[Rt-commit] rt branch, 4.0/article-table-acls, created. rt-4.0.0-422-gd65ecf4

Kevin Falcone falcone at bestpractical.com
Fri May 20 17:04:04 EDT 2011


The branch, 4.0/article-table-acls has been created
        at  d65ecf4662500cd3d7e3c39df387c7bc4b1e3882 (commit)

- Log -----------------------------------------------------------------
commit d65ecf4662500cd3d7e3c39df387c7bc4b1e3882
Author: Kevin Falcone <falcone at bestpractical.com>
Date:   Fri May 20 16:57:44 2011 -0400

    Grant rights when the new articles tables are created
    
    These are handled correctly on a fresh 4.0 but not on an upgrade.
    This is for #17262 although it deals with acls, not ownership.

diff --git a/etc/upgrade/4.0.1/acl.Pg b/etc/upgrade/4.0.1/acl.Pg
new file mode 100755
index 0000000..8b0ad68
--- /dev/null
+++ b/etc/upgrade/4.0.1/acl.Pg
@@ -0,0 +1,39 @@
+
+sub acl {
+    my $dbh = shift;
+
+    my @acls;
+
+    my @tables = qw (
+        classes_id_seq
+        Classes
+        articles_id_seq
+        Articles
+        topics_id_seq
+        Topics
+        objecttopics_id_seq
+        ObjectTopics
+        objectclasses_id_seq
+        ObjectClasses
+    );
+
+    my $db_user = RT->Config->Get('DatabaseUser');
+
+    my $sequence_right
+        = ( $dbh->{pg_server_version} >= 80200 )
+        ? "USAGE, SELECT, UPDATE"
+        : "SELECT, UPDATE";
+
+    foreach my $table (@tables) {
+        # table like objectcustomfields_id_s
+        if ( $table =~ /^[a-z]/ && $table ne 'sessions' ) {
+            push @acls, "GRANT $sequence_right ON $table TO \"$db_user\";"
+        }
+        else {
+            push @acls, "GRANT SELECT, INSERT, UPDATE, DELETE ON $table TO \"$db_user\";"
+        }
+    }
+    return (@acls);
+}
+
+1;

-----------------------------------------------------------------------


More information about the Rt-commit mailing list