use identity view projection for restricted view orderBy if none is explicitely specified

This commit is contained in:
Michael Hoennig 2024-03-05 10:04:15 +01:00
parent b2cea1e882
commit 4df5c2606a

View File

@ -11,6 +11,7 @@ import static java.util.stream.Collectors.joining;
import static java.util.stream.Collectors.toSet; import static java.util.stream.Collectors.toSet;
import static net.hostsharing.hsadminng.rbac.rbacdef.PostgresTriggerReference.NEW; import static net.hostsharing.hsadminng.rbac.rbacdef.PostgresTriggerReference.NEW;
import static net.hostsharing.hsadminng.rbac.rbacdef.PostgresTriggerReference.OLD; import static net.hostsharing.hsadminng.rbac.rbacdef.PostgresTriggerReference.OLD;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Permission.INSERT;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.RbacGrantDefinition.GrantType.*; import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.RbacGrantDefinition.GrantType.*;
import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.*; import static net.hostsharing.hsadminng.rbac.rbacdef.RbacView.Role.*;
import static net.hostsharing.hsadminng.rbac.rbacdef.StringWriter.with; import static net.hostsharing.hsadminng.rbac.rbacdef.StringWriter.with;
@ -228,9 +229,11 @@ class RolesGrantsAndPermissionsGenerator {
case ROLE_TO_ROLE -> "call grantRoleToRole(${subRoleRef}, ${superRoleRef});" case ROLE_TO_ROLE -> "call grantRoleToRole(${subRoleRef}, ${superRoleRef});"
.replace("${subRoleRef}", roleRef(NEW, grantDef.getSubRoleDef())) .replace("${subRoleRef}", roleRef(NEW, grantDef.getSubRoleDef()))
.replace("${superRoleRef}", roleRef(NEW, grantDef.getSuperRoleDef())); .replace("${superRoleRef}", roleRef(NEW, grantDef.getSuperRoleDef()));
case PERM_TO_ROLE -> "call grantPermissionsToRole(${permRef}, ${superRoleRef});" case PERM_TO_ROLE ->
.replace("${permRef}", permRef(NEW, grantDef.getPermDef())) grantDef.getPermDef().getPermission() == INSERT ? ""
.replace("${superRoleRef}", roleRef(NEW, grantDef.getSuperRoleDef())); : "call grantPermissionsToRole(${permRef}, ${superRoleRef});"
.replace("${permRef}", permRef(NEW, grantDef.getPermDef()))
.replace("${superRoleRef}", roleRef(NEW, grantDef.getSuperRoleDef()));
}; };
} }