sub acl { my $dbh = shift; my @acls; my @tables = qw ( attachments_id_seq Attachments Attributes attributes_id_seq queues_id_seq Queues links_id_seq Links principals_id_seq Principals groups_id_seq Groups scripconditions_id_seq ScripConditions transactions_id_seq Transactions scrips_id_seq Scrips acl_id_seq ACL groupmembers_id_seq GroupMembers cachedgroupmembers_id_seq CachedGroupMembers users_id_seq Users tickets_id_seq Tickets scripactions_id_seq ScripActions templates_id_seq Templates objectcustomfieldvalues_id_s ObjectCustomFieldValues customfields_id_seq CustomFields objectcustomfields_id_s ObjectCustomFields customfieldvalues_id_seq CustomFieldValues sessions classes_id_seq Classes articles_id_seq Articles topics_id_seq Topics objecttopics_id_seq ObjectTopics objectclasses_id_seq ObjectClasses ); my $db_user = RT->Config->Get('DatabaseUser'); my $db_pass = RT->Config->Get('DatabasePassword'); # if there's already an rt_user, use it. my @row = $dbh->selectrow_array( "SELECT usename FROM pg_user WHERE usename = '$db_user'" ); unless ( $row[0] ) { push @acls, "CREATE USER \"$db_user\" WITH PASSWORD '$db_pass' NOCREATEDB NOCREATEUSER;"; } my $sequence_right = ( $dbh->{pg_server_version} >= 80200 ) ? "USAGE, SELECT, UPDATE" : "SELECT, UPDATE"; foreach my $table (@tables) { if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) { # table like objectcustomfields_id_s push @acls, "GRANT $sequence_right ON $table TO \"$db_user\";" } else { push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";" } } return (@acls); } 1;