fix RbacOp check

src/main/resources/db/changelog/050-rbac-base.sql

@@ -357,25 +357,23 @@ create trigger deleteRbacRolesOfRbacObject_Trigger
 
  */
 create domain RbacOp as varchar(67) -- TODO: shorten to 8, once the deprecated values are gone
--- FIXME:
+    check (
---     check (
+               VALUE = 'DELETE'
---                VALUE = 'DELETE'
+            or VALUE = 'UPDATE'
---             or VALUE = 'UPDATE'
+            or VALUE = 'SELECT'
---             or VALUE = 'SELECT'
+            or VALUE = 'INSERT'
---             or VALUE = 'INSERT'
+            or VALUE = 'ASSUME'
---             or VALUE = 'ASSUME'
+            -- TODO: all values below are deprecated, use insert with table
---              -- TODO: all values below are deprecated, use insert with table
+            or VALUE ~ '^add-[a-z]+$'
---             or VALUE ~ '^add-[a-z]+$'
+            or VALUE ~ '^new-[a-z-]+$'
---             or VALUE ~ '^new-[a-z-]+$'
+        );
---         )
-;
 
 create table RbacPermission
 (
     uuid        uuid primary key references RbacReference (uuid) on delete cascade,
     objectUuid  uuid not null references RbacObject,
     op          RbacOp not null,
-    opTableName RbacOp,
+    opTableName varchar(60),
     unique (objectUuid, op)
 );