remove superfluous 'INSERT' from hasInsertPermission
This commit is contained in:
parent
d285b440ea
commit
21bb9dad19
@ -569,14 +569,14 @@ select exists(
|
||||
);
|
||||
$$;
|
||||
|
||||
create or replace function hasInsertPermission(objectUuid uuid, forOp RbacOp, tableName text )
|
||||
create or replace function hasInsertPermission(objectUuid uuid, tableName text )
|
||||
returns BOOL
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
declare
|
||||
permissionUuid uuid;
|
||||
begin
|
||||
permissionUuid = findPermissionId(objectUuid, forOp, tableName);
|
||||
permissionUuid = findPermissionId(objectUuid, 'INSERT'::RbacOp, tableName);
|
||||
return permissionUuid is not null;
|
||||
end;
|
||||
$$;
|
||||
|
@ -200,7 +200,7 @@ end; $$;
|
||||
create trigger test_package_insert_permission_check_tg
|
||||
before insert on test_package
|
||||
for each row
|
||||
when ( not hasInsertPermission(NEW.customerUuid, 'INSERT', 'test_package') )
|
||||
when ( not hasInsertPermission(NEW.customerUuid, 'test_package') )
|
||||
execute procedure test_package_insert_permission_missing_tf();
|
||||
--//
|
||||
|
||||
|
@ -199,7 +199,7 @@ end; $$;
|
||||
create trigger test_domain_insert_permission_check_tg
|
||||
before insert on test_domain
|
||||
for each row
|
||||
when ( not hasInsertPermission(NEW.packageUuid, 'INSERT', 'test_domain') )
|
||||
when ( not hasInsertPermission(NEW.packageUuid, 'test_domain') )
|
||||
execute procedure test_domain_insert_permission_missing_tf();
|
||||
--//
|
||||
|
||||
|
@ -209,7 +209,7 @@ end; $$;
|
||||
create trigger hs_office_relation_insert_permission_check_tg
|
||||
before insert on hs_office_relation
|
||||
for each row
|
||||
when ( not hasInsertPermission(NEW.anchorUuid, 'INSERT', 'hs_office_relation') )
|
||||
when ( not hasInsertPermission(NEW.anchorUuid, 'hs_office_relation') )
|
||||
execute procedure hs_office_relation_insert_permission_missing_tf();
|
||||
--//
|
||||
|
||||
|
@ -168,7 +168,7 @@ begin
|
||||
);
|
||||
assert superRoleObjectUuid is not null, 'superRoleObjectUuid must not be null';
|
||||
|
||||
if ( not hasInsertPermission(superRoleObjectUuid, 'INSERT', 'hs_office_sepamandate') ) then
|
||||
if ( not hasInsertPermission(superRoleObjectUuid, 'hs_office_sepamandate') ) then
|
||||
raise exception
|
||||
'[403] insert into hs_office_sepamandate not allowed for current subjects % (%)',
|
||||
currentSubjects(), currentSubjectsUuids();
|
||||
|
@ -123,7 +123,7 @@ end; $$;
|
||||
create trigger hs_office_coopsharestransaction_insert_permission_check_tg
|
||||
before insert on hs_office_coopsharestransaction
|
||||
for each row
|
||||
when ( not hasInsertPermission(NEW.membershipUuid, 'INSERT', 'hs_office_coopsharestransaction') )
|
||||
when ( not hasInsertPermission(NEW.membershipUuid, 'hs_office_coopsharestransaction') )
|
||||
execute procedure hs_office_coopsharestransaction_insert_permission_missing_tf();
|
||||
--//
|
||||
|
||||
|
@ -123,7 +123,7 @@ end; $$;
|
||||
create trigger hs_office_coopassetstransaction_insert_permission_check_tg
|
||||
before insert on hs_office_coopassetstransaction
|
||||
for each row
|
||||
when ( not hasInsertPermission(NEW.membershipUuid, 'INSERT', 'hs_office_coopassetstransaction') )
|
||||
when ( not hasInsertPermission(NEW.membershipUuid, 'hs_office_coopassetstransaction') )
|
||||
execute procedure hs_office_coopassetstransaction_insert_permission_missing_tf();
|
||||
--//
|
||||
|
||||
|
@ -164,7 +164,7 @@ begin
|
||||
);
|
||||
assert superRoleObjectUuid is not null, 'superRoleObjectUuid must not be null';
|
||||
|
||||
if ( not hasInsertPermission(superRoleObjectUuid, 'INSERT', 'hs_booking_item') ) then
|
||||
if ( not hasInsertPermission(superRoleObjectUuid, 'hs_booking_item') ) then
|
||||
raise exception
|
||||
'[403] insert into hs_booking_item not allowed for current subjects % (%)',
|
||||
currentSubjects(), currentSubjectsUuids();
|
||||
|
@ -203,7 +203,7 @@ create trigger hs_hosting_asset_insert_permission_check_tg
|
||||
for each row
|
||||
when ( not (
|
||||
|
||||
hasInsertPermission(NEW.bookingItemUuid, 'INSERT', 'hs_hosting_asset') or
|
||||
hasInsertPermission(NEW.bookingItemUuid, 'hs_hosting_asset') or
|
||||
NEW.type = 'MANAGED_SERVER' and hasInsertPermission(NEW.parentAssetUuid, 'INSERT', 'hs_hosting_asset') ) )
|
||||
execute procedure hs_hosting_asset_insert_permission_missing_tf();
|
||||
--//
|
||||
|
Loading…
Reference in New Issue
Block a user