cleanup+categorization of TODOs

2022-09-07 12:25:12 +02:00
parent 756d5e1ae6
commit 23796c56f9
14 changed files with 26 additions and 30 deletions
--- a/src/main/resources/db/changelog/050-rbac-base.sql
+++ b/src/main/resources/db/changelog/050-rbac-base.sql
@ -170,7 +170,7 @@ call create_journal('RbacRole');

 create type RbacRoleDescriptor as
 (
-    objectTable varchar(63), -- TODO: needed? remove?
+    objectTable varchar(63), -- for human readability and easier debugging
    objectUuid  uuid,
    roleType    RbacRoleType
 );
@ -221,7 +221,7 @@ declare
    objectUuidOfRole          uuid;
    roleUuid                  uuid;
 begin
-    -- TODO: extract function toRbacRoleDescriptor(roleIdName varchar) + find other occurrences
+    -- TODO.refact: extract function toRbacRoleDescriptor(roleIdName varchar) + find other occurrences
    roleParts = overlay(roleIdName placing '#' from length(roleIdName) + 1 - strpos(reverse(roleIdName), '.'));
    objectTableFromRoleIdName = split_part(roleParts, '#', 1);
    objectNameFromRoleIdName = split_part(roleParts, '#', 2);
@ -415,7 +415,7 @@ create or replace function isGranted(granteeIds uuid[], grantedId uuid)
 declare
    granteeId uuid;
 begin
-    -- TODO: needs optimization
+    -- TODO.perf: needs optimization
    foreach granteeId in array granteeIds
        loop
            if isGranted(granteeId, grantedId) then
--- a/src/main/resources/db/changelog/051-rbac-user-grant.sql
+++ b/src/main/resources/db/changelog/051-rbac-user-grant.sql
@ -30,7 +30,7 @@ begin
    insert
        into RbacGrants (grantedByRoleUuid, ascendantUuid, descendantUuid, assumed)
        values (grantedByRoleUuid, userUuid, roleUuid, doAssume);
-    -- TODO: What should happen on mupltiple grants? What if options are not the same?
+    -- TODO.spec: What should happen on mupltiple grants? What if options (doAssume) are not the same?
    --      Most powerful or latest grant wins? What about managed?
    -- on conflict do nothing; -- allow granting multiple times
 end; $$;
@ -53,7 +53,7 @@ begin
    insert
        into RbacGrants (grantedByRoleUuid, ascendantUuid, descendantUuid, assumed)
        values (grantedByRoleUuid, userUuid, grantedRoleUuid, doAssume);
-    -- TODO: What should happen on mupltiple grants? What if options are not the same?
+    -- TODO.spec: What should happen on mupltiple grants? What if options (doAssume) are not the same?
    --      Most powerful or latest grant wins? What about managed?
    -- on conflict do nothing; -- allow granting multiple times
 end; $$;
--- a/src/main/resources/db/changelog/080-rbac-global.sql
+++ b/src/main/resources/db/changelog/080-rbac-global.sql
@ -30,7 +30,7 @@ create or replace function hasGlobalPermission(op RbacOp)
    returns boolean
    language sql as
 $$
-    -- TODO: this could to be optimized
+    -- TODO.perf: this could to be optimized
 select (select uuid from global) in
       (select queryAccessibleObjectUuidsOfSubjectIds(op, 'global', currentSubjectsUuids()));
 $$;
--- a/src/main/resources/db/changelog/113-test-customer-rbac.sql
+++ b/src/main/resources/db/changelog/113-test-customer-rbac.sql
@ -152,7 +152,7 @@ drop view if exists test_customer_iv;
 create or replace view test_customer_iv as
 select target.uuid, target.prefix as idName
    from test_customer as target;
-- TODO: Is it ok that everybody has access to this information?
+-- TODO.spec: Is it ok that everybody has access to this information?
 grant all privileges on test_customer_iv to restricted;

 /*
--- a/src/main/resources/db/changelog/133-test-domain-rbac.sql
+++ b/src/main/resources/db/changelog/133-test-domain-rbac.sql
@ -168,7 +168,7 @@ drop view if exists test_domain_iv;
 create or replace view test_domain_iv as
 select distinct target.uuid, target.name as idName
    from test_domain as target;
-- TODO: Is it ok that everybody has access to this information?
+-- TODO.spec: Is it ok that everybody has access to this information?
 grant all privileges on test_domain_iv to restricted;

 /*
--- a/src/main/resources/db/changelog/200-hs-admin-contact.sql
+++ b/src/main/resources/db/changelog/200-hs-admin-contact.sql
@ -9,7 +9,7 @@ create table if not exists hs_admin_contact
    uuid           uuid unique references RbacObject (uuid),
    label          varchar(96) not null,
    postalAddress  text,
-    emailAddresses text, -- TODO: change to json
-    phoneNumbers   text  -- TODO: change to json
+    emailAddresses text, -- TODO.feat: change to json
+    phoneNumbers   text  -- TODO.feat: change to json
 );
 --//
--- a/src/main/resources/db/changelog/203-hs-admin-contact-rbac.sql
+++ b/src/main/resources/db/changelog/203-hs-admin-contact-rbac.sql
@ -139,7 +139,7 @@ execute procedure deleteRbacRulesForHsAdminContact();
 create or replace view hs_admin_contact_iv as
 select target.uuid, cleanIdentifier(target.label) as idName
    from hs_admin_contact as target;
-- TODO: Is it ok that everybody has access to this information?
+-- TODO.spec: Is it ok that everybody has access to this information?
 grant all privileges on hs_admin_contact_iv to restricted;

 /*