get rid of fixme, fix or amend to todo

This commit is contained in:
Michael Hoennig 2024-03-25 19:58:58 +01:00
parent 8f080f407d
commit 86bdeaabe3
6 changed files with 8 additions and 9 deletions

View File

@ -161,7 +161,8 @@ public class InsertTriggerGenerator {
Checks if the user or assumed roles are allowed to insert a row to ${rawSubTable}, Checks if the user or assumed roles are allowed to insert a row to ${rawSubTable},
where the check is performed by an indirect role. where the check is performed by an indirect role.
An indirect role is a role FIXME. An indirect role is a role which depends on an object uuid which is not a direct foreign key
of the source entity, but needs to be fetched via joined tables.
*/ */
create or replace function ${rawSubTable}_insert_permission_check_tf() create or replace function ${rawSubTable}_insert_permission_check_tf()
returns trigger returns trigger

View File

@ -71,10 +71,6 @@ public class RbacGrantsDiagramService {
private void traverseGrantsTo(final Set<RawRbacGrantEntity> graph, final UUID refUuid, final EnumSet<Include> includes) { private void traverseGrantsTo(final Set<RawRbacGrantEntity> graph, final UUID refUuid, final EnumSet<Include> includes) {
final var grants = rawGrantRepo.findByAscendingUuid(refUuid); final var grants = rawGrantRepo.findByAscendingUuid(refUuid);
grants.forEach(g -> { grants.forEach(g -> {
if ( g.getDescendantIdName() == null ) {
// FIXME: what's that?
return;
}
if (!includes.contains(PERMISSIONS) && g.getDescendantIdName().startsWith("perm ")) { if (!includes.contains(PERMISSIONS) && g.getDescendantIdName().startsWith("perm ")) {
return; return;
} }

View File

@ -691,7 +691,7 @@ declare
superRoleId uuid; superRoleId uuid;
subRoleId uuid; subRoleId uuid;
begin begin
-- FIXME: maybe separate method grantRoleToRoleIfNotNull(...)? -- TODO: maybe separate method grantRoleToRoleIfNotNull(...) for NULLABLE references
if superRole.objectUuid is null or subRole.objectuuid is null then if superRole.objectUuid is null or subRole.objectuuid is null then
return; return;
end if; end if;

View File

@ -60,7 +60,7 @@ begin
if cardinality(userUuids) > 0 then if cardinality(userUuids) > 0 then
-- direct grants to users need a grantedByRole which can revoke the grant -- direct grants to users need a grantedByRole which can revoke the grant
if grantedByRole is null then if grantedByRole is null then
userGrantsByRoleUuid := roleUuid; -- FIXME: or do we want to require an explicit userGrantsByRoleUuid? userGrantsByRoleUuid := roleUuid; -- TODO: or do we want to require an explicit userGrantsByRoleUuid?
else else
userGrantsByRoleUuid := getRoleId(grantedByRole); userGrantsByRoleUuid := getRoleId(grantedByRole);
end if; end if;

View File

@ -149,7 +149,8 @@ execute procedure hs_office_sepamandate_hs_office_relation_insert_tf();
Checks if the user or assumed roles are allowed to insert a row to hs_office_sepamandate, Checks if the user or assumed roles are allowed to insert a row to hs_office_sepamandate,
where the check is performed by an indirect role. where the check is performed by an indirect role.
An indirect role is a role FIXME. An indirect role is a role which depends on an object uuid which is not a direct foreign key
of the source entity, but needs to be fetched via joined tables.
*/ */
create or replace function hs_office_sepamandate_insert_permission_check_tf() create or replace function hs_office_sepamandate_insert_permission_check_tf()
returns trigger returns trigger

View File

@ -136,7 +136,8 @@ execute procedure hs_office_membership_hs_office_relation_insert_tf();
Checks if the user or assumed roles are allowed to insert a row to hs_office_membership, Checks if the user or assumed roles are allowed to insert a row to hs_office_membership,
where the check is performed by an indirect role. where the check is performed by an indirect role.
An indirect role is a role FIXME. An indirect role is a role which depends on an object uuid which is not a direct foreign key
of the source entity, but needs to be fetched via joined tables.
*/ */
create or replace function hs_office_membership_insert_permission_check_tf() create or replace function hs_office_membership_insert_permission_check_tf()
returns trigger returns trigger