allow-multiple-insert-permission-grants #49
@ -93,7 +93,7 @@ execute procedure insertTriggerForHsHostingAsset_tf();
|
|||||||
--changeset hs-hosting-asset-rbac-GRANTING-INSERT-PERMISSION:1 endDelimiter:--//
|
--changeset hs-hosting-asset-rbac-GRANTING-INSERT-PERMISSION:1 endDelimiter:--//
|
||||||
-- ----------------------------------------------------------------------------
|
-- ----------------------------------------------------------------------------
|
||||||
|
|
||||||
-- granting INSERT permission to hs_hosting_asset ----------------------------
|
-- granting INSERT permission to hs_booking_item ----------------------------
|
||||||
|
|
||||||
/*
|
/*
|
||||||
Grants INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_booking_item rows.
|
Grants INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_booking_item rows.
|
||||||
@ -141,21 +141,7 @@ execute procedure new_hs_hosting_asset_grants_insert_to_hs_booking_item_tf();
|
|||||||
/*
|
/*
|
||||||
Grants INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_hosting_asset rows.
|
Grants INSERT INTO hs_hosting_asset permissions to specified role of pre-existing hs_hosting_asset rows.
|
||||||
*/
|
*/
|
||||||
do language plpgsql $$
|
-- Skipped, because there cannot yet be any pre-existing hs_hosting_asset rows.
|
||||||
declare
|
|
||||||
preExistingRow hs_hosting_asset;
|
|
||||||
begin
|
|
||||||
call defineContext('create INSERT INTO hs_hosting_asset permissions for pre-exising hs_hosting_asset rows');
|
|
||||||
|
|
||||||
FOR preExistingRow IN SELECT * FROM hs_hosting_asset
|
|
||||||
WHERE preExistingRow.type = 'MANAGED_SERVER'
|
|
||||||
LOOP
|
|
||||||
call grantPermissionToRole(
|
|
||||||
createPermission(preExistingRow.uuid, 'INSERT', 'hs_hosting_asset'),
|
|
||||||
hsBookingItemAGENT(preExistingRow));
|
|
||||||
END LOOP;
|
|
||||||
end;
|
|
||||||
$$;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
Grants hs_hosting_asset INSERT permission to specified role of new hs_hosting_asset rows.
|
Grants hs_hosting_asset INSERT permission to specified role of new hs_hosting_asset rows.
|
||||||
@ -202,11 +188,10 @@ create trigger hs_hosting_asset_insert_permission_check_tg
|
|||||||
before insert on hs_hosting_asset
|
before insert on hs_hosting_asset
|
||||||
for each row
|
for each row
|
||||||
when ( not (
|
when ( not (
|
||||||
|
hasInsertPermission(NEW.bookingItemUuid, 'hs_hosting_asset') or
|
||||||
hasInsertPermission(NEW.bookingItemUuid, 'hs_hosting_asset') or
|
NEW.type = 'MANAGED_WEBSPACE' and hasInsertPermission(NEW.parentAssetUuid, 'INSERT', 'hs_hosting_asset') ) )
|
||||||
NEW.type = 'MANAGED_SERVER' and hasInsertPermission(NEW.parentAssetUuid, 'INSERT', 'hs_hosting_asset') ) )
|
|
||||||
execute procedure hs_hosting_asset_insert_permission_missing_tf();
|
execute procedure hs_hosting_asset_insert_permission_missing_tf();
|
||||||
--//
|
|
||||||
--//
|
--//
|
||||||
|
|
||||||
-- ============================================================================
|
-- ============================================================================
|
||||||
|
Loading…
Reference in New Issue
Block a user