]>
Commit | Line | Data |
---|---|---|
84fb5b46 MKG |
1 | |
2 | sub acl { | |
3 | my $dbh = shift; | |
4 | ||
5 | my @acls; | |
6 | ||
7 | my @tables = qw ( | |
8 | attachments_id_seq | |
9 | Attachments | |
10 | Attributes | |
11 | attributes_id_seq | |
12 | queues_id_seq | |
13 | Queues | |
14 | links_id_seq | |
15 | Links | |
16 | principals_id_seq | |
17 | Principals | |
18 | groups_id_seq | |
19 | Groups | |
20 | scripconditions_id_seq | |
21 | ScripConditions | |
22 | transactions_id_seq | |
23 | Transactions | |
24 | scrips_id_seq | |
25 | Scrips | |
26 | acl_id_seq | |
27 | ACL | |
28 | groupmembers_id_seq | |
29 | GroupMembers | |
30 | cachedgroupmembers_id_seq | |
31 | CachedGroupMembers | |
32 | users_id_seq | |
33 | Users | |
34 | tickets_id_seq | |
35 | Tickets | |
36 | scripactions_id_seq | |
37 | ScripActions | |
38 | templates_id_seq | |
39 | Templates | |
40 | objectcustomfieldvalues_id_s | |
41 | ObjectCustomFieldValues | |
42 | customfields_id_seq | |
43 | CustomFields | |
44 | objectcustomfields_id_s | |
45 | ObjectCustomFields | |
46 | customfieldvalues_id_seq | |
47 | CustomFieldValues | |
48 | sessions | |
49 | classes_id_seq | |
50 | Classes | |
51 | articles_id_seq | |
52 | Articles | |
53 | topics_id_seq | |
54 | Topics | |
55 | objecttopics_id_seq | |
56 | ObjectTopics | |
57 | objectclasses_id_seq | |
58 | ObjectClasses | |
59 | ); | |
60 | ||
61 | my $db_user = RT->Config->Get('DatabaseUser'); | |
62 | my $db_pass = RT->Config->Get('DatabasePassword'); | |
63 | ||
64 | # if there's already an rt_user, use it. | |
65 | my @row = $dbh->selectrow_array( "SELECT usename FROM pg_user WHERE usename = '$db_user'" ); | |
66 | unless ( $row[0] ) { | |
67 | push @acls, "CREATE USER \"$db_user\" WITH PASSWORD '$db_pass' NOCREATEDB NOCREATEUSER;"; | |
68 | } | |
69 | ||
70 | my $sequence_right | |
71 | = ( $dbh->{pg_server_version} >= 80200 ) | |
72 | ? "USAGE, SELECT, UPDATE" | |
73 | : "SELECT, UPDATE"; | |
74 | foreach my $table (@tables) { | |
75 | if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) { | |
76 | # table like objectcustomfields_id_s | |
77 | push @acls, "GRANT $sequence_right ON $table TO \"$db_user\";" | |
78 | } | |
79 | else { | |
80 | push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";" | |
81 | } | |
82 | } | |
83 | return (@acls); | |
84 | } | |
85 | ||
86 | 1; |