hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

RBAC-rebuild #140

Merged
hsh-michaelhoennig merged 6 commits from feature/rbac-rebuild into master 2025-01-02 10:02:54 +01:00
Conversation 0 Commits 6 Files Changed 45 +37
1 changed files with 37 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 9a8285e43c - Show all commits

37
src/main/resources/db/changelog/5-hs-office/503-relation/5033-hs-office-relation-rbac.sql
View File

@ -252,3 +252,40 @@ call rbac.generateRbacRestrictedView('hs_office.relation',
$updates$); $updates$);
--// --//
-- ============================================================================
--changeset RbacRestrictedViewGenerator:hs-office-relation-rbac-rebuild endDelimiter:--//
-- ----------------------------------------------------------------------------
--
-- begin transaction;
-- call base.defineContext('re-creating RBAC for table relation', null, <<insert executing global admin user here>>);
-- call hs_office.relation_rebuild_rbac_system();
-- commit;
create or replace procedure hs_office.relation_rebuild_rbac_system()
language plpgsql as $$
DECLARE
DECLARE
row hs_office.relation;
grantsAfter numeric;
grantsBefore numeric;
BEGIN
SELECT count(*) INTO grantsBefore FROM rbac.grants;
FOR row IN SELECT * FROM hs_office.relation LOOP
-- first delete all generated grants for this row from the previously defined RBAC system
DELETE FROM rbac.grants g
WHERE g.grantedbytriggerof = row.uuid;
-- then build the grants according to the currently defined RBAC rules
CALL hs_office.relation_build_rbac_system(row);
END LOOP;
select count(*) into grantsAfter from rbac.grants;
-- print how the total count of grants has changed
raise notice 'total grant count before -> after: % -> %', grantsBefore, grantsAfter;
END;
$$;
--//