add-trigger-object-to-rbacgrant #18
@ -41,6 +41,8 @@ begin
|
||||
assumedRoles := coalesce(assumedRoles, '');
|
||||
execute format('set local hsadminng.assumedRoles to %L', assumedRoles);
|
||||
|
||||
SET CONSTRAINTS ALL DEFERRED;
|
||||
|
||||
call contextDefined(currentTask, currentRequest, currentUser, assumedRoles);
|
||||
end; $$;
|
||||
--//
|
||||
|
@ -172,7 +172,6 @@ create or replace function deleteRelatedRbacObject()
|
||||
strict as $$
|
||||
begin
|
||||
if TG_OP = 'DELETE' then
|
||||
-- TODO: delete related grants? or via cascade?
|
||||
delete from RbacObject where rbacobject.uuid = old.uuid;
|
||||
else
|
||||
raise exception 'invalid usage of TRIGGER BEFORE DELETE';
|
||||
@ -453,7 +452,7 @@ $$;
|
||||
create table RbacGrants
|
||||
(
|
||||
uuid uuid primary key default uuid_generate_v4(),
|
||||
grantedByTriggerOf uuid, -- TODO: references RbacObject (uuid) initially deferred,
|
||||
grantedByTriggerOf uuid references RbacObject (uuid) on delete cascade initially deferred ,
|
||||
grantedByRoleUuid uuid references RbacRole (uuid),
|
||||
ascendantUuid uuid references RbacReference (uuid),
|
||||
descendantUuid uuid references RbacReference (uuid),
|
||||
|
@ -29,9 +29,12 @@ create or replace function currentTriggerObjectUuid()
|
||||
returns uuid
|
||||
stable -- leakproof
|
||||
language plpgsql as $$
|
||||
declare
|
||||
currentObjectUuid uuid;
|
||||
begin
|
||||
begin
|
||||
return current_setting('hsadminng.currentUserUuid')::uuid;
|
||||
currentObjectUuid = current_setting('hsadminng.currentObjectUuid')::uuid;
|
||||
return currentObjectUuid;
|
||||
exception
|
||||
when others then
|
||||
return null::uuid;
|
||||
|
Loading…
Reference in New Issue
Block a user