Mercurial > gemma
comparison schema/auth.sql @ 2921:96ac7a980ec2
Allow sys_admin to access tables in staging area without restrictions
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Wed, 03 Apr 2019 16:42:03 +0200 |
parents | 69292eb68984 |
children | ec6163c6687d |
comparison
equal
deleted
inserted
replaced
2920:c1f2b9148cc8 | 2921:96ac7a980ec2 |
---|---|
100 'bottlenecks', | 100 'bottlenecks', |
101 'sounding_results'] | 101 'sounding_results'] |
102 LOOP | 102 LOOP |
103 EXECUTE format('CREATE POLICY hide_staging ON waterway.%I ' | 103 EXECUTE format('CREATE POLICY hide_staging ON waterway.%I ' |
104 'FOR SELECT TO waterway_user USING (staging_done)', the_table); | 104 'FOR SELECT TO waterway_user USING (staging_done)', the_table); |
105 EXECUTE format('CREATE POLICY sys_admin ON waterway.%I ' | |
106 'FOR ALL TO sys_admin USING (true)', the_table); | |
105 EXECUTE format('ALTER TABLE waterway.%I ENABLE ROW LEVEL SECURITY', | 107 EXECUTE format('ALTER TABLE waterway.%I ENABLE ROW LEVEL SECURITY', |
106 the_table); | 108 the_table); |
107 END LOOP; | 109 END LOOP; |
108 END; | 110 END; |
109 $$; | 111 $$; |
146 USING (users.utm_covers(area)); | 148 USING (users.utm_covers(area)); |
147 | 149 |
148 CREATE POLICY responsibility_area ON waterway.fairway_dimensions | 150 CREATE POLICY responsibility_area ON waterway.fairway_dimensions |
149 FOR ALL TO waterway_admin | 151 FOR ALL TO waterway_admin |
150 USING (users.utm_covers(area)); | 152 USING (users.utm_covers(area)); |
151 | |
152 CREATE POLICY sys_admin ON waterway.stretches | |
153 FOR ALL TO sys_admin | |
154 USING (true); | |
155 | 153 |
156 -- | 154 -- |
157 -- RLS policies for imports and import config | 155 -- RLS policies for imports and import config |
158 -- | 156 -- |
159 | 157 |