fix RbacOp check

2024-03-08 18:00:40 +01:00 · 2024-03-08 18:00:40 +01:00 · d71d0215ec
commit d71d0215ec
parent c2ad5a7e28
1 changed files with 11 additions and 13 deletions
--- a/src/main/resources/db/changelog/050-rbac-base.sql
+++ b/src/main/resources/db/changelog/050-rbac-base.sql
@ -357,25 +357,23 @@ create trigger deleteRbacRolesOfRbacObject_Trigger

 */
 create domain RbacOp as varchar(67) -- TODO: shorten to 8, once the deprecated values are gone
-- FIXME:
--     check (
--                VALUE = 'DELETE'
--             or VALUE = 'UPDATE'
--             or VALUE = 'SELECT'
--             or VALUE = 'INSERT'
--             or VALUE = 'ASSUME'
--              -- TODO: all values below are deprecated, use insert with table
--             or VALUE ~ '^add-[a-z]+$'
--             or VALUE ~ '^new-[a-z-]+$'
--         )
-;
+    check (
+               VALUE = 'DELETE'
+            or VALUE = 'UPDATE'
+            or VALUE = 'SELECT'
+            or VALUE = 'INSERT'
+            or VALUE = 'ASSUME'
+            -- TODO: all values below are deprecated, use insert with table
+            or VALUE ~ '^add-[a-z]+$'
+            or VALUE ~ '^new-[a-z-]+$'
+        );

 create table RbacPermission
 (
    uuid        uuid primary key references RbacReference (uuid) on delete cascade,
    objectUuid  uuid not null references RbacObject,
    op          RbacOp not null,
-    opTableName RbacOp,
+    opTableName varchar(60),
    unique (objectUuid, op)
 );