blob: 8a0d4f28c660e0f2ee7639cf4f7281d90c916f9e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
sub acl {
my $dbh = shift;
my @acls;
my @tables = qw (
attachments_id_seq
Attachments
Attributes
attributes_id_seq
queues_id_seq
Queues
links_id_seq
Links
principals_id_seq
Principals
groups_id_seq
Groups
scripconditions_id_seq
ScripConditions
transactions_id_seq
Transactions
scrips_id_seq
Scrips
acl_id_seq
ACL
groupmembers_id_seq
GroupMembers
cachedgroupmembers_id_seq
CachedGroupMembers
users_id_seq
Users
tickets_id_seq
Tickets
scripactions_id_seq
ScripActions
templates_id_seq
Templates
objectcustomfieldvalues_id_s
ObjectCustomFieldValues
customfields_id_seq
CustomFields
objectcustomfields_id_s
ObjectCustomFields
customfieldvalues_id_seq
CustomFieldValues
sessions
);
my $db_user = RT->Config->Get('DatabaseUser');
my $db_pass = RT->Config->Get('DatabasePassword');
# if there's already an rt_user, use it.
my @row = $dbh->selectrow_array( "SELECT usename FROM pg_user WHERE usename = '$db_user'" );
unless ( $row[0] ) {
push @acls, "CREATE USER \"$db_user\" WITH PASSWORD '$db_pass' NOCREATEDB NOCREATEUSER;";
}
my $sequence_right
= ( $dbh->{pg_server_version} >= 80200 )
? "USAGE, SELECT, UPDATE"
: "SELECT, UPDATE";
foreach my $table (@tables) {
if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) {
# table like objectcustomfields_id_s
push @acls, "GRANT $sequence_right ON $table TO \"$db_user\";"
}
else {
push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";"
}
}
return (@acls);
}
1;
|
