fix misleading findPermissionId naming

2024-02-16 16:48:37 +01:00
parent 496cdf295b
commit 36654a69d8
4 changed files with 24 additions and 9 deletions
--- a/sql/rbac-tests.sql
+++ b/sql/rbac-tests.sql
@ -19,11 +19,11 @@ select *
 FROM queryAllPermissionsOfSubjectId(findRbacUser('rosa@example.com'));

 select *
-FROM queryAllRbacUsersWithPermissionsFor(findPermissionId('customer',
+FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('customer',
                                                          (SELECT uuid FROM RbacObject WHERE objectTable = 'customer' LIMIT 1),
                                                          'add-package'));
 select *
-FROM queryAllRbacUsersWithPermissionsFor(findPermissionId('package',
+FROM queryAllRbacUsersWithPermissionsFor(findEffectivePermissionId('package',
                                                          (SELECT uuid FROM RbacObject WHERE objectTable = 'package' LIMIT 1),
                                                          'delete'));

@ -34,12 +34,12 @@ $$
        result bool;
    BEGIN
        userId = findRbacUser('superuser-alex@hostsharing.net');
-        result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'add-package'), userId));
+        result = (SELECT * FROM isPermissionGrantedToSubject(findEffectivePermissionId('package', 94928, 'add-package'), userId));
        IF (result) THEN
            RAISE EXCEPTION 'expected permission NOT to be granted, but it is';
        end if;

-        result = (SELECT * FROM isPermissionGrantedToSubject(findPermissionId('package', 94928, 'view'), userId));
+        result = (SELECT * FROM isPermissionGrantedToSubject(findEffectivePermissionId('package', 94928, 'view'), userId));
        IF (NOT result) THEN
            RAISE EXCEPTION 'expected permission to be granted, but it is NOT';
        end if;
--- a/sql/rbac-view-option-experiments.sql
+++ b/sql/rbac-view-option-experiments.sql
@ -20,7 +20,7 @@ CREATE POLICY customer_policy ON customer
    TO restricted
    USING (
        -- id=1000
-        isPermissionGrantedToSubject(findPermissionId('test_customer', id, 'view'), currentUserUuid())
+        isPermissionGrantedToSubject(findEffectivePermissionId('test_customer', id, 'view'), currentUserUuid())
    );

 SET SESSION AUTHORIZATION restricted;
@ -35,7 +35,7 @@ SELECT * FROM customer;
 CREATE OR REPLACE RULE "_RETURN" AS
    ON SELECT TO cust_view
    DO INSTEAD
-    SELECT * FROM customer WHERE isPermissionGrantedToSubject(findPermissionId('test_customer', id, 'view'), currentUserUuid());
+    SELECT * FROM customer WHERE isPermissionGrantedToSubject(findEffectivePermissionId('test_customer', id, 'view'), currentUserUuid());
 SELECT * from cust_view LIMIT 10;

 select queryAllPermissionsOfSubjectId(findRbacUser('superuser-alex@hostsharing.net'));