hs.hsadmin.ng/sql/rbac-tests.sql

51 lines
2.4 KiB
MySQL
Raw Permalink Normal View History

2022-07-22 13:31:37 +02:00
-- ========================================================
-- Some Tests
-- --------------------------------------------------------
select rbac.isGranted(rbac.findRoleId('administrators'), rbac.findRoleId('rbactest.package#aaa00:OWNER'));
select rbac.isGranted(rbac.findRoleId('rbactest.package#aaa00:OWNER'), rbac.findRoleId('administrators'));
-- call rbac.grantRoleToRole(findRoleId('rbactest.package#aaa00:OWNER'), findRoleId('administrators'));
-- call rbac.grantRoleToRole(findRoleId('administrators'), findRoleId('rbactest.package#aaa00:OWNER'));
2022-07-22 13:31:37 +02:00
select count(*)
FROM rbac.queryAllPermissionsOfSubjectIdForObjectUuids(rbac.findRbacSubject('superuser-fran@hostsharing.net'),
ARRAY(select uuid from rbactest.customer where reference < 1100000));
2022-07-22 13:31:37 +02:00
select count(*)
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('superuser-fran@hostsharing.net'));
2022-07-22 13:31:37 +02:00
select *
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('alex@example.com'));
2022-07-22 13:31:37 +02:00
select *
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('rosa@example.com'));
2022-07-22 13:31:37 +02:00
select *
FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('customer',
(SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'customer' LIMIT 1),
2022-07-22 13:31:37 +02:00
'add-package'));
select *
FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('package',
(SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'package' LIMIT 1),
'DELETE'));
2022-07-22 13:31:37 +02:00
DO LANGUAGE plpgsql
$$
DECLARE
userId uuid;
result bool;
BEGIN
userId = rbac.findRbacSubject('superuser-alex@hostsharing.net');
result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'add-package'), userId));
2022-07-22 13:31:37 +02:00
IF (result) THEN
RAISE EXCEPTION 'expected permission NOT to be granted, but it is';
end if;
result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'SELECT'), userId));
2022-07-22 13:31:37 +02:00
IF (NOT result) THEN
RAISE EXCEPTION 'expected permission to be granted, but it is NOT';
end if;
RAISE LOG 'isPermissionGrantedToSubjectId test passed';
END;
$$;