rbac schema in 1056-rbac-trigger-context.sql

This commit is contained in:
Michael Hoennig 2024-09-13 17:31:08 +02:00
parent cb49292871
commit 9b80d8ac80
21 changed files with 53 additions and 53 deletions

View File

@ -83,11 +83,11 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn(); plPgSql.writeLn();
plPgSql.writeLn("begin"); plPgSql.writeLn("begin");
plPgSql.indented(() -> { plPgSql.indented(() -> {
plPgSql.writeLn("call enterTriggerForObjectUuid(NEW.uuid);"); plPgSql.writeLn("call rbac.enterTriggerForObjectUuid(NEW.uuid);");
plPgSql.writeLn(); plPgSql.writeLn();
generateCreateRolesAndGrantsAfterInsert(plPgSql); generateCreateRolesAndGrantsAfterInsert(plPgSql);
plPgSql.ensureSingleEmptyLine(); plPgSql.ensureSingleEmptyLine();
plPgSql.writeLn("call leaveTriggerForObjectUuid(NEW.uuid);"); plPgSql.writeLn("call rbac.leaveTriggerForObjectUuid(NEW.uuid);");
}); });
plPgSql.writeLn("end; $$;"); plPgSql.writeLn("end; $$;");
plPgSql.writeLn(); plPgSql.writeLn();
@ -153,11 +153,11 @@ class RolesGrantsAndPermissionsGenerator {
plPgSql.writeLn(); plPgSql.writeLn();
plPgSql.writeLn("begin"); plPgSql.writeLn("begin");
plPgSql.indented(() -> { plPgSql.indented(() -> {
plPgSql.writeLn("call enterTriggerForObjectUuid(NEW.uuid);"); plPgSql.writeLn("call rbac.enterTriggerForObjectUuid(NEW.uuid);");
plPgSql.writeLn(); plPgSql.writeLn();
generateUpdateRolesAndGrantsAfterUpdate(plPgSql); generateUpdateRolesAndGrantsAfterUpdate(plPgSql);
plPgSql.ensureSingleEmptyLine(); plPgSql.ensureSingleEmptyLine();
plPgSql.writeLn("call leaveTriggerForObjectUuid(NEW.uuid);"); plPgSql.writeLn("call rbac.leaveTriggerForObjectUuid(NEW.uuid);");
}); });
plPgSql.writeLn("end; $$;"); plPgSql.writeLn("end; $$;");
plPgSql.writeLn(); plPgSql.writeLn();

View File

@ -596,7 +596,7 @@ begin
insert insert
into RbacGrants (grantedByTriggerOf, ascendantUuid, descendantUuid, assumed) into RbacGrants (grantedByTriggerOf, ascendantUuid, descendantUuid, assumed)
values (currentTriggerObjectUuid(), roleUuid, permissionUuid, true) values (rbac.currentTriggerObjectUuid(), roleUuid, permissionUuid, true)
on conflict do nothing; -- allow granting multiple times on conflict do nothing; -- allow granting multiple times
end; end;
$$; $$;
@ -620,7 +620,7 @@ begin
insert insert
into RbacGrants (grantedByTriggerOf, ascendantuuid, descendantUuid, assumed) into RbacGrants (grantedByTriggerOf, ascendantuuid, descendantUuid, assumed)
values (currentTriggerObjectUuid(), superRoleId, subRoleId, doAssume) values (rbac.currentTriggerObjectUuid(), superRoleId, subRoleId, doAssume)
on conflict do nothing; -- allow granting multiple times on conflict do nothing; -- allow granting multiple times
end; $$; end; $$;
@ -648,7 +648,7 @@ begin
insert insert
into RbacGrants (grantedByTriggerOf, ascendantuuid, descendantUuid, assumed) into RbacGrants (grantedByTriggerOf, ascendantuuid, descendantUuid, assumed)
values (currentTriggerObjectUuid(), superRoleId, subRoleId, doAssume) values (rbac.currentTriggerObjectUuid(), superRoleId, subRoleId, doAssume)
on conflict do nothing; -- allow granting multiple times on conflict do nothing; -- allow granting multiple times
end; $$; end; $$;

View File

@ -5,7 +5,7 @@
--changeset rbac-trigger-context-ENTER:1 endDelimiter:--// --changeset rbac-trigger-context-ENTER:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create or replace procedure enterTriggerForObjectUuid(currentObjectUuid uuid) create or replace procedure rbac.enterTriggerForObjectUuid(currentObjectUuid uuid)
language plpgsql as $$ language plpgsql as $$
declare declare
existingObjectUuid text; existingObjectUuid text;
@ -22,10 +22,10 @@ end; $$;
--changeset rbac-trigger-context-CURRENT-ID:1 endDelimiter:--// --changeset rbac-trigger-context-CURRENT-ID:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
/* /*
Returns the uuid of the object uuid whose trigger is currently executed as set via `enterTriggerForObjectUuid(...)`. Returns the uuid of the object uuid whose trigger is currently executed as set via `rbac.enterTriggerForObjectUuid(...)`.
*/ */
create or replace function currentTriggerObjectUuid() create or replace function rbac.currentTriggerObjectUuid()
returns uuid returns uuid
stable -- leakproof stable -- leakproof
language plpgsql as $$ language plpgsql as $$
@ -47,7 +47,7 @@ end; $$;
--changeset rbac-trigger-context-LEAVE:1 endDelimiter:--// --changeset rbac-trigger-context-LEAVE:1 endDelimiter:--//
-- ---------------------------------------------------------------------------- -- ----------------------------------------------------------------------------
create or replace procedure leaveTriggerForObjectUuid(currentObjectUuid uuid) create or replace procedure rbac.leaveTriggerForObjectUuid(currentObjectUuid uuid)
language plpgsql as $$ language plpgsql as $$
declare declare
existingObjectUuid uuid; existingObjectUuid uuid;

View File

@ -32,7 +32,7 @@ create or replace procedure buildRbacSystemForTestCustomer(
declare declare
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
perform createRoleWithGrants( perform createRoleWithGrants(
testCustomerOWNER(NEW), testCustomerOWNER(NEW),
@ -53,7 +53,7 @@ begin
incomingSuperRoles => array[testCustomerADMIN(NEW)] incomingSuperRoles => array[testCustomerADMIN(NEW)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -33,7 +33,7 @@ declare
newCustomer test_customer; newCustomer test_customer;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM test_customer WHERE uuid = NEW.customerUuid INTO newCustomer; SELECT * FROM test_customer WHERE uuid = NEW.customerUuid INTO newCustomer;
assert newCustomer.uuid is not null, format('newCustomer must not be null for NEW.customerUuid = %s', NEW.customerUuid); assert newCustomer.uuid is not null, format('newCustomer must not be null for NEW.customerUuid = %s', NEW.customerUuid);
@ -57,7 +57,7 @@ begin
outgoingSubRoles => array[testCustomerTENANT(newCustomer)] outgoingSubRoles => array[testCustomerTENANT(newCustomer)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*
@ -99,7 +99,7 @@ declare
newCustomer test_customer; newCustomer test_customer;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM test_customer WHERE uuid = OLD.customerUuid INTO oldCustomer; SELECT * FROM test_customer WHERE uuid = OLD.customerUuid INTO oldCustomer;
assert oldCustomer.uuid is not null, format('oldCustomer must not be null for OLD.customerUuid = %s', OLD.customerUuid); assert oldCustomer.uuid is not null, format('oldCustomer must not be null for OLD.customerUuid = %s', OLD.customerUuid);
@ -118,7 +118,7 @@ begin
end if; end if;
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -33,7 +33,7 @@ declare
newPackage test_package; newPackage test_package;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM test_package WHERE uuid = NEW.packageUuid INTO newPackage; SELECT * FROM test_package WHERE uuid = NEW.packageUuid INTO newPackage;
assert newPackage.uuid is not null, format('newPackage must not be null for NEW.packageUuid = %s', NEW.packageUuid); assert newPackage.uuid is not null, format('newPackage must not be null for NEW.packageUuid = %s', NEW.packageUuid);
@ -53,7 +53,7 @@ begin
outgoingSubRoles => array[testPackageTENANT(newPackage)] outgoingSubRoles => array[testPackageTENANT(newPackage)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*
@ -95,7 +95,7 @@ declare
newPackage test_package; newPackage test_package;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM test_package WHERE uuid = OLD.packageUuid INTO oldPackage; SELECT * FROM test_package WHERE uuid = OLD.packageUuid INTO oldPackage;
assert oldPackage.uuid is not null, format('oldPackage must not be null for OLD.packageUuid = %s', OLD.packageUuid); assert oldPackage.uuid is not null, format('oldPackage must not be null for OLD.packageUuid = %s', OLD.packageUuid);
@ -117,7 +117,7 @@ begin
end if; end if;
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -32,7 +32,7 @@ create or replace procedure buildRbacSystemForHsOfficeContact(
declare declare
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
perform createRoleWithGrants( perform createRoleWithGrants(
hsOfficeContactOWNER(NEW), hsOfficeContactOWNER(NEW),
@ -53,7 +53,7 @@ begin
incomingSuperRoles => array[hsOfficeContactADMIN(NEW)] incomingSuperRoles => array[hsOfficeContactADMIN(NEW)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -32,7 +32,7 @@ create or replace procedure buildRbacSystemForHsOfficePerson(
declare declare
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
perform createRoleWithGrants( perform createRoleWithGrants(
hsOfficePersonOWNER(NEW), hsOfficePersonOWNER(NEW),
@ -53,7 +53,7 @@ begin
incomingSuperRoles => array[hsOfficePersonADMIN(NEW)] incomingSuperRoles => array[hsOfficePersonADMIN(NEW)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -35,7 +35,7 @@ declare
newContact hs_office_contact; newContact hs_office_contact;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_person WHERE uuid = NEW.holderUuid INTO newHolderPerson; SELECT * FROM hs_office_person WHERE uuid = NEW.holderUuid INTO newHolderPerson;
assert newHolderPerson.uuid is not null, format('newHolderPerson must not be null for NEW.holderUuid = %s', NEW.holderUuid); assert newHolderPerson.uuid is not null, format('newHolderPerson must not be null for NEW.holderUuid = %s', NEW.holderUuid);
@ -86,7 +86,7 @@ begin
call grantRoleToRole(hsOfficeRelationOWNER(NEW), hsOfficePersonADMIN(newAnchorPerson)); call grantRoleToRole(hsOfficeRelationOWNER(NEW), hsOfficePersonADMIN(newAnchorPerson));
END IF; END IF;
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -34,7 +34,7 @@ declare
newPartnerDetails hs_office_partner_details; newPartnerDetails hs_office_partner_details;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_relation WHERE uuid = NEW.partnerRelUuid INTO newPartnerRel; SELECT * FROM hs_office_relation WHERE uuid = NEW.partnerRelUuid INTO newPartnerRel;
assert newPartnerRel.uuid is not null, format('newPartnerRel must not be null for NEW.partnerRelUuid = %s', NEW.partnerRelUuid); assert newPartnerRel.uuid is not null, format('newPartnerRel must not be null for NEW.partnerRelUuid = %s', NEW.partnerRelUuid);
@ -49,7 +49,7 @@ begin
call grantPermissionToRole(createPermission(newPartnerDetails.uuid, 'SELECT'), hsOfficeRelationAGENT(newPartnerRel)); call grantPermissionToRole(createPermission(newPartnerDetails.uuid, 'SELECT'), hsOfficeRelationAGENT(newPartnerRel));
call grantPermissionToRole(createPermission(newPartnerDetails.uuid, 'UPDATE'), hsOfficeRelationAGENT(newPartnerRel)); call grantPermissionToRole(createPermission(newPartnerDetails.uuid, 'UPDATE'), hsOfficeRelationAGENT(newPartnerRel));
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*
@ -93,7 +93,7 @@ declare
newPartnerDetails hs_office_partner_details; newPartnerDetails hs_office_partner_details;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_relation WHERE uuid = OLD.partnerRelUuid INTO oldPartnerRel; SELECT * FROM hs_office_relation WHERE uuid = OLD.partnerRelUuid INTO oldPartnerRel;
assert oldPartnerRel.uuid is not null, format('oldPartnerRel must not be null for OLD.partnerRelUuid = %s', OLD.partnerRelUuid); assert oldPartnerRel.uuid is not null, format('oldPartnerRel must not be null for OLD.partnerRelUuid = %s', OLD.partnerRelUuid);
@ -130,7 +130,7 @@ begin
end if; end if;
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -32,9 +32,9 @@ create or replace procedure buildRbacSystemForHsOfficePartnerDetails(
declare declare
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -32,7 +32,7 @@ create or replace procedure buildRbacSystemForHsOfficeBankAccount(
declare declare
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
perform createRoleWithGrants( perform createRoleWithGrants(
hsOfficeBankAccountOWNER(NEW), hsOfficeBankAccountOWNER(NEW),
@ -53,7 +53,7 @@ begin
incomingSuperRoles => array[hsOfficeBankAccountADMIN(NEW)] incomingSuperRoles => array[hsOfficeBankAccountADMIN(NEW)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -35,7 +35,7 @@ declare
newRefundBankAccount hs_office_bankaccount; newRefundBankAccount hs_office_bankaccount;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT partnerRel.* SELECT partnerRel.*
FROM hs_office_relation AS partnerRel FROM hs_office_relation AS partnerRel
@ -61,7 +61,7 @@ begin
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeRelationTENANT(newDebitorRel)); call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeRelationTENANT(newDebitorRel));
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeRelationADMIN(newDebitorRel)); call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeRelationADMIN(newDebitorRel));
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -34,7 +34,7 @@ declare
newDebitorRel hs_office_relation; newDebitorRel hs_office_relation;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_bankaccount WHERE uuid = NEW.bankAccountUuid INTO newBankAccount; SELECT * FROM hs_office_bankaccount WHERE uuid = NEW.bankAccountUuid INTO newBankAccount;
assert newBankAccount.uuid is not null, format('newBankAccount must not be null for NEW.bankAccountUuid = %s', NEW.bankAccountUuid); assert newBankAccount.uuid is not null, format('newBankAccount must not be null for NEW.bankAccountUuid = %s', NEW.bankAccountUuid);
@ -78,7 +78,7 @@ begin
outgoingSubRoles => array[hsOfficeRelationTENANT(newDebitorRel)] outgoingSubRoles => array[hsOfficeRelationTENANT(newDebitorRel)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -33,7 +33,7 @@ declare
newPartnerRel hs_office_relation; newPartnerRel hs_office_relation;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT partnerRel.* SELECT partnerRel.*
FROM hs_office_partner AS partner FROM hs_office_partner AS partner
@ -65,7 +65,7 @@ begin
outgoingSubRoles => array[hsOfficeRelationTENANT(newPartnerRel)] outgoingSubRoles => array[hsOfficeRelationTENANT(newPartnerRel)]
); );
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -33,7 +33,7 @@ declare
newMembership hs_office_membership; newMembership hs_office_membership;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership; SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership;
assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid); assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid);
@ -41,7 +41,7 @@ begin
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipAGENT(newMembership)); call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipAGENT(newMembership));
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership)); call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership));
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -33,7 +33,7 @@ declare
newMembership hs_office_membership; newMembership hs_office_membership;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership; SELECT * FROM hs_office_membership WHERE uuid = NEW.membershipUuid INTO newMembership;
assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid); assert newMembership.uuid is not null, format('newMembership must not be null for NEW.membershipUuid = %s', NEW.membershipUuid);
@ -41,7 +41,7 @@ begin
call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipAGENT(newMembership)); call grantPermissionToRole(createPermission(NEW.uuid, 'SELECT'), hsOfficeMembershipAGENT(newMembership));
call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership)); call grantPermissionToRole(createPermission(NEW.uuid, 'UPDATE'), hsOfficeMembershipADMIN(newMembership));
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -34,7 +34,7 @@ declare
newDebitorRel hs_office_relation; newDebitorRel hs_office_relation;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_office_debitor WHERE uuid = NEW.debitorUuid INTO newDebitor; SELECT * FROM hs_office_debitor WHERE uuid = NEW.debitorUuid INTO newDebitor;
assert newDebitor.uuid is not null, format('newDebitor must not be null for NEW.debitorUuid = %s', NEW.debitorUuid); assert newDebitor.uuid is not null, format('newDebitor must not be null for NEW.debitorUuid = %s', NEW.debitorUuid);
@ -72,7 +72,7 @@ begin
call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin()); call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin());
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -34,7 +34,7 @@ declare
newParentItem hs_booking_item; newParentItem hs_booking_item;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_booking_project WHERE uuid = NEW.projectUuid INTO newProject; SELECT * FROM hs_booking_project WHERE uuid = NEW.projectUuid INTO newProject;
@ -71,7 +71,7 @@ begin
call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin()); call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin());
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -34,7 +34,7 @@ declare
newParentItem hs_booking_item; newParentItem hs_booking_item;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_booking_project WHERE uuid = NEW.projectUuid INTO newProject; SELECT * FROM hs_booking_project WHERE uuid = NEW.projectUuid INTO newProject;
@ -71,7 +71,7 @@ begin
call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin()); call grantPermissionToRole(createPermission(NEW.uuid, 'DELETE'), globalAdmin());
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*

View File

@ -36,7 +36,7 @@ declare
newParentAsset hs_hosting_asset; newParentAsset hs_hosting_asset;
begin begin
call enterTriggerForObjectUuid(NEW.uuid); call rbac.enterTriggerForObjectUuid(NEW.uuid);
SELECT * FROM hs_booking_item WHERE uuid = NEW.bookingItemUuid INTO newBookingItem; SELECT * FROM hs_booking_item WHERE uuid = NEW.bookingItemUuid INTO newBookingItem;
@ -89,7 +89,7 @@ begin
IF NEW.type = 'DOMAIN_SETUP' THEN IF NEW.type = 'DOMAIN_SETUP' THEN
END IF; END IF;
call leaveTriggerForObjectUuid(NEW.uuid); call rbac.leaveTriggerForObjectUuid(NEW.uuid);
end; $$; end; $$;
/* /*