Returns an %Ecto.Changeset{} for tracking stakeholder changes.

Examples

iex> change_stakeholder(stakeholder)
%Ecto.Changeset{data: %Stakeholder{}}

Creates a stakeholder.

This inserts a stakeholder, creates a corresponding DDL schema in the database and a corresponding database user, with dynamically generated credentials and access scoped to the new schema.

The stakeholder, schema and dbuser are all created with the same name -- and the operation will error if this isn't possible. So creating a stakeholder with %{"name" => "foo"} will create a foo.* db schema and a db user called foo with a dynamically generated password.

Returns {:ok, %{stakeholder: %Stakeholder{}, db_user: {username, password}, ddl_schema: name}}

Examples

iex> create_stakeholder(user, %{name: "foo"})
{:ok, %{stakeholder: %Stakeholder{name: "foo"},
        db_user: {"foo", 6ds67f5ds67ds5f7sf675hqx"}, ddl_schema: "foo"}

iex> create_stakeholder(user, %{name: nil})
{:error, :stakeholder, %Ecto.Changeset{}, _changes_so_far}

iex> create_stakeholder(user, %{name: "db-user-taken"})
{:error, :db_user, exception, _changes_so_far}

iex> create_stakeholder(user, %{name: "ddl-schema-taken"})
{:error, :ddl_schema, exception, _changes_so_far}

Deletes a stakeholder.

This deletes the stakeholder and the corresponding db user. It also tries to delete the DDL schema, but using RESTRICT, so that it will only remove the schema if it's empty.

It's easy for the drop user and drop schema to fail due to dependent objects. As a result, we accept a ensure_all_dropped flag, defaulting to false. When false, this tolerates a failure to drop caused by dependent objects and indicates the failure to delete by including the db_user and / or ddl_schema in the return value.

When true, we run everything in a transaction, which results in a rollback if either drop call fails.

Examples

iex> delete_stakeholder(stakeholder)
{:ok, %{stakeholder: %Stakeholder{name: "foo"}, db_user: nil, ddl_schema: nil}

iex> delete_stakeholder(stakeholder) # schema wasn't empty, wasn't deleted
{:ok, %{stakeholder: %Stakeholder{name: "foo"}, db_user: nil, ddl_schema: "foo"}

iex> delete_stakeholder(stakeholder) # role had dependent objects, wasn't deleted
{:ok, %{stakeholder: %Stakeholder{name: "foo"}, db_user: {"foo", nil}, ddl_schema: "foo"}

iex> delete_stakeholder(stakeholder)
{:error, :stakeholder, %Ecto.Changeset{}, _changes_so_far}

iex> delete_stakeholder(stakeholder)
{:error, :db_user, exception, _changes_so_far}

iex> delete_stakeholder(stakeholder)
{:error, :ddl_schema, exception, _changes_so_far}

Gets a single stakeholder.

Returns nil if the Stakeholder does not exist.

Examples

iex> get_stakeholder!(123)
%Stakeholder{}

iex> get_stakeholder!(456)
nil

Gets a single stakeholder.

Raises Ecto.NoResultsError if the Stakeholder does not exist.

Examples

iex> get_stakeholder!(123)
%Stakeholder{}

iex> get_stakeholder!(456)
** (Ecto.NoResultsError)

Initialize a stakeholder.

Examples

iex> init_stakeholder(%{name: "foo"})
%Ecto.Changeset{}

Returns the list of stakeholders.

Examples

iex> list_stakeholders()
[%Stakeholder{}, ...]

Updates a stakeholder.

This updates the stakeholder and, if necessary, renames the corresponding DDL schema and db user in the database.

As per the following note on https://www.postgresql.org/docs/current/sql-alterrole.html

Because MD5-encrypted passwords use the role name as cryptographic salt, renaming a role clears its password if the password is MD5-encrypted.

If we do rename the role, we regenerate and return a new password for the altered db user.

Examples

iex> update_stakeholder(stakeholder, %{name: "alt"})
{:ok, %{stakeholder: %Stakeholder{name: "alt"}, db_user: {"alt", new_password}, ddl_schema: "alt"}

iex> update_stakeholder(%{name: nil})
{:error, :stakeholder, %Ecto.Changeset{}, _changes_so_far}

iex> update_stakeholder(%{name: "db-user-taken"})
{:error, :db_user, exception, _changes_so_far}

iex> update_stakeholder(%{name: "ddl-schema-taken"})
{:error, :ddl_schema, exception, _changes_so_far}