From ca717ed123e7fae109798338b16fb5158e24f555 Mon Sep 17 00:00:00 2001 From: antoniocarlon Date: Thu, 6 Sep 2018 15:40:41 +0200 Subject: [PATCH] Fixed permission check --- client/renderer/templates/20_public_functions.erb | 2 +- .../renderer/templates/25_exception_safe_private_functions.erb | 2 +- client/sql/21_bulk_geocoding_functions.sql | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/client/renderer/templates/20_public_functions.erb b/client/renderer/templates/20_public_functions.erb index a085bbd..2b98906 100644 --- a/client/renderer/templates/20_public_functions.erb +++ b/client/renderer/templates/20_public_functions.erb @@ -16,7 +16,7 @@ BEGIN RAISE EXCEPTION 'The api_key must be provided'; END IF; <% unless superuser_function? -%>SELECT u, o, a, p INTO username, orgname, appname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, a text, p json); - <% if requires_permission %>IF NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN + <% if requires_permission %>IF apikey_permissions IS NULL OR NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN RAISE EXCEPTION '<%= permission_error %>'; END IF; <% else %>SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text, a text, p json);<% end %><% end %> diff --git a/client/renderer/templates/25_exception_safe_private_functions.erb b/client/renderer/templates/25_exception_safe_private_functions.erb index a3aeb9f..8d92420 100644 --- a/client/renderer/templates/25_exception_safe_private_functions.erb +++ b/client/renderer/templates/25_exception_safe_private_functions.erb @@ -17,7 +17,7 @@ BEGIN RAISE EXCEPTION 'The api_key must be provided'; END IF; <% unless superuser_function? -%>SELECT u, o, a, p INTO username, orgname, appname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, a text, p json); - <% if requires_permission %>IF NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN + <% if requires_permission %>IF apikey_permissions IS NULL OR NOT apikey_permissions::jsonb ? '<%= permission_name %>' THEN RAISE EXCEPTION '<%= permission_error %>'; END IF; <% else %>SELECT u, o INTO username, orgname FROM <%= DATASERVICES_CLIENT_SCHEMA %>._cdb_entity_config() AS (u text, o text, a text, p json);<% end %><% end %> diff --git a/client/sql/21_bulk_geocoding_functions.sql b/client/sql/21_bulk_geocoding_functions.sql index 210c584..edaefba 100644 --- a/client/sql/21_bulk_geocoding_functions.sql +++ b/client/sql/21_bulk_geocoding_functions.sql @@ -22,7 +22,7 @@ BEGIN RAISE EXCEPTION 'The api_key must be provided'; END IF; SELECT u, o, a, p INTO username, orgname, appname, apikey_permissions FROM cdb_dataservices_client._cdb_entity_config() AS (u text, o text, a text, p json); - IF NOT apikey_permissions::jsonb ? 'geocoding' THEN + IF apikey_permissions IS NULL OR NOT apikey_permissions::jsonb ? 'geocoding' THEN RAISE EXCEPTION 'Geocoding is not allowed'; END IF;