.1'
+
+services:
+  unity-auth-db:
+    image: mysql
+    # NOTE: use of "mysql_native_password" is not recommended: https://dev.mysql.com/doc/refman/8.0/en/upgrading-from-previous-series.html#upgrade-caching-sha2-password
+    # (this is just an example, not intended to be a production configuration)
+    command: --default-authentication-plugin=mysql_native_password
+    restart: always
+    environment:
+      MYSQL_ROOT_PASSWORD: test
+      MYSQL_DATABASE: test
+    ports:
+      - "13306:3306"
+    volumes:
+      - ./src/main/resources/db/migration:/docker-entrypoint-initdb.d
+      - ./local-data.sql:/docker-entrypoint-initdb.d/local-data.sql
diff --git a/UnityAuth/local-data.sql b/UnityAuth/local-data.sql
@@ -0,0 +1,147 @@
+DELETE FROM user_role;
+DELETE FROM role_permission;
+DELETE FROM tenant_service;
+DELETE FROM user;
+DELETE FROM tenant;
+DELETE FROM service;
+DELETE FROM permission;
+DELETE FROM role;
+
+-- Create a tenant
+INSERT INTO tenant (id, name, description, status) VALUES(1, 'stl', 'St. Louis Metro Area', 'ENABLED');
+-- Create Libre311 Service
+INSERT INTO service (id, name, description, status) VALUES(1, 'Libre311', 'Libre311', 'ENABLED');
+
+-- Add Libre311 Service to stl tenant
+INSERT INTO tenant_service (tenant_id, service_id, status) VALUES(1, 1, 'ENABLED');
+
+
+INSERT INTO permission (id, name, description, scope)
+VALUES (1, 'AUTH_SERVICE_EDIT-SYSTEM', NULL, 'SYSTEM'),
+       (2, 'AUTH_SERVICE_VIEW-SYSTEM', NULL, 'SYSTEM'),
+       (3, 'AUTH_SERVICE_EDIT-TENANT', NULL, 'TENANT'),
+       (4, 'AUTH_SERVICE_VIEW-TENANT', NULL, 'TENANT'),
+       (5, 'LIBRE311_ADMIN_EDIT-SYSTEM', NULL, 'SYSTEM'),
+       (6, 'LIBRE311_ADMIN_VIEW-SYSTEM', NULL, 'SYSTEM'),
+       (7, 'LIBRE311_ADMIN_EDIT-TENANT', NULL, 'TENANT'),
+       (8, 'LIBRE311_ADMIN_VIEW-TENANT', NULL, 'TENANT'),
+       (9, 'LIBRE311_ADMIN_EDIT-SUBTENANT', NULL, 'SUBTENANT'),
+       (10, 'LIBRE311_ADMIN_VIEW-SUBTENANT', NULL, 'SUBTENANT'),
+       (11, 'LIBRE311_REQUEST_EDIT-SYSTEM', NULL, 'SYSTEM'),
+       (12, 'LIBRE311_REQUEST_VIEW-SYSTEM', NULL, 'SYSTEM'),
+       (13, 'LIBRE311_REQUEST_EDIT-TENANT', NULL, 'TENANT'),
+       (14, 'LIBRE311_REQUEST_VIEW-TENANT', NULL, 'TENANT'),
+       (15, 'LIBRE311_REQUEST_EDIT-SUBTENANT', NULL, 'SUBTENANT'),
+       (16, 'LIBRE311_REQUEST_VIEW-SUBTENANT', NULL, 'SUBTENANT');
+
+
+INSERT INTO role (id, name, description)
+VALUES (1, 'Unity Administrator', 'An administrator of the Unity Platform. A user with this role can perform any operation.'),
+       (2, 'Tenant Administrator', 'An administrator for a tenant. A user with this role can perform any operation for the tenant.'),
+       (3, 'Libre311 Administrator', 'An administrator for Libre311. A user with this role can perform any operation in Libre311 on behalf of their tenant.'),
+       (4, 'Libre311 Request Manager', 'A service request manager for Libre311. A user with this role can update and manage service requests.'),
+       (5, 'Libre311 Jurisdiction Administrator', 'An administrator for Libre311 that is scoped to specific jurisdictions. Additional access must be granted in Libre311 to enable access for specific jurisdictions.'),
+       (6, 'Libre311 Jurisdiction Request Manager', 'A service request manager for Libre311 that is scoped to specific jurisdictions. A user with this role can update and manage service requests. Additional access must be granted in Libre311 to enable access for specific jurisdictions.');
+
+
+-- Unity Administrator
+INSERT INTO role_permission (role_id, permission_id)
+VALUES (1, 1),  -- AUTH_SERVICE_EDIT-SYSTEM
+       (1, 2),  -- AUTH_SERVICE_VIEW-SYSTEM
+       (1, 5),  -- LIBRE311_ADMIN_EDIT-SYSTEM
+       (1, 6),  -- LIBRE311_ADMIN_VIEW-SYSTEM
+       (1, 11), -- LIBRE311_REQUEST_EDIT-SYSTEM
+       (1, 12); -- LIBRE311_REQUEST_VIEW-SYSTEM
+
+-- Tenant Administrator
+INSERT INTO role_permission (role_id, permission_id)
+VALUES (2, 3),  -- AUTH_SERVICE_EDIT-TENANT
+       (2, 4),  -- AUTH_SERVICE_VIEW-TENANT
+       (2, 7),  -- LIBRE311_ADMIN_EDIT-TENANT
+       (2, 8),  -- LIBRE311_ADMIN_VIEW-TENANT
+       (2, 13), -- LIBRE311_REQUEST_EDIT-TENANT
+       (2, 14); -- LIBRE311_REQUEST_VIEW-TENANT
+
+-- Libre311 Administrator
+INSERT INTO role_permission (role_id, permission_id)
+VALUES (3, 7),  -- LIBRE311_ADMIN_EDIT-TENANT
+       (3, 8),  -- LIBRE311_ADMIN_VIEW-TENANT
+       (3, 13), -- LIBRE311_REQUEST_EDIT-TENANT
+       (3, 14); -- LIBRE311_REQUEST_VIEW-TENANT
+
+-- Libre311 Request Manager
+INSERT INTO role_permission (role_id, permission_id)
+VALUES (4, 13), -- LIBRE311_REQUEST_EDIT-TENANT
+       (4, 14); -- LIBRE311_REQUEST_VIEW-TENANT
+
+-- Libre311 Jurisdiction Administrator
+INSERT INTO role_permission (role_id, permission_id)
+VALUES (5, 9),  -- LIBRE311_ADMIN_EDIT-SUBTENANT
+       (5, 10), -- LIBRE311_ADMIN_VIEW-SUBTENANT
+       (5, 15), -- LIBRE311_REQUEST_EDIT-SUBTENANT
+       (5, 16); -- LIBRE311_REQUEST_VIEW-SUBTENANT
+
+-- Libre311 Jurisdiction Request Manager
+INSERT INTO role_permission (role_id, permission_id)
+VALUES (6, 15), -- LIBRE311_REQUEST_EDIT-SUBTENANT
+       (6, 16); -- LIBRE311_REQUEST_VIEW-SUBTENANT
+
+
+-- Password for all the following accounts is 'test'
+-- Unity Administrator
+INSERT INTO user (id, email, password, status) VALUES
+    (1, 'unity_admin@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+-- Tenant Administrator
+INSERT INTO user (id, email, password, status) VALUES
+    (2, 'tenant_admin@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+-- Libre311 Administrator
+INSERT INTO user (id, email, password, status) VALUES
+    (3, 'libre311_admin@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+-- Libre311 Request Manager
+INSERT INTO user (id, email, password, status) VALUES
+    (4, 'libre311_request_manager@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+-- Libre311 Jurisdiction Administrator
+INSERT INTO user (id, email, password, status) VALUES
+    (5, 'libre311_jurisdiction_admin@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+-- Libre311 Jurisdiction Request Manager
+INSERT INTO user (id, email, password, status) VALUES
+    (6, 'libre311_jurisdiction_request_manager@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+
+-- Stl sub-tenant admin
+INSERT INTO user (id, email, password, status) VALUES
+    (7, 'stl_subtenant_admin@example.com', '$2a$10$YJetsyoS.EzlVlb249w07uBR8uSqgtlqVH9Hl7bsHtvvwdKAhJp82', 'active');
+
+-- Unity Administrator
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 1, 1);
+
+-- Tenant Administrator
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 2, 2);
+
+-- Libre311 Administrator
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 3, 3);
+
+-- Libre311 Request Manager
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 4, 4);
+
+-- Libre311 Jurisdiction Administrator
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 5, 5);
+
+-- Libre311 Jurisdiction Request Manager
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 6, 6);
+
+
+-- Stl sub-tenant admin
+INSERT INTO user_role (tenant_id, user_id, role_id) VALUES
+    (1, 7, 5);
diff --git a/UnityAuth/src/main/resources/application-local.yml b/UnityAuth/src/main/resources/application-local.yml
@@ -21,7 +21,8 @@ datasources:
 flyway:
   datasources:
     default:
-      enabled: true
+      baseline-on-migrate: true
+
 jwk:
   primary: "{\"p\":\"_OZyH1Mk3wR0oXw1C31t4kWOcaHFB6Njro1cYx52REnPiznn_JTtwvlAMpvV6LVCIZPgKMzdIEMY1gYs1LsO-5IFqWwegXmYJ0iKXbRrZshfWBCzRLK3QK5fER1le1XUBDhtDk7KIW_Xg-SZF4pf_LUEVKMnyUpspGI5F77jlJ8\",\"kty\":\"RSA\",\"q\":\"s9wvl7z8vkHQvo9xOUp-z0a2Z7LFBDil2uIjPh1FQzs34gFXH8dQPRox83TuN5d4KzdLPqQNQAfMXU9_KmxihNb_qDQahYugeELmcem04munxXqBdyZqWhWCy5YmujYqn44irwvoTbw6_RkMqjCmINPTPadptlPivsZ6RhKn8zk\",\"d\":\"ok3wmhOy8NZEHAotnFiH6ecFD6xf_9x33_fMRkqa3_KE8NZM7vmvNgElox2UvcP_2K5E7jOdL2XQdJCTIW3Qlj66yE2a84SYlbvxIc4hDrIog0XNt4FhavvshxxUIfDQo6Q8qXDR5v7nwt6SCopYC3t3KVRdJh08GzKoVxysd7afJjxXxx178gY29uMRqnwxFN1OGnWaiBr-xGKb1frJ6jOI1zvuuCaljZ4aZjc9vOR4y9ZmobgrzkMFnpDAmQZ7MWcVMyodRMOA2dEOckywPhg-dIVNiVIqzJqe5Yg1ilNookjwtqj2TpNU7Z9gPqzYB73PmQ2p5LMDheAPxcOmEQ\",\"e\":\"AQAB\",\"use\":\"sig\",\"kid\":\"e3be37177a7c42bcbadd7cc63715f216\",\"qi\":\"r--nAtaYPAgJq_8R1-kynpd53E17n-loDUgtVWBCx_RmdORX4Auilv1S83dD1mbcnYCbV_LmxiEjOiz-4gS_E0qVGqakAqQrO1hVUvJa_Y2uftDgwFmuJNGbpRU-K4Td_uUzdm48za8yJCgOdYsWp6PNMCcmQgiInzkR3XYV83I\",\"dp\":\"oQUcvmMSw8gzdin-IB2xW_MLecAVEgLu0dGBdD6N8HbKZQvub_xm0dAfFtnvvWXDAFwFyhR96i-uXX67Bos_Q9-6KSAE4E0KGmDucDESfPOw-QJREbl0QgOD1gLQfVGtVy6SCR0TR2zNXFWtP7bD3MNoSXdEOr5fI97CGSNaBWM\",\"alg\":\"RS256\",\"dq\":\"DM-WJDy10-dkMu6MpgQEXEcxHtnA5rgSODD7SaVUFaHWLSbjScQslu2SuUCO5y7GxG0_0spklzb2-356FE98BPI7a4Oqj_COEYLSXzLCS45XeN1s80utL5Vwp4eeYo0RJCQ_nDBA76iEmxp5qHWmn5f25-FQykfXUrdYZj1V8SE\",\"n\":\"sa6m2i-iNvj6ZSTdSHZaBrnv6DId4AqAXhOyl0yA5fNWYe6r51h24SXqk7DsGYHHh74ii74tP1lTpmy6RD67tCK-tbN-d6yc4Z6FfM8R83v2QZUfaAixgHGtw0n2toqsiHf6EloDV-B8q4GYyKDD6cLecoaIuTmMBTY3kts59U2t9W10YoLGsmFqLSz8qNF5HkahzB6_--2DiBfVGUKAXHC-SICGZCi-8efOetv6pt9vFiWEgwU_DgjRNYzLFt1SEmbGFUU4kbjQ7tNTMkHfzfwcT6qLt4kVKy2FNYsEMk24keWtCvW_RyO_fisZc0W9smX7WtYjEXhcAjDeqHgEZw\"}"
   secondary: "{\"p\":\"4qJ9RNlu6SuDT_MLArfzimvKEwmet_j12Z9EQeb5nMjZIOHTcWw__duebUytfWwxsRHhtSVXeMt-EryQAOulm2p1bfiVuparq93z9P5cPnb0oArFaw3eFNFEmX5U-lY8PzUTTsFxO4aVQYAKXD6DP7p5uPzuwpHFuNc71nNIXZE\",\"kty\":\"RSA\",\"q\":\"v4OhkWMbS_nq77HFanwZAT_obfJuQfOFOQBORL4ATAHGUXm2y4YqLNExZs7Wj1MA_6ya6Y00s2JBM7fWq_fPe4d9xo5aGrPdcp0G8W21kkfh9vuVPlHVQTgSP7FQ9qahvXxNwK_11yNr3p1HBmScJ5mHlMBpIJsFcvHA-uXe0Ps\",\"d\":\"EunrjnQ1-jJPSCrt2L94PUpDrakup8a4pXys52YSkJY-W6XidM0roOS6kr06P3G6VQgc6AL_BkvTQ_XS0oXHbXVprDQ5Syam5p9oxHBhhW_vSqIMgUOfm28uyB3Mtw9rBxdUxW3yElHioaR8a-exYhhyVXb1QEhxL_rcnthmhAkM2NcHi2UnxGKFTsC0abQ2MuQc1OAuW5veDiIF2hfdC41qE0_d8vB6FDWbblgUpbwB6uSZaViPs15Buq2oX9dCCw54-PgzkfehDt7lyqgupktbV1psnVVhL86shzt4QFnhd3k7VpFbjCNFtiJTrufV-XBWT0pl2w3VR9wrHJ1bYQ\",\"e\":\"AQAB\",\"use\":\"sig\",\"kid\":\"0794e938379540dc8eaa559508524a79\",\"qi\":\"jy-TNyXVy_44_n4KGAwIbZO2C4r6uNWuEdehBfQKkPhiP90myG1KZVfOoKNOK9bCv2mvZJcBz4c1ArElgpuSCV4-KFac1ZzQo_ic5aoIej8Qa80y2ogc-_Yv6_ZLHC1S76M-lm4jayk2-rvuBpy2pUvHbW6Srhs_szwz7ZfSkLg\",\"dp\":\"ApqdV9ortRAj7Ro8ySY17SQ56SgWI8T_hiWXUi6GNa_1FrShik8VGSSZ2GWmJKfGlmM_NaadL60e4LY77VbHy1ZYzQ-rIL60cEAXmnwFsU4Kl4AoLoe1QoX5BM53yXyOKqfAdgow898i_eKru82YEnZhCagWUjP8kpgefuNKNJE\",\"alg\":\"RS256\",\"dq\":\"bFF78WoXh0pMCdQHL2oPDnjh8kWa_OxKHmpA2nqIWnTqgSyRKd2xPvX2tgooqpmsx-8NEymNdCQPcrv4y_z2OgzxI3tiFRZEGs4bnjOJ7bmAYZv71mqcbi3TjHiyrT6j3jNPGrurFUpweVGFWWVQOMmKOKT3ELz9QPzhREb9Vj8\",\"n\":\"qYvDpV8DRU5hx9eXpE4Ms8nUXicEwrxUUz5gb5gkXpIeY82mqfQKKCP6PSFnkKYtRFTOUSm9cgGGfOd7O4NFsIsxLwXCj34X7ORr19eXKBLvG3bZJLxqRlbYuQshDMkQOui1sDBxvYnj5p4iHne6l2btH5grHOCShUWG-bKps5Y8bKNHod1pIOOBabVCmn3sUVUkZw8nyXkQqZbv-c8x6z0TEfhNOPOIt2AmmlNgrE_8g7-dnCvqfJnhv0c7qkOJzsb7OMmvVwsQNiM59D6uaWZr-vdANo6NggiZmCKUS3tpUvdXW7ec9WMPJWhrVEkRcbWXQnZ_C7pXFrz7rLeNKw\"}"
