| | |
|---|
| | | FOR SELECT |
|---|
| | | TO restricted |
|---|
| | | USING ( |
|---|
| | | isPermissionGrantedToSubject(findPermissionId('customer', id, 'view'), currentUserId()) |
|---|
| | | isPermissionGrantedToSubject(findPermissionId('customer', id, 'view'), currentUserUuid()) |
|---|
| | | ); |
|---|
| | | |
|---|
| | | SET SESSION AUTHORIZATION restricted; |
|---|
| | |
|---|
| | | CREATE OR REPLACE RULE "_RETURN" AS |
|---|
| | | ON SELECT TO cust_view |
|---|
| | | DO INSTEAD |
|---|
| | | SELECT * FROM customer WHERE isPermissionGrantedToSubject(findPermissionId('customer', id, 'view'), currentUserId()); |
|---|
| | | SELECT * FROM customer WHERE isPermissionGrantedToSubject(findPermissionId('customer', id, 'view'), currentUserUuid()); |
|---|
| | | |
|---|
| | | SET SESSION AUTHORIZATION restricted; |
|---|
| | | SET hsadminng.currentUser TO 'alex@example.com'; |
|---|
| | |
|---|
| | | CREATE OR REPLACE VIEW cust_view AS |
|---|
| | | SELECT c.id, c.reference, c.prefix |
|---|
| | | FROM customer AS c |
|---|
| | | JOIN queryAllPermissionsOfSubjectId(currentUserId()) AS p |
|---|
| | | JOIN queryAllPermissionsOfSubjectId(currentUserUuid()) AS p |
|---|
| | | ON p.tableName='customer' AND p.rowId=c.id AND p.op='view'; |
|---|
| | | GRANT ALL PRIVILEGES ON cust_view TO restricted; |
|---|
| | | |
|---|
