-
Notifications
You must be signed in to change notification settings - Fork 0
/
010_update_permissions_v1-4.sql
99 lines (79 loc) · 2.39 KB
/
010_update_permissions_v1-4.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
/*
GROUP HEADERS GENERATED BY: https://patorjk.com/software/taag/#p=display&h=0&v=1&c=c&f=ANSI%20Shadow&t=STAGE%20FUNCS
SUB GROUP HEADERS GENERATED BY: https://patorjk.com/software/taag/#p=display&h=1&v=1&c=c&f=Banner3&t=permissions
*/
select *
from start_version_update('1.4',
'Delete user_info/user_identity',
'', _component := 'keen_auth_permissions');
alter table auth.user_permission_cache
drop constraint user_permission_cache_user_id_fkey;
alter table auth.user_permission_cache
add constraint user_permission_cache_user_id_fkey foreign key (user_id)
references auth.user_info (user_id) on delete cascade;
create or replace function auth.delete_user_info(_deleted_by text, _user_id bigint, _target_user_id bigint, _tenant_id integer DEFAULT 1)
returns TABLE(__user_info_id integer)
rows 1
language plpgsql
as
$$
declare
__is_system bool;
begin
end;
$$;
create or replace function auth.delete_user_info(_deleted_by text, _user_id bigint, _target_user_id bigint, _tenant_id integer DEFAULT 1)
returns TABLE(__user_info_id integer)
rows 1
language plpgsql
as
$$
declare
__is_system bool;
begin
perform
auth.has_permission(_user_id, 'users.delete_user_info', _tenant_id);
select is_system, tenant_id
from auth.user_group ug
where ug.user_group_id = _user_group_id
into __is_system;
if
__is_system is null then
perform error.raise_52171(_user_group_id);
end if;
if
__is_system then
perform error.raise_52271(_user_group_id);
end if;
return query
delete
from auth.user_group
where tenant_id = _tenant_id
and user_group_id = _user_group_id
returning user_group_id;
perform
add_journal_msg(_deleted_by, _user_id
, format('User: %s removed user group: %s in tenant: %s'
, _deleted_by, _user_group_id, _tenant_id)
, 'group', _user_group_id
, null
, 50203
, _tenant_id := _tenant_id);
end;
$$;
create
or replace function auth.update_permission_data_v1_4()
returns setof int
language plpgsql
as
$$
declare
__update_username text:='auth_update_v1_4';
begin
perform unsecure.create_permission_as_system('Delete system user info', 'users');
perform unsecure.create_permission_as_system('Delete user info', 'users');
perform unsecure.create_permission_as_system('Delete user identity', 'users');
end;
$$;
select *
from stop_version_update('1.4', _component := 'keen_auth_permissions');