Putting 4.2.0 on top of 4.0.17
[usit-rt.git] / etc / acl.Pg
1
2 sub acl {
3     my $dbh = shift;
4
5     my @acls;
6
7     my @tables = qw (
8         attachments_id_seq
9         Attachments
10         Attributes
11         attributes_id_seq
12         queues_id_seq
13         Queues 
14         links_id_seq
15         Links 
16         principals_id_seq
17         Principals 
18         groups_id_seq
19         Groups 
20         scripconditions_id_seq
21         ScripConditions 
22         transactions_id_seq
23         Transactions 
24         scrips_id_seq
25         Scrips 
26         objectscrips_id_seq
27         ObjectScrips
28         acl_id_seq
29         ACL 
30         groupmembers_id_seq
31         GroupMembers 
32         cachedgroupmembers_id_seq
33         CachedGroupMembers 
34         users_id_seq
35         Users 
36         tickets_id_seq
37         Tickets 
38         scripactions_id_seq
39         ScripActions 
40         templates_id_seq
41         Templates 
42         objectcustomfieldvalues_id_s
43         ObjectCustomFieldValues 
44         customfields_id_seq
45         CustomFields 
46         objectcustomfields_id_s
47         ObjectCustomFields 
48         customfieldvalues_id_seq
49         CustomFieldValues
50         sessions
51         classes_id_seq
52         Classes
53         articles_id_seq
54         Articles
55         topics_id_seq
56         Topics
57         objecttopics_id_seq
58         ObjectTopics
59         objectclasses_id_seq
60         ObjectClasses
61     );
62
63     my $db_user = RT->Config->Get('DatabaseUser');
64     my $db_pass = RT->Config->Get('DatabasePassword');
65
66     # if there's already an rt_user, use it.
67     my @row = $dbh->selectrow_array( "SELECT usename FROM pg_user WHERE usename = '$db_user'" );
68     unless ( $row[0] ) {
69          push @acls, "CREATE USER \"$db_user\" WITH PASSWORD '$db_pass' NOCREATEDB NOCREATEUSER;";
70     }
71
72     my $sequence_right
73         = ( $dbh->{pg_server_version} >= 80200 )
74         ? "USAGE, SELECT, UPDATE"
75         : "SELECT, UPDATE";
76     foreach my $table (@tables) {
77         if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) {
78 # table like objectcustomfields_id_s
79             push @acls, "GRANT $sequence_right ON $table TO \"$db_user\";"
80         }
81         else {
82             push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";"
83         }
84     }
85     return (@acls);
86 }
87
88 1;