Skip to content

Commit ee4f8b8

Browse files
sirisjosirisjo
committed
remove createToken permission; sql refactor
1 parent aaffaf7 commit ee4f8b8

File tree

2 files changed

+6
-8
lines changed

2 files changed

+6
-8
lines changed

cmd/api/src/auth/role.go

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,6 @@ func Roles() map[string]RoleTemplate {
6767
permissions.AppReadApplicationConfiguration,
6868
permissions.APsGenerateReport,
6969
permissions.AuditLogRead,
70-
permissions.AuthCreateToken,
7170
permissions.AuthManageSelf,
7271
permissions.AuthReadUsers,
7372
permissions.ClientsRead,

cmd/api/src/database/migration/migrations/v8.4.0.sql

Lines changed: 6 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -29,16 +29,15 @@ JOIN permissions p
2929
('app', 'ReadAppConfig'),
3030
('risks', 'GenerateReport'),
3131
('audit_log', 'Read'),
32-
('auth', 'CreateToken'),
3332
('auth', 'ManageSelf'),
3433
('auth', 'ReadUsers'),
3534
('graphdb', 'Read'),
3635
('saved_queries', 'Read'),
3736
('clients', 'Read')
38-
)))
39-
ON CONFLICT DO NOTHING;
40-
41-
INSERT INTO roles_permissions (role_id, permission_id)
42-
VALUES ((SELECT id FROM roles WHERE roles.name = 'Administrator'),
43-
(SELECT id FROM permissions WHERE permissions.authority = 'audit_log' and permissions.name = 'Read'))
37+
))
38+
OR
39+
(r.name = 'Administrator' AND (p.authority, p.name) IN (
40+
('audit_log', 'Read')
41+
))
42+
)
4443
ON CONFLICT DO NOTHING;

0 commit comments

Comments
 (0)