diff options
Diffstat (limited to 'rt/etc/acl.Pg')
-rwxr-xr-x | rt/etc/acl.Pg | 109 |
1 files changed, 48 insertions, 61 deletions
diff --git a/rt/etc/acl.Pg b/rt/etc/acl.Pg index 8a0d4f28c..16ea71b2d 100755 --- a/rt/etc/acl.Pg +++ b/rt/etc/acl.Pg @@ -1,76 +1,63 @@ - sub acl { my $dbh = shift; my @acls; my @tables = qw ( - attachments_id_seq - Attachments - Attributes - attributes_id_seq - queues_id_seq - Queues - links_id_seq - Links - principals_id_seq - Principals - groups_id_seq - Groups - scripconditions_id_seq - ScripConditions - transactions_id_seq - Transactions - scrips_id_seq - Scrips - acl_id_seq - ACL - groupmembers_id_seq - GroupMembers - cachedgroupmembers_id_seq - CachedGroupMembers - users_id_seq - Users - tickets_id_seq - Tickets - scripactions_id_seq - ScripActions - templates_id_seq - Templates - objectcustomfieldvalues_id_s - ObjectCustomFieldValues - customfields_id_seq - CustomFields - objectcustomfields_id_s - ObjectCustomFields - customfieldvalues_id_seq - CustomFieldValues - sessions - ); - my $db_user = RT->Config->Get('DatabaseUser'); - my $db_pass = RT->Config->Get('DatabasePassword'); + attachments_id_seq + Attachments + queues_id_seq + Queues + links_id_seq + Links + principals_id_seq + Principals + groups_id_seq + Groups + scripconditions_id_seq + ScripConditions + transactions_id_seq + Transactions + scrips_id_seq + Scrips + acl_id_seq + ACL + groupmembers_id_seq + GroupMembers + cachedgroupmembers_id_seq + CachedGroupMembers + users_id_seq + Users + tickets_id_seq + Tickets + scripactions_id_seq + ScripActions + templates_id_seq + Templates + ticketcustomfieldvalues_id_s + TicketCustomFieldValues + customfields_id_seq + CustomFields + customfieldvalues_id_seq + CustomFieldValues + sessions + ); - # if there's already an rt_user, use it. - my @row = $dbh->selectrow_array( "SELECT usename FROM pg_user WHERE usename = '$db_user'" ); - unless ( $row[0] ) { - push @acls, "CREATE USER \"$db_user\" WITH PASSWORD '$db_pass' NOCREATEDB NOCREATEUSER;"; + # if there's already an rt_user, drop it. + my @row = + $dbh->selectrow_array( "select usename from pg_user where usename = '" . $RT::DatabaseUser."'" ); + if ( $row[0] ) { + push @acls, "drop user ${RT::DatabaseUser};",; } - my $sequence_right - = ( $dbh->{pg_server_version} >= 80200 ) - ? "USAGE, SELECT, UPDATE" - : "SELECT, UPDATE"; + push @acls, "create user ${RT::DatabaseUser} with password '${RT::DatabasePassword}' NOCREATEDB NOCREATEUSER;"; foreach my $table (@tables) { - if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) { -# table like objectcustomfields_id_s - push @acls, "GRANT $sequence_right ON $table TO \"$db_user\";" - } - else { - push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";" - } + push @acls, + "GRANT SELECT, INSERT, UPDATE, DELETE ON $table to " + . $RT::DatabaseUser . ";"; + } return (@acls); } - 1; |