2024-02-24 09:04:07 +01:00
3 changed files with 7 additions and 3 deletions
--- a/src/main/resources/db/changelog/010-context.sql
+++ b/src/main/resources/db/changelog/010-context.sql
@ -41,6 +41,8 @@ begin
    assumedRoles := coalesce(assumedRoles, '');
    execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
    SET CONSTRAINTS ALL DEFERRED;
    call contextDefined(currentTask, currentRequest, currentUser, assumedRoles);
 end; $$;
 --//
--- a/src/main/resources/db/changelog/050-rbac-base.sql
+++ b/src/main/resources/db/changelog/050-rbac-base.sql
@ -172,7 +172,6 @@ create or replace function deleteRelatedRbacObject()
    strict as $$
 begin
    if TG_OP = 'DELETE' then
        -- TODO: delete related grants? or via cascade?
        delete from RbacObject where rbacobject.uuid = old.uuid;
    else
        raise exception 'invalid usage of TRIGGER BEFORE DELETE';
@ -453,7 +452,7 @@ $$;
 create table RbacGrants
 (
    uuid                uuid primary key default uuid_generate_v4(),
-    grantedByTriggerOf  uuid, -- TODO: references RbacObject (uuid) initially deferred,
+    grantedByTriggerOf  uuid references RbacObject (uuid) on delete cascade initially deferred ,
    grantedByRoleUuid   uuid references RbacRole (uuid),
    ascendantUuid       uuid references RbacReference (uuid),
    descendantUuid      uuid references RbacReference (uuid),
--- a/src/main/resources/db/changelog/056-rbac-trigger-context.sql
+++ b/src/main/resources/db/changelog/056-rbac-trigger-context.sql
@ -29,9 +29,12 @@ create or replace function currentTriggerObjectUuid()
    returns uuid
    stable -- leakproof
    language plpgsql as $$
 declare
    currentObjectUuid uuid;
 begin
    begin
-        return current_setting('hsadminng.currentUserUuid')::uuid;
+        currentObjectUuid = current_setting('hsadminng.currentObjectUuid')::uuid;
        return currentObjectUuid;
    exception
        when others then
            return null::uuid;