Mercurial > gemma
comparison schema/auth.sql @ 2921:96ac7a980ec2
Allow sys_admin to access tables in staging area without restrictions
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Wed, 03 Apr 2019 16:42:03 +0200 |
| parents | 69292eb68984 |
| children | ec6163c6687d |
comparison
equal
deleted
inserted
replaced
| 2920:c1f2b9148cc8 | 2921:96ac7a980ec2 |
|---|---|
| 100 'bottlenecks', | 100 'bottlenecks', |
| 101 'sounding_results'] | 101 'sounding_results'] |
| 102 LOOP | 102 LOOP |
| 103 EXECUTE format('CREATE POLICY hide_staging ON waterway.%I ' | 103 EXECUTE format('CREATE POLICY hide_staging ON waterway.%I ' |
| 104 'FOR SELECT TO waterway_user USING (staging_done)', the_table); | 104 'FOR SELECT TO waterway_user USING (staging_done)', the_table); |
| 105 EXECUTE format('CREATE POLICY sys_admin ON waterway.%I ' | |
| 106 'FOR ALL TO sys_admin USING (true)', the_table); | |
| 105 EXECUTE format('ALTER TABLE waterway.%I ENABLE ROW LEVEL SECURITY', | 107 EXECUTE format('ALTER TABLE waterway.%I ENABLE ROW LEVEL SECURITY', |
| 106 the_table); | 108 the_table); |
| 107 END LOOP; | 109 END LOOP; |
| 108 END; | 110 END; |
| 109 $$; | 111 $$; |
| 146 USING (users.utm_covers(area)); | 148 USING (users.utm_covers(area)); |
| 147 | 149 |
| 148 CREATE POLICY responsibility_area ON waterway.fairway_dimensions | 150 CREATE POLICY responsibility_area ON waterway.fairway_dimensions |
| 149 FOR ALL TO waterway_admin | 151 FOR ALL TO waterway_admin |
| 150 USING (users.utm_covers(area)); | 152 USING (users.utm_covers(area)); |
| 151 | |
| 152 CREATE POLICY sys_admin ON waterway.stretches | |
| 153 FOR ALL TO sys_admin | |
| 154 USING (true); | |
| 155 | 153 |
| 156 -- | 154 -- |
| 157 -- RLS policies for imports and import config | 155 -- RLS policies for imports and import config |
| 158 -- | 156 -- |
| 159 | 157 |