diff --git a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java index 7b8aae8d..64d14ed6 100644 --- a/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java +++ b/src/main/java/net/hostsharing/hsadminng/rbac/rbacdef/RolesGrantsAndPermissionsGenerator.java @@ -40,7 +40,7 @@ class RolesGrantsAndPermissionsGenerator { void generateTo(final StringWriter plPgSql) { generateHeader(plPgSql); generateTriggerFunction(plPgSql); - generageInsertTrigger(plPgSql); + generateInsertTrigger(plPgSql); generateFooter(plPgSql); } @@ -56,16 +56,19 @@ class RolesGrantsAndPermissionsGenerator { private void generateTriggerFunction(final StringWriter plPgSql) { plPgSql.writeLn(""" /* - Creates the roles, grants and permission for the AFTER INSERT TRIGGER. + A Creates the roles, grants and permission for the AFTER INSERT TRIGGER. */ - create or replace function createRbacRolesFor${simpleEntityName}() - returns trigger - language plpgsql - strict as $$ + create or replace procedure createRbacRolesFor${simpleEntityName}( + TG_OP text, + OLD ${rawTableName}, + NEW ${rawTableName} + ) + language plpgsql as $$ declare """ - .replace("${simpleEntityName}", simpleEntityName)); + .replace("${simpleEntityName}", simpleEntityName) + .replace("${rawTableName}", rawTableName)); plPgSql.indented(() -> { rbacDef.getEntityAliases().values().stream() @@ -101,8 +104,6 @@ class RolesGrantsAndPermissionsGenerator { generateGrants(plPgSql, ROLE_TO_USER); generateGrants(plPgSql, ROLE_TO_ROLE); generateGrants(plPgSql, PERM_TO_ROLE); - - plPgSql.writeLn("return NEW;"); }); plPgSql.writeLn("end; $$;"); @@ -280,17 +281,26 @@ class RolesGrantsAndPermissionsGenerator { .collect(toSet()); } - private void generageInsertTrigger(final StringWriter plPgSql) { + private void generateInsertTrigger(final StringWriter plPgSql) { plPgSql.writeLn(""" /* An AFTER INSERT TRIGGER which creates the role structure for a new ${simpleEntityName} */ - create trigger createRbacRolesFor${simpleEntityName}_Trigger + create or replace function createRbacRolesFor${simpleEntityName}_tf() + returns trigger + language plpgsql + strict as $$ + begin + call createRbacRolesFor${simpleEntityName}(TG_OP, OLD, NEW); + return NEW; + end; $$; + + create trigger createRbacRolesFor${simpleEntityName}_tg after insert on ${rawTableName} for each row - execute procedure createRbacRolesFor${simpleEntityName}(); + execute procedure createRbacRolesFor${simpleEntityName}_tf(); --// """ .replace("${simpleEntityName}", simpleEntityName)