fix issues from code-review

This commit is contained in:
Michael Hoennig 2024-03-28 12:04:51 +01:00
parent 9997563883
commit cfb3c6d8b4
3 changed files with 8 additions and 20 deletions

View File

@ -8,7 +8,7 @@ components:
properties:
grantedByRoleIdName:
type: string
userGrantsByRoleUuid:
grantedByRoleUuid:
type: string
format: uuid
assumed:

View File

@ -87,11 +87,11 @@ end; $$;
Raises exception if not set.
*/
create or replace function currentRequest()
returns varchar(512)
returns text
stable -- leakproof
language plpgsql as $$
declare
currentRequest varchar(512);
currentRequest text;
begin
begin
currentRequest := current_setting('hsadminng.currentRequest');
@ -138,20 +138,8 @@ create or replace function assumedRoles()
returns varchar(1023)[]
stable -- leakproof
language plpgsql as $$
declare
currentSubject varchar(1023);
begin
begin
currentSubject := current_setting('hsadminng.assumedRoles');
exception
when undefined_object then
return array ['error']::varchar[];
end;
if (currentSubject = '') then
return array ['empty']::varchar[];
end if;
return string_to_array(currentSubject, ';');
return string_to_array(current_setting('hsadminng.assumedRoles', true), ';');
end; $$;
create or replace function cleanIdentifier(rawIdentifier varchar)
@ -220,17 +208,17 @@ begin
end ; $$;
create or replace function currentSubjects()
returns varchar(127)[]
returns varchar(1023)[]
stable -- leakproof
language plpgsql as $$
declare
assumedRoles varchar(127)[];
assumedRoles varchar(1023)[];
begin
assumedRoles := assumedRoles();
if array_length(assumedRoles, 1) > 0 then
return assumedRoles;
else
return array [currentUser()]::varchar(127)[];
return array [currentUser()]::varchar(1023)[];
end if;
end; $$;

View File

@ -29,7 +29,7 @@ create table tx_context
currentUser varchar(63) not null, -- not the uuid, because users can be deleted
assumedRoles varchar(1023) not null, -- not the uuids, because roles can be deleted
currentTask varchar(96) not null,
currentRequest text not null
currentRequest text not null
);
create index on tx_context using brin (txTimestamp);