blob: dd1b334147d1e1a4f2a4e6dc518bbf21a74f51ec (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
sub acl {
my $dbh = shift;
my @acls;
my @tables = qw (
attachments_id_seq
Attachments
Attributes
attributes_id_seq
queues_id_seq
Queues
links_id_seq
Links
principals_id_seq
Principals
groups_id_seq
Groups
scripconditions_id_seq
ScripConditions
transactions_id_seq
Transactions
scrips_id_seq
Scrips
objectscrips_id_seq
ObjectScrips
acl_id_seq
ACL
groupmembers_id_seq
GroupMembers
cachedgroupmembers_id_seq
CachedGroupMembers
users_id_seq
Users
tickets_id_seq
Tickets
scripactions_id_seq
ScripActions
templates_id_seq
Templates
objectcustomfieldvalues_id_s
ObjectCustomFieldValues
customfields_id_seq
CustomFields
objectcustomfields_id_s
ObjectCustomFields
customfieldvalues_id_seq
CustomFieldValues
sessions
classes_id_seq
Classes
articles_id_seq
Articles
topics_id_seq
Topics
objecttopics_id_seq
ObjectTopics
objectclasses_id_seq
ObjectClasses
);
my $db_user = RT->Config->Get('DatabaseUser');
my $db_pass = RT->Config->Get('DatabasePassword');
# if there's already an rt_user, use it.
my @row = $dbh->selectrow_array( "SELECT usename FROM pg_user WHERE usename = '$db_user'" );
unless ( $row[0] ) {
push @acls, "CREATE USER \"$db_user\" WITH PASSWORD '$db_pass' NOCREATEDB NOSUPERUSER;";
}
foreach my $table (@tables) {
if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) {
# Sequences; not all end with _seq because
# objectcustomfieldvalues_id_s is too long
push @acls, "GRANT USAGE, SELECT, UPDATE ON $table TO \"$db_user\";"
}
else {
push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";"
}
}
return (@acls);
}
1;
|
