get rid of fixme, fix or amend to todo
This commit is contained in:
parent
8f080f407d
commit
86bdeaabe3
@ -161,7 +161,8 @@ public class InsertTriggerGenerator {
|
||||
Checks if the user or assumed roles are allowed to insert a row to ${rawSubTable},
|
||||
where the check is performed by an indirect role.
|
||||
|
||||
An indirect role is a role FIXME.
|
||||
An indirect role is a role which depends on an object uuid which is not a direct foreign key
|
||||
of the source entity, but needs to be fetched via joined tables.
|
||||
*/
|
||||
create or replace function ${rawSubTable}_insert_permission_check_tf()
|
||||
returns trigger
|
||||
|
@ -71,10 +71,6 @@ public class RbacGrantsDiagramService {
|
||||
private void traverseGrantsTo(final Set<RawRbacGrantEntity> graph, final UUID refUuid, final EnumSet<Include> includes) {
|
||||
final var grants = rawGrantRepo.findByAscendingUuid(refUuid);
|
||||
grants.forEach(g -> {
|
||||
if ( g.getDescendantIdName() == null ) {
|
||||
// FIXME: what's that?
|
||||
return;
|
||||
}
|
||||
if (!includes.contains(PERMISSIONS) && g.getDescendantIdName().startsWith("perm ")) {
|
||||
return;
|
||||
}
|
||||
|
@ -691,7 +691,7 @@ declare
|
||||
superRoleId uuid;
|
||||
subRoleId uuid;
|
||||
begin
|
||||
-- FIXME: maybe separate method grantRoleToRoleIfNotNull(...)?
|
||||
-- TODO: maybe separate method grantRoleToRoleIfNotNull(...) for NULLABLE references
|
||||
if superRole.objectUuid is null or subRole.objectuuid is null then
|
||||
return;
|
||||
end if;
|
||||
|
@ -60,7 +60,7 @@ begin
|
||||
if cardinality(userUuids) > 0 then
|
||||
-- direct grants to users need a grantedByRole which can revoke the grant
|
||||
if grantedByRole is null then
|
||||
userGrantsByRoleUuid := roleUuid; -- FIXME: or do we want to require an explicit userGrantsByRoleUuid?
|
||||
userGrantsByRoleUuid := roleUuid; -- TODO: or do we want to require an explicit userGrantsByRoleUuid?
|
||||
else
|
||||
userGrantsByRoleUuid := getRoleId(grantedByRole);
|
||||
end if;
|
||||
|
@ -149,7 +149,8 @@ execute procedure hs_office_sepamandate_hs_office_relation_insert_tf();
|
||||
Checks if the user or assumed roles are allowed to insert a row to hs_office_sepamandate,
|
||||
where the check is performed by an indirect role.
|
||||
|
||||
An indirect role is a role FIXME.
|
||||
An indirect role is a role which depends on an object uuid which is not a direct foreign key
|
||||
of the source entity, but needs to be fetched via joined tables.
|
||||
*/
|
||||
create or replace function hs_office_sepamandate_insert_permission_check_tf()
|
||||
returns trigger
|
||||
|
@ -136,7 +136,8 @@ execute procedure hs_office_membership_hs_office_relation_insert_tf();
|
||||
Checks if the user or assumed roles are allowed to insert a row to hs_office_membership,
|
||||
where the check is performed by an indirect role.
|
||||
|
||||
An indirect role is a role FIXME.
|
||||
An indirect role is a role which depends on an object uuid which is not a direct foreign key
|
||||
of the source entity, but needs to be fetched via joined tables.
|
||||
*/
|
||||
create or replace function hs_office_membership_insert_permission_check_tf()
|
||||
returns trigger
|
||||
|
Loading…
Reference in New Issue
Block a user