diff --git a/src/main/resources/db/changelog/050-rbac-base.sql b/src/main/resources/db/changelog/050-rbac-base.sql index 4e63700f..e27bd907 100644 --- a/src/main/resources/db/changelog/050-rbac-base.sql +++ b/src/main/resources/db/changelog/050-rbac-base.sql @@ -357,25 +357,23 @@ create trigger deleteRbacRolesOfRbacObject_Trigger */ create domain RbacOp as varchar(67) -- TODO: shorten to 8, once the deprecated values are gone --- FIXME: --- check ( --- VALUE = 'DELETE' --- or VALUE = 'UPDATE' --- or VALUE = 'SELECT' --- or VALUE = 'INSERT' --- or VALUE = 'ASSUME' --- -- TODO: all values below are deprecated, use insert with table --- or VALUE ~ '^add-[a-z]+$' --- or VALUE ~ '^new-[a-z-]+$' --- ) -; + check ( + VALUE = 'DELETE' + or VALUE = 'UPDATE' + or VALUE = 'SELECT' + or VALUE = 'INSERT' + or VALUE = 'ASSUME' + -- TODO: all values below are deprecated, use insert with table + or VALUE ~ '^add-[a-z]+$' + or VALUE ~ '^new-[a-z-]+$' + ); create table RbacPermission ( uuid uuid primary key references RbacReference (uuid) on delete cascade, objectUuid uuid not null references RbacObject, op RbacOp not null, - opTableName RbacOp, + opTableName varchar(60), unique (objectUuid, op) );