fix rbac sql generation

This commit is contained in:
Michael Hoennig 2024-09-18 09:41:50 +02:00
parent 09ae27dc68
commit 795a829128
19 changed files with 152 additions and 157 deletions

View File

@ -66,13 +66,12 @@ class RolesGrantsAndPermissionsGenerator {
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemFor${simpleEntityName}( create or replace procedure ${rawTableQualifiedName}_build_rbac_system(
NEW ${rawTableName} NEW ${rawTableQualifiedName}
) )
language plpgsql as $$ language plpgsql as $$
""" """
.replace("${simpleEntityName}", simpleEntityName) .replace("${rawTableQualifiedName}", qualifiedRawTableName));
.replace("${rawTableName}", qualifiedRawTableName));
plPgSql.writeLn("declare"); plPgSql.writeLn("declare");
plPgSql.indented(() -> { plPgSql.indented(() -> {
@ -106,21 +105,21 @@ class RolesGrantsAndPermissionsGenerator {
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesFor${simpleEntityName}( create or replace procedure ${rawTableQualifiedName}_update_rbac_system(
OLD ${rawTableName}, OLD ${rawTableQualifiedName},
NEW ${rawTableName} NEW ${rawTableQualifiedName}
) )
language plpgsql as $$ language plpgsql as $$
begin begin
if ${updateConditions} then if ${updateConditions} then
delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid; delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid;
call buildRbacSystemFor${simpleEntityName}(NEW); call ${rawTableQualifiedName}_build_rbac_system(NEW);
end if; end if;
end; $$; end; $$;
""", """,
with("simpleEntityName", simpleEntityName), with("simpleEntityName", simpleEntityName),
with("rawTableName", qualifiedRawTableName), with("rawTableQualifiedName", qualifiedRawTableName),
with("updateConditions", updateConditions)); with("updateConditions", updateConditions));
} }
@ -130,16 +129,15 @@ class RolesGrantsAndPermissionsGenerator {
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesFor${simpleEntityName}( create or replace procedure ${rawTableQualifiedName}_update_rbac_system(
OLD ${rawTableName}, OLD ${rawTableQualifiedName},
NEW ${rawTableName} NEW ${rawTableQualifiedName}
) )
language plpgsql as $$ language plpgsql as $$
declare declare
""" """,
.replace("${simpleEntityName}", simpleEntityName) with("rawTableQualifiedName", qualifiedRawTableName));
.replace("${rawTableName}", qualifiedRawTableName));
plPgSql.chopEmptyLines(); plPgSql.chopEmptyLines();
plPgSql.indented(() -> { plPgSql.indented(() -> {
@ -514,26 +512,25 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn(""" plPgSql.writeLn("""
/* /*
AFTER INSERT TRIGGER to create the role+grant structure for a new ${qualifiedRawTableName} row. AFTER INSERT TRIGGER to create the role+grant structure for a new ${rawTableQualifiedName} row.
*/ */
create or replace function ${schemaPrefix}insertTriggerFor${simpleEntityName}_tf() create or replace function ${rawTableQualifiedName}_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemFor${simpleEntityName}(NEW); call ${rawTableQualifiedName}_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerFor${simpleEntityName}_tg create trigger build_rbac_system_after_insert_tg
after insert on ${qualifiedRawTableName} after insert on ${rawTableQualifiedName}
for each row for each row
execute procedure ${schemaPrefix}insertTriggerFor${simpleEntityName}_tf(); execute procedure ${rawTableQualifiedName}_build_rbac_system_after_insert_tf();
""" """
.replace("${simpleEntityName}", simpleEntityName)
.replace("${schemaPrefix}", schemaPrefix(qualifiedRawTableName)) .replace("${schemaPrefix}", schemaPrefix(qualifiedRawTableName))
.replace("${qualifiedRawTableName}", qualifiedRawTableName) .replace("${rawTableQualifiedName}", qualifiedRawTableName)
); );
generateFooter(plPgSql); generateFooter(plPgSql);
@ -550,26 +547,24 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn(""" plPgSql.writeLn("""
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new ${qualifiedRawTableName} row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new ${rawTableQualifiedName} row.
*/ */
create or replace function ${schemaPrefix}updateTriggerFor${simpleEntityName}_tf() create or replace function ${rawTableQualifiedName}_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesFor${simpleEntityName}(OLD, NEW); call ${rawTableQualifiedName}_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerFor${simpleEntityName}_tg create trigger update_rbac_system_after_update_tg
after update on ${qualifiedRawTableName} after update on ${rawTableQualifiedName}
for each row for each row
execute procedure ${schemaPrefix}updateTriggerFor${simpleEntityName}_tf(); execute procedure ${rawTableQualifiedName}_update_rbac_system_after_update_tf();
""" """
.replace("${simpleEntityName}", simpleEntityName) .replace("${rawTableQualifiedName}", qualifiedRawTableName)
.replace("${schemaPrefix}", schemaPrefix(qualifiedRawTableName))
.replace("${qualifiedRawTableName}", qualifiedRawTableName)
); );
generateFooter(plPgSql); generateFooter(plPgSql);

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('testCustomer', 'rbactest.customer');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForTestCustomer( create or replace procedure rbactest.customer_build_rbac_system(
NEW rbactest.customer NEW rbactest.customer
) )
language plpgsql as $$ language plpgsql as $$
@ -60,19 +60,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new rbactest.customer row. AFTER INSERT TRIGGER to create the role+grant structure for a new rbactest.customer row.
*/ */
create or replace function rbactest.insertTriggerForTestCustomer_tf() create or replace function rbactest.customer_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForTestCustomer(NEW); call rbactest.customer_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForTestCustomer_tg create trigger build_rbac_system_after_insert_tg
after insert on rbactest.customer after insert on rbactest.customer
for each row for each row
execute procedure rbactest.insertTriggerForTestCustomer_tf(); execute procedure rbactest.customer_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('testPackage', 'rbactest.package');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForTestPackage( create or replace procedure rbactest.package_build_rbac_system(
NEW rbactest.package NEW rbactest.package
) )
language plpgsql as $$ language plpgsql as $$
@ -64,19 +64,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new rbactest.package row. AFTER INSERT TRIGGER to create the role+grant structure for a new rbactest.package row.
*/ */
create or replace function rbactest.insertTriggerForTestPackage_tf() create or replace function rbactest.package_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForTestPackage(NEW); call rbactest.package_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForTestPackage_tg create trigger build_rbac_system_after_insert_tg
after insert on rbactest.package after insert on rbactest.package
for each row for each row
execute procedure rbactest.insertTriggerForTestPackage_tf(); execute procedure rbactest.package_build_rbac_system_after_insert_tf();
--// --//
@ -88,7 +88,7 @@ execute procedure rbactest.insertTriggerForTestPackage_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesForTestPackage( create or replace procedure rbactest.package_update_rbac_system(
OLD rbactest.package, OLD rbactest.package,
NEW rbactest.package NEW rbactest.package
) )
@ -122,22 +122,22 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new rbactest.package row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new rbactest.package row.
*/ */
create or replace function rbactest.updateTriggerForTestPackage_tf() create or replace function rbactest.package_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesForTestPackage(OLD, NEW); call rbactest.package_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerForTestPackage_tg create trigger update_rbac_system_after_update_tg
after update on rbactest.package after update on rbactest.package
for each row for each row
execute procedure rbactest.updateTriggerForTestPackage_tf(); execute procedure rbactest.package_update_rbac_system_after_update_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('testDomain', 'rbactest.domain');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForTestDomain( create or replace procedure rbactest.domain_build_rbac_system(
NEW rbactest.domain NEW rbactest.domain
) )
language plpgsql as $$ language plpgsql as $$
@ -60,19 +60,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new rbactest.domain row. AFTER INSERT TRIGGER to create the role+grant structure for a new rbactest.domain row.
*/ */
create or replace function rbactest.insertTriggerForTestDomain_tf() create or replace function rbactest.domain_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForTestDomain(NEW); call rbactest.domain_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForTestDomain_tg create trigger build_rbac_system_after_insert_tg
after insert on rbactest.domain after insert on rbactest.domain
for each row for each row
execute procedure rbactest.insertTriggerForTestDomain_tf(); execute procedure rbactest.domain_build_rbac_system_after_insert_tf();
--// --//
@ -84,7 +84,7 @@ execute procedure rbactest.insertTriggerForTestDomain_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesForTestDomain( create or replace procedure rbactest.domain_update_rbac_system(
OLD rbactest.domain, OLD rbactest.domain,
NEW rbactest.domain NEW rbactest.domain
) )
@ -121,22 +121,22 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new rbactest.domain row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new rbactest.domain row.
*/ */
create or replace function rbactest.updateTriggerForTestDomain_tf() create or replace function rbactest.domain_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesForTestDomain(OLD, NEW); call rbactest.domain_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerForTestDomain_tg create trigger update_rbac_system_after_update_tg
after update on rbactest.domain after update on rbactest.domain
for each row for each row
execute procedure rbactest.updateTriggerForTestDomain_tf(); execute procedure rbactest.domain_update_rbac_system_after_update_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeContact', 'hs_office.contact');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeContact( create or replace procedure hs_office.contact_build_rbac_system(
NEW hs_office.contact NEW hs_office.contact
) )
language plpgsql as $$ language plpgsql as $$
@ -60,19 +60,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.contact row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.contact row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeContact_tf() create or replace function hs_office.contact_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeContact(NEW); call hs_office.contact_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeContact_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.contact after insert on hs_office.contact
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeContact_tf(); execute procedure hs_office.contact_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficePerson', 'hs_office.person');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficePerson( create or replace procedure hs_office.person_build_rbac_system(
NEW hs_office.person NEW hs_office.person
) )
language plpgsql as $$ language plpgsql as $$
@ -60,19 +60,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.person row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.person row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficePerson_tf() create or replace function hs_office.person_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficePerson(NEW); call hs_office.person_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficePerson_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.person after insert on hs_office.person
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficePerson_tf(); execute procedure hs_office.person_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeRelation', 'hs_office.relation');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeRelation( create or replace procedure hs_office.relation_build_rbac_system(
NEW hs_office.relation NEW hs_office.relation
) )
language plpgsql as $$ language plpgsql as $$
@ -93,19 +93,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.relation row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.relation row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeRelation_tf() create or replace function hs_office.relation_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeRelation(NEW); call hs_office.relation_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeRelation_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.relation after insert on hs_office.relation
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeRelation_tf(); execute procedure hs_office.relation_build_rbac_system_after_insert_tf();
--// --//
@ -117,7 +117,7 @@ execute procedure hs_office.insertTriggerForHsOfficeRelation_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesForHsOfficeRelation( create or replace procedure hs_office.relation_update_rbac_system(
OLD hs_office.relation, OLD hs_office.relation,
NEW hs_office.relation NEW hs_office.relation
) )
@ -126,27 +126,27 @@ begin
if NEW.contactUuid is distinct from OLD.contactUuid then if NEW.contactUuid is distinct from OLD.contactUuid then
delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid; delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid;
call buildRbacSystemForHsOfficeRelation(NEW); call hs_office.relation_build_rbac_system(NEW);
end if; end if;
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new hs_office.relation row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_office.relation row.
*/ */
create or replace function hs_office.updateTriggerForHsOfficeRelation_tf() create or replace function hs_office.relation_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesForHsOfficeRelation(OLD, NEW); call hs_office.relation_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerForHsOfficeRelation_tg create trigger update_rbac_system_after_update_tg
after update on hs_office.relation after update on hs_office.relation
for each row for each row
execute procedure hs_office.updateTriggerForHsOfficeRelation_tf(); execute procedure hs_office.relation_update_rbac_system_after_update_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficePartner', 'hs_office.partner');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficePartner( create or replace procedure hs_office.partner_build_rbac_system(
NEW hs_office.partner NEW hs_office.partner
) )
language plpgsql as $$ language plpgsql as $$
@ -56,19 +56,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.partner row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.partner row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficePartner_tf() create or replace function hs_office.partner_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficePartner(NEW); call hs_office.partner_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficePartner_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.partner after insert on hs_office.partner
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficePartner_tf(); execute procedure hs_office.partner_build_rbac_system_after_insert_tf();
--// --//
@ -80,7 +80,7 @@ execute procedure hs_office.insertTriggerForHsOfficePartner_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesForHsOfficePartner( create or replace procedure hs_office.partner_update_rbac_system(
OLD hs_office.partner, OLD hs_office.partner,
NEW hs_office.partner NEW hs_office.partner
) )
@ -134,22 +134,22 @@ begin
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new hs_office.partner row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_office.partner row.
*/ */
create or replace function hs_office.updateTriggerForHsOfficePartner_tf() create or replace function hs_office.partner_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesForHsOfficePartner(OLD, NEW); call hs_office.partner_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerForHsOfficePartner_tg create trigger update_rbac_system_after_update_tg
after update on hs_office.partner after update on hs_office.partner
for each row for each row
execute procedure hs_office.updateTriggerForHsOfficePartner_tf(); execute procedure hs_office.partner_update_rbac_system_after_update_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficePartnerDetails', 'hs_office.partn
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficePartnerDetails( create or replace procedure hs_office.partner_details_build_rbac_system(
NEW hs_office.partner_details NEW hs_office.partner_details
) )
language plpgsql as $$ language plpgsql as $$
@ -41,19 +41,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.partner_details row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.partner_details row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficePartnerDetails_tf() create or replace function hs_office.partner_details_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficePartnerDetails(NEW); call hs_office.partner_details_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficePartnerDetails_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.partner_details after insert on hs_office.partner_details
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficePartnerDetails_tf(); execute procedure hs_office.partner_details_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeBankAccount', 'hs_office.bankacco
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeBankAccount( create or replace procedure hs_office.bankaccount_build_rbac_system(
NEW hs_office.bankaccount NEW hs_office.bankaccount
) )
language plpgsql as $$ language plpgsql as $$
@ -60,19 +60,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.bankaccount row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.bankaccount row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeBankAccount_tf() create or replace function hs_office.bankaccount_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeBankAccount(NEW); call hs_office.bankaccount_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeBankAccount_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.bankaccount after insert on hs_office.bankaccount
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeBankAccount_tf(); execute procedure hs_office.bankaccount_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeDebitor', 'hs_office.debitor');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeDebitor( create or replace procedure hs_office.debitor_build_rbac_system(
NEW hs_office.debitor NEW hs_office.debitor
) )
language plpgsql as $$ language plpgsql as $$
@ -68,19 +68,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.debitor row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.debitor row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeDebitor_tf() create or replace function hs_office.debitor_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeDebitor(NEW); call hs_office.debitor_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeDebitor_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.debitor after insert on hs_office.debitor
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeDebitor_tf(); execute procedure hs_office.debitor_build_rbac_system_after_insert_tf();
--// --//
@ -92,7 +92,7 @@ execute procedure hs_office.insertTriggerForHsOfficeDebitor_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesForHsOfficeDebitor( create or replace procedure hs_office.debitor_update_rbac_system(
OLD hs_office.debitor, OLD hs_office.debitor,
NEW hs_office.debitor NEW hs_office.debitor
) )
@ -102,27 +102,27 @@ begin
if NEW.debitorRelUuid is distinct from OLD.debitorRelUuid if NEW.debitorRelUuid is distinct from OLD.debitorRelUuid
or NEW.refundBankAccountUuid is distinct from OLD.refundBankAccountUuid then or NEW.refundBankAccountUuid is distinct from OLD.refundBankAccountUuid then
delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid; delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid;
call buildRbacSystemForHsOfficeDebitor(NEW); call hs_office.debitor_build_rbac_system(NEW);
end if; end if;
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new hs_office.debitor row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_office.debitor row.
*/ */
create or replace function hs_office.updateTriggerForHsOfficeDebitor_tf() create or replace function hs_office.debitor_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesForHsOfficeDebitor(OLD, NEW); call hs_office.debitor_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerForHsOfficeDebitor_tg create trigger update_rbac_system_after_update_tg
after update on hs_office.debitor after update on hs_office.debitor
for each row for each row
execute procedure hs_office.updateTriggerForHsOfficeDebitor_tf(); execute procedure hs_office.debitor_update_rbac_system_after_update_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeSepaMandate', 'hs_office.sepamand
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeSepaMandate( create or replace procedure hs_office.sepamandate_build_rbac_system(
NEW hs_office.sepamandate NEW hs_office.sepamandate
) )
language plpgsql as $$ language plpgsql as $$
@ -85,19 +85,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.sepamandate row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.sepamandate row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeSepaMandate_tf() create or replace function hs_office.sepamandate_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeSepaMandate(NEW); call hs_office.sepamandate_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeSepaMandate_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.sepamandate after insert on hs_office.sepamandate
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeSepaMandate_tf(); execute procedure hs_office.sepamandate_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeMembership', 'hs_office.membershi
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeMembership( create or replace procedure hs_office.membership_build_rbac_system(
NEW hs_office.membership NEW hs_office.membership
) )
language plpgsql as $$ language plpgsql as $$
@ -72,19 +72,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.membership row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.membership row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeMembership_tf() create or replace function hs_office.membership_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeMembership(NEW); call hs_office.membership_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeMembership_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.membership after insert on hs_office.membership
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeMembership_tf(); execute procedure hs_office.membership_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeCoopSharesTransaction', 'hs_offic
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeCoopSharesTransaction( create or replace procedure hs_office.coopsharestransaction_build_rbac_system(
NEW hs_office.coopsharestransaction NEW hs_office.coopsharestransaction
) )
language plpgsql as $$ language plpgsql as $$
@ -48,19 +48,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopsharestransaction row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopsharestransaction row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeCoopSharesTransaction_tf() create or replace function hs_office.coopsharestransaction_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeCoopSharesTransaction(NEW); call hs_office.coopsharestransaction_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeCoopSharesTransaction_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.coopsharestransaction after insert on hs_office.coopsharestransaction
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeCoopSharesTransaction_tf(); execute procedure hs_office.coopsharestransaction_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsOfficeCoopAssetsTransaction', 'hs_offic
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsOfficeCoopAssetsTransaction( create or replace procedure hs_office.coopassetstransaction_build_rbac_system(
NEW hs_office.coopassetstransaction NEW hs_office.coopassetstransaction
) )
language plpgsql as $$ language plpgsql as $$
@ -48,19 +48,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopassetstransaction row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_office.coopassetstransaction row.
*/ */
create or replace function hs_office.insertTriggerForHsOfficeCoopAssetsTransaction_tf() create or replace function hs_office.coopassetstransaction_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsOfficeCoopAssetsTransaction(NEW); call hs_office.coopassetstransaction_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsOfficeCoopAssetsTransaction_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_office.coopassetstransaction after insert on hs_office.coopassetstransaction
for each row for each row
execute procedure hs_office.insertTriggerForHsOfficeCoopAssetsTransaction_tf(); execute procedure hs_office.coopassetstransaction_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsBookingProject', 'hs_booking_project');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsBookingProject( create or replace procedure hs_booking_project_build_rbac_system(
NEW hs_booking_project NEW hs_booking_project
) )
language plpgsql as $$ language plpgsql as $$
@ -79,19 +79,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_booking_project row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_booking_project row.
*/ */
create or replace function insertTriggerForHsBookingProject_tf() create or replace function hs_booking_project_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsBookingProject(NEW); call hs_booking_project_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsBookingProject_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_booking_project after insert on hs_booking_project
for each row for each row
execute procedure insertTriggerForHsBookingProject_tf(); execute procedure hs_booking_project_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsBookingItem', 'hs_booking_item');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsBookingItem( create or replace procedure hs_booking_item_build_rbac_system(
NEW hs_booking_item NEW hs_booking_item
) )
language plpgsql as $$ language plpgsql as $$
@ -78,19 +78,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_booking_item row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_booking_item row.
*/ */
create or replace function insertTriggerForHsBookingItem_tf() create or replace function hs_booking_item_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsBookingItem(NEW); call hs_booking_item_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsBookingItem_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_booking_item after insert on hs_booking_item
for each row for each row
execute procedure insertTriggerForHsBookingItem_tf(); execute procedure hs_booking_item_build_rbac_system_after_insert_tf();
--// --//

View File

@ -24,7 +24,7 @@ call rbac.generateRbacRoleDescriptors('hsHostingAsset', 'hs_hosting_asset');
Creates the roles, grants and permission for the AFTER INSERT TRIGGER. Creates the roles, grants and permission for the AFTER INSERT TRIGGER.
*/ */
create or replace procedure buildRbacSystemForHsHostingAsset( create or replace procedure hs_hosting_asset_build_rbac_system(
NEW hs_hosting_asset NEW hs_hosting_asset
) )
language plpgsql as $$ language plpgsql as $$
@ -96,19 +96,19 @@ end; $$;
AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting_asset row. AFTER INSERT TRIGGER to create the role+grant structure for a new hs_hosting_asset row.
*/ */
create or replace function insertTriggerForHsHostingAsset_tf() create or replace function hs_hosting_asset_build_rbac_system_after_insert_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call buildRbacSystemForHsHostingAsset(NEW); call hs_hosting_asset_build_rbac_system(NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger insertTriggerForHsHostingAsset_tg create trigger build_rbac_system_after_insert_tg
after insert on hs_hosting_asset after insert on hs_hosting_asset
for each row for each row
execute procedure insertTriggerForHsHostingAsset_tf(); execute procedure hs_hosting_asset_build_rbac_system_after_insert_tf();
--// --//
@ -120,7 +120,7 @@ execute procedure insertTriggerForHsHostingAsset_tf();
Called from the AFTER UPDATE TRIGGER to re-wire the grants. Called from the AFTER UPDATE TRIGGER to re-wire the grants.
*/ */
create or replace procedure updateRbacRulesForHsHostingAsset( create or replace procedure hs_hosting_asset_update_rbac_system(
OLD hs_hosting_asset, OLD hs_hosting_asset,
NEW hs_hosting_asset NEW hs_hosting_asset
) )
@ -130,27 +130,27 @@ begin
if NEW.assignedToAssetUuid is distinct from OLD.assignedToAssetUuid if NEW.assignedToAssetUuid is distinct from OLD.assignedToAssetUuid
or NEW.alarmContactUuid is distinct from OLD.alarmContactUuid then or NEW.alarmContactUuid is distinct from OLD.alarmContactUuid then
delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid; delete from rbac.grants g where g.grantedbytriggerof = OLD.uuid;
call buildRbacSystemForHsHostingAsset(NEW); call hs_hosting_asset_build_rbac_system(NEW);
end if; end if;
end; $$; end; $$;
/* /*
AFTER INSERT TRIGGER to re-wire the grant structure for a new hs_hosting_asset row. AFTER UPDATE TRIGGER to re-wire the grant structure for a new hs_hosting_asset row.
*/ */
create or replace function updateTriggerForHsHostingAsset_tf() create or replace function hs_hosting_asset_update_rbac_system_after_update_tf()
returns trigger returns trigger
language plpgsql language plpgsql
strict as $$ strict as $$
begin begin
call updateRbacRulesForHsHostingAsset(OLD, NEW); call hs_hosting_asset_update_rbac_system(OLD, NEW);
return NEW; return NEW;
end; $$; end; $$;
create trigger updateTriggerForHsHostingAsset_tg create trigger update_rbac_system_after_update_tg
after update on hs_hosting_asset after update on hs_hosting_asset
for each row for each row
execute procedure updateTriggerForHsHostingAsset_tf(); execute procedure hs_hosting_asset_update_rbac_system_after_update_tf();
--// --//