Michael Hoennig
285e6fbeb5
Co-authored-by: Michael Hoennig <michael@hoennig.de> Reviewed-on: #104 Reviewed-by: Marc Sandlus <marc.sandlus@hostsharing.net>
51 lines
2.4 KiB
PL/PgSQL
51 lines
2.4 KiB
PL/PgSQL
-- ========================================================
|
|
-- Some Tests
|
|
-- --------------------------------------------------------
|
|
|
|
|
|
select rbac.isGranted(rbac.findRoleId('administrators'), rbac.findRoleId('rbactest.package#aaa00:OWNER'));
|
|
select rbac.isGranted(rbac.findRoleId('rbactest.package#aaa00:OWNER'), rbac.findRoleId('administrators'));
|
|
-- call rbac.grantRoleToRole(findRoleId('rbactest.package#aaa00:OWNER'), findRoleId('administrators'));
|
|
-- call rbac.grantRoleToRole(findRoleId('administrators'), findRoleId('rbactest.package#aaa00:OWNER'));
|
|
|
|
select count(*)
|
|
FROM rbac.queryAllPermissionsOfSubjectIdForObjectUuids(rbac.findRbacSubject('superuser-fran@hostsharing.net'),
|
|
ARRAY(select uuid from rbactest.customer where reference < 1100000));
|
|
select count(*)
|
|
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('superuser-fran@hostsharing.net'));
|
|
select *
|
|
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('alex@example.com'));
|
|
select *
|
|
FROM rbac.queryAllPermissionsOfSubjectId(findRbacSubject('rosa@example.com'));
|
|
|
|
select *
|
|
FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('customer',
|
|
(SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'customer' LIMIT 1),
|
|
'add-package'));
|
|
select *
|
|
FROM rbac.queryAllRbacSubjectsWithPermissionsFor(rbac.findEffectivePermissionId('package',
|
|
(SELECT uuid FROM rbac.RbacObject WHERE objectTable = 'package' LIMIT 1),
|
|
'DELETE'));
|
|
|
|
DO LANGUAGE plpgsql
|
|
$$
|
|
DECLARE
|
|
userId uuid;
|
|
result bool;
|
|
BEGIN
|
|
userId = rbac.findRbacSubject('superuser-alex@hostsharing.net');
|
|
result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'add-package'), userId));
|
|
IF (result) THEN
|
|
RAISE EXCEPTION 'expected permission NOT to be granted, but it is';
|
|
end if;
|
|
|
|
result = (SELECT * FROM rbac.isPermissionGrantedToSubject(rbac.findPermissionId('package', 94928, 'SELECT'), userId));
|
|
IF (NOT result) THEN
|
|
RAISE EXCEPTION 'expected permission to be granted, but it is NOT';
|
|
end if;
|
|
|
|
RAISE LOG 'isPermissionGrantedToSubjectId test passed';
|
|
END;
|
|
$$;
|
|
|