hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

fix issues from code-review

Browse Source
This commit is contained in:
Michael Hoennig 2024-03-28 12:04:51 +01:00
parent 9997563883
commit cfb3c6d8b4
3 changed files with 8 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/resources/api-definition/rbac/rbac-grant-schemas.yaml
View File

@ -8,7 +8,7 @@ components:
properties: properties:
grantedByRoleIdName: grantedByRoleIdName:
type: string type: string
userGrantsByRoleUuid: grantedByRoleUuid:
type: string type: string
format: uuid format: uuid
assumed: assumed:

24
src/main/resources/db/changelog/010-context.sql
View File

@ -87,11 +87,11 @@ end; $$;
Raises exception if not set. Raises exception if not set.
*/ */
create or replace function currentRequest() create or replace function currentRequest()
returns varchar(512) returns text
stable -- leakproof stable -- leakproof
language plpgsql as $$ language plpgsql as $$
declare declare
currentRequest varchar(512); currentRequest text;
begin begin
begin begin
currentRequest := current_setting('hsadminng.currentRequest'); currentRequest := current_setting('hsadminng.currentRequest');
@ -138,20 +138,8 @@ create or replace function assumedRoles()
returns varchar(1023)[] returns varchar(1023)[]
stable -- leakproof stable -- leakproof
language plpgsql as $$ language plpgsql as $$
declare
currentSubject varchar(1023);
begin begin
begin return string_to_array(current_setting('hsadminng.assumedRoles', true), ';');
currentSubject := current_setting('hsadminng.assumedRoles');
exception
when undefined_object then
return array ['error']::varchar[];
end;
if (currentSubject = '') then
return array ['empty']::varchar[];
end if;
return string_to_array(currentSubject, ';');
end; $$; end; $$;
create or replace function cleanIdentifier(rawIdentifier varchar) create or replace function cleanIdentifier(rawIdentifier varchar)
@ -220,17 +208,17 @@ begin
end ; $$; end ; $$;
create or replace function currentSubjects() create or replace function currentSubjects()
returns varchar(127)[] returns varchar(1023)[]
stable -- leakproof stable -- leakproof
language plpgsql as $$ language plpgsql as $$
declare declare
assumedRoles varchar(127)[]; assumedRoles varchar(1023)[];
begin begin
assumedRoles := assumedRoles(); assumedRoles := assumedRoles();
if array_length(assumedRoles, 1) > 0 then if array_length(assumedRoles, 1) > 0 then
return assumedRoles; return assumedRoles;
else else
return array [currentUser()]::varchar(127)[]; return array [currentUser()]::varchar(1023)[];
end if; end if;
end; $$; end; $$;

2
src/main/resources/db/changelog/020-audit-log.sql
View File

@ -29,7 +29,7 @@ create table tx_context
currentUser varchar(63) not null, -- not the uuid, because users can be deleted currentUser varchar(63) not null, -- not the uuid, because users can be deleted
assumedRoles varchar(1023) not null, -- not the uuids, because roles can be deleted assumedRoles varchar(1023) not null, -- not the uuids, because roles can be deleted
currentTask varchar(96) not null, currentTask varchar(96) not null,
currentRequest text not null currentRequest text not null
); );
create index on tx_context using brin (txTimestamp); create index on tx_context using brin (txTimestamp);