Mercurial > gemma
comparison schema/auth.sql @ 268:72062ca52746
Make user_profiles table invisible for users
users.list_users should be the single point to access user profile data.
Keeping user_profiles visible would imply having to maintain RLS policies
that are otherwise obsolete.
Tests run as superuser still use user_profiles, because list_users does
not show any data to a superuser.
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Mon, 30 Jul 2018 11:38:09 +0200 |
| parents | 13ad969a9138 |
| children | 750a9c9cd965 |
comparison
equal
deleted
inserted
replaced
| 267:7f030ec3472d | 268:72062ca52746 |
|---|---|
| 33 -- | 33 -- |
| 34 -- RLS policies for waterway_user | 34 -- RLS policies for waterway_user |
| 35 -- | 35 -- |
| 36 -- Sometimes using FOR ALL because we rely on GRANTed privileges for allowing | 36 -- Sometimes using FOR ALL because we rely on GRANTed privileges for allowing |
| 37 -- data modifications generally. | 37 -- data modifications generally. |
| 38 -- Sometimes using 'username IN(SELECT username FROM user_profiles)' instead | 38 -- Sometimes using 'username IN(SELECT username FROM users.list_users)' instead |
| 39 -- of 'username = current_user', because waterway_admin is intentionally | 39 -- of 'username = current_user', because waterway_admin is intentionally |
| 40 -- allowed more with these policies (note that the subselect implies different | 40 -- allowed more with these policies (note that the subselect implies different |
| 41 -- policies on user_profiles depending on current_user). | 41 -- filtering on list_users depending on current_user). |
| 42 -- | 42 -- |
| 43 | 43 |
| 44 -- Staging area | 44 -- Staging area |
| 45 CREATE FUNCTION create_hide_staging_policy() | 45 CREATE FUNCTION create_hide_staging_policy() |
| 46 RETURNS void | 46 RETURNS void |
| 60 $$ | 60 $$ |
| 61 LANGUAGE plpgsql; | 61 LANGUAGE plpgsql; |
| 62 SELECT create_hide_staging_policy(); | 62 SELECT create_hide_staging_policy(); |
| 63 DROP FUNCTION create_hide_staging_policy; | 63 DROP FUNCTION create_hide_staging_policy; |
| 64 | 64 |
| 65 CREATE POLICY see_yourself ON users.user_profiles FOR SELECT TO waterway_user | |
| 66 USING (username = current_user); | |
| 67 ALTER TABLE users.user_profiles ENABLE ROW LEVEL SECURITY; | |
| 68 | |
| 69 CREATE POLICY user_templates ON users.user_templates FOR ALL TO waterway_user | 65 CREATE POLICY user_templates ON users.user_templates FOR ALL TO waterway_user |
| 70 USING (username IN(SELECT username FROM users.user_profiles)); | 66 USING (username IN(SELECT username FROM users.list_users)); |
| 71 ALTER TABLE users.user_templates ENABLE ROW LEVEL SECURITY; | 67 ALTER TABLE users.user_templates ENABLE ROW LEVEL SECURITY; |
| 72 | 68 |
| 73 CREATE POLICY user_templates ON users.templates FOR ALL TO waterway_user | 69 CREATE POLICY user_templates ON users.templates FOR ALL TO waterway_user |
| 74 USING (template_name IN(SELECT template_name FROM users.user_templates)) | 70 USING (template_name IN(SELECT template_name FROM users.user_templates)) |
| 75 WITH CHECK (true); | 71 WITH CHECK (true); |
| 88 CREATE POLICY responsibility_area ON waterway.sounding_results | 84 CREATE POLICY responsibility_area ON waterway.sounding_results |
| 89 FOR ALL TO waterway_admin | 85 FOR ALL TO waterway_admin |
| 90 USING (ST_Within(area, (SELECT area FROM users.responsibility_areas | 86 USING (ST_Within(area, (SELECT area FROM users.responsibility_areas |
| 91 WHERE country = current_user_country()))); | 87 WHERE country = current_user_country()))); |
| 92 | 88 |
| 93 CREATE POLICY country_profiles ON users.user_profiles | |
| 94 FOR SELECT TO waterway_admin | |
| 95 USING (country = current_user_country()); | |
| 96 | |
| 97 COMMIT; | 89 COMMIT; |