hostsharing/hs.hsadmin.ng
6
0
Fork 0
Code Pull Requests 2 Activity

RBAC Diagram+PostgreSQL Generator #21

Merged
hsh-michaelhoennig merged 54 commits from experimental-rbacview-generator into master 2024-03-11 12:30:44 +01:00
Conversation 0 Commits 54 Files Changed 91 +20 -18
1 changed files with 20 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 20fc37da22 - Show all commits

38
src/main/resources/db/changelog/050-rbac-base.sql
View File

@ -366,17 +366,17 @@ create trigger deleteRbacRolesOfRbacObject_Trigger
*/ */
create domain RbacOp as varchar(67) -- TODO: shorten to 8, once the deprecated values are gone create domain RbacOp as varchar(67) -- TODO: shorten to 8, once the deprecated values are gone
-- FIXME: uncomment check -- FIXME:
-- check ( -- check (
-- VALUE = 'INSERT' or -- VALUE = 'DELETE'
-- VALUE = 'DELETE' or -- or VALUE = 'UPDATE'
-- VALUE = 'UPDATE' or -- or VALUE = 'SELECT'
-- VALUE = 'SELECT' or -- or VALUE = 'INSERT'
-- VALUE = 'ASSUME' or -- or VALUE = 'ASSUME'
-- -- TODO: all values below are deprecated, use insert with table -- -- TODO: all values below are deprecated, use insert with table
-- VALUE ~ '^add-[a-z]+$' or -- or VALUE ~ '^add-[a-z]+$'
-- VALUE ~ '^new-[a-z-]+$' -- or VALUE ~ '^new-[a-z-]+$'
-- ); -- )
; ;
create table RbacPermission create table RbacPermission
@ -408,18 +408,20 @@ begin
permissionUuid = (select uuid from RbacPermission where objectUuid = forObjectUuid and op = forOp and opTableName = forOpTableName); permissionUuid = (select uuid from RbacPermission where objectUuid = forObjectUuid and op = forOp and opTableName = forOpTableName);
if (permissionUuid is null) then if (permissionUuid is null) then
insert insert into RbacReference ("type")
into RbacReference ("type")
values ('RbacPermission') values ('RbacPermission')
returning uuid into permissionUuid; returning uuid into permissionUuid;
raise warning 'for values (%, %, %, %)', permissionUuid, forObjectUuid, forOp, forOpTableName; -- TODO: remove begin
insert insert into RbacPermission (uuid, objectUuid, op, opTableName)
into RbacPermission (uuid, objectUuid, op, opTableName) values (permissionUuid, forObjectUuid, forOp, forOpTableName);
values (permissionUuid, forObjectUuid, forOp, forOpTableName); exception
when others then
raise exception 'insert into RbacPermission (uuid, objectUuid, op, opTableName)
values (%, %, %, %);', permissionUuid, forObjectUuid, forOp, forOpTableName;
end;
end if; end if;
return permissionUuid; return permissionUuid;
end; end; $$;
$$;
-- TODO: deprecated, remove and amend all usages to createPermission -- TODO: deprecated, remove and amend all usages to createPermission
create or replace function createPermissions(forObjectUuid uuid, permitOps RbacOp[]) create or replace function createPermissions(forObjectUuid uuid, permitOps RbacOp[])