Support revocation of tenant keys #2211 #2482
Conversation
Signed-off-by: Paul Bastide <pbastide@us.ibm.com>
| SQL = "DELETE FROM " + tableName + " WHERE mt_id = ?"; | ||
| } else { | ||
| SQL = "DELETE FROM " + tableName + " WHERE mt_id = ?" | ||
| + " AND tenant_hash = sysibm.hash(tenant_salt || ?, 2)"; |
There was a problem hiding this comment.
is this db2-specific. if so, can it live in the translator?
There was a problem hiding this comment.
never mind, I think I was mixing up the translator with an "adapter" (the one that adapts the SQL for a specific db type). still the same question though.
There was a problem hiding this comment.
Right, this is a db2 specific task - we're only multitenant on db2.
There was a problem hiding this comment.
yeah, agree it should work just fine. was just a general recommendation/observation to try keeping the db-specific logic in the adapter (in case we ever introduce any other multitenant dbs...which I don't think we will but 🤷 )
There was a problem hiding this comment.
maybe just add a comment to indicate that its db2-specific and move on?
There was a problem hiding this comment.
I started from AddTenantKeyDAO, this is consistent with addTenantKeyDAO and the other tenant daos. Are you asking me to update the comments in all of these?
There was a problem hiding this comment.
I started from AddTenantKeyDAO, this is consistent with addTenantKeyDAO and the other tenant daos. Are you asking me to update the comments in all of these?
ah, I was wondering just that (how many places we've built in multitenant==db2 logic). I think it would be good to call out all such places, but I guess its really not a big deal.
There was a problem hiding this comment.
I updated the top-level comments.
Signed-off-by: Paul Bastide <pbastide@us.ibm.com>
fhir-database-utils/src/main/java/com/ibm/fhir/database/utils/tenant/DeleteTenantKeyDAO.java
Outdated
Show resolved
Hide resolved
Signed-off-by: Paul Bastide <pbastide@us.ibm.com>
Signed-off-by: Paul Bastide pbastide@us.ibm.com