fix(uba,ubcli,ub): MT environments - system users (!1736) · Merge requests · unitybase / ubjs

Andrii Bezuglyi requested to merge fix/uba_user_tenant into master Nov 13, 2023

All changes in this MR are related to correct functioning of multi-tenant environments. All the changes are made in a way to preserve behavior for regular environments "as is" to minimize impact/risks/

The following changes are made:

ubcli, when generates RLS for PostgreSQL (basic underlying mechanism of multi-tenant mode) now support 2 new policies:
- tenantAndSpecialUsers - to be used by uba_user
- tenantAndCommonAndSpecialUsers - to be used by uba_subject
uba_user now has validation rules that disallow update operation on root and anonymous in user tenants
uba_common module now in the isSuperUser function, in user tenants check is done against user name, not user ID for "admin" user
Session.runAsAdmin function now for user tenants, redirects to Session.runAsUser with ID of the admin user in that tenant

Edited Jan 30, 2025 by Andrii Bezuglyi

fix(uba,ubcli,ub): MT environments - system users

Merge request reports