RBAC Diagram+PostgreSQL Generator #21
@ -19,11 +19,11 @@ select *
|
|||||||
FROM queryAllPermissionsOfSubjectId(findRbacUser('rosa@example.com'));
|
FROM queryAllPermissionsOfSubjectId(findRbacUser('rosa@example.com'));
|
||||||
|
|
||||||
select *
|
select *
|
||||||
FROM queryAllRbacUsersWithPermissionsFor(findPermissionId('customer',
|
FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('customer',
|
||||||
(SELECT uuid FROM RbacObject WHERE objectTable = 'customer' LIMIT 1),
|
(SELECT uuid FROM RbacObject WHERE objectTable = 'customer' LIMIT 1),
|
||||||
'add-package'));
|
'add-package'));
|
||||||
select *
|
select *
|
||||||
FROM queryAllRbacUsersWithPermissionsFor(findPermissionId('package',
|
FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('package',
|
||||||
(SELECT uuid FROM RbacObject WHERE objectTable = 'package' LIMIT 1),
|
(SELECT uuid FROM RbacObject WHERE objectTable = 'package' LIMIT 1),
|
||||||
'DELETE'));
|
'DELETE'));
|
||||||
|
|
||||||
|
@ -443,18 +443,6 @@ begin
|
|||||||
end;
|
end;
|
||||||
$$;
|
$$;
|
||||||
|
|
||||||
create or replace function findPermissionId(forObjectUuid uuid, forOp RbacOp, forOpTableName text = null)
|
|
||||||
returns uuid
|
|
||||||
returns null on null input
|
|
||||||
stable -- leakproof
|
|
||||||
language sql as $$
|
|
||||||
select uuid
|
|
||||||
from RbacPermission p
|
|
||||||
where p.objectUuid = forObjectUuid
|
|
||||||
and p.op = forOp
|
|
||||||
and p.opTableName = forOpTableName
|
|
||||||
$$;
|
|
||||||
|
|
||||||
create or replace function findEffectivePermissionId(forObjectUuid uuid, forOp RbacOp, forOpTableName text = null)
|
create or replace function findEffectivePermissionId(forObjectUuid uuid, forOp RbacOp, forOpTableName text = null)
|
||||||
returns uuid
|
returns uuid
|
||||||
returns null on null input
|
returns null on null input
|
||||||
@ -466,6 +454,18 @@ select uuid
|
|||||||
and (forOp = 'SELECT' or p.op = forOp) -- all other RbacOp include 'SELECT'
|
and (forOp = 'SELECT' or p.op = forOp) -- all other RbacOp include 'SELECT'
|
||||||
and p.opTableName = forOpTableName
|
and p.opTableName = forOpTableName
|
||||||
$$;
|
$$;
|
||||||
|
|
||||||
|
create or replace function findPermissionId(forObjectUuid uuid, forOp RbacOp, forOpTableName text = null)
|
||||||
|
returns uuid
|
||||||
|
returns null on null input
|
||||||
|
stable -- leakproof
|
||||||
|
language sql as $$
|
||||||
|
select uuid
|
||||||
|
from RbacPermission p
|
||||||
|
where p.objectUuid = forObjectUuid
|
||||||
|
and p.op = forOp
|
||||||
|
and p.opTableName = forOpTableName
|
||||||
|
$$;
|
||||||
--//
|
--//
|
||||||
|
|
||||||
-- ============================================================================
|
-- ============================================================================
|
||||||
|
Loading…
Reference in New Issue
Block a user