# HG changeset patch
# User Tom Gottfried <tom@intevation.de>
# Date 1571149726 -7200
# Node ID 5b9ba358a4e7e8b2a591f9f8ef9349e7984df393
# Parent  a586de1b4466e69f3b12362e88c9be7f1c4eaf3e
Add missing RLS policies for sections

diff -r a586de1b4466 -r 5b9ba358a4e7 schema/auth.sql
--- a/schema/auth.sql	Tue Oct 15 16:13:10 2019 +0200
+++ b/schema/auth.sql	Tue Oct 15 16:28:46 2019 +0200
@@ -92,6 +92,7 @@
         'gauge_measurements',
         'waterway_profiles',
         'fairway_dimensions',
+        'sections',
         'bottlenecks',
         'sounding_results']
     LOOP
@@ -148,6 +149,10 @@
     FOR ALL TO waterway_admin
     USING (users.utm_covers(area));
 
+CREATE POLICY responsibility_area ON waterway.sections
+    FOR ALL TO waterway_admin
+    USING (users.utm_covers(area));
+
 CREATE POLICY sys_admin ON users.stretches
     FOR ALL TO sys_admin
     USING (true);
diff -r a586de1b4466 -r 5b9ba358a4e7 schema/updates/1304/01.add_section_rls.sql
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/schema/updates/1304/01.add_section_rls.sql	Tue Oct 15 16:28:46 2019 +0200
@@ -0,0 +1,11 @@
+CREATE POLICY hide_staging ON waterway.sections
+    FOR SELECT TO waterway_user USING (staging_done);
+
+CREATE POLICY sys_admin ON waterway.sections
+    FOR ALL TO sys_admin USING (true);
+
+CREATE POLICY responsibility_area ON waterway.sections
+    FOR ALL TO waterway_admin
+    USING (users.utm_covers(area));
+
+ALTER TABLE waterway.sections ENABLE ROW LEVEL SECURITY
diff -r a586de1b4466 -r 5b9ba358a4e7 schema/version.sql
--- a/schema/version.sql	Tue Oct 15 16:13:10 2019 +0200
+++ b/schema/version.sql	Tue Oct 15 16:28:46 2019 +0200
@@ -1,1 +1,1 @@
-INSERT INTO gemma_schema_version(version) VALUES (1303);
+INSERT INTO gemma_schema_version(version) VALUES (1304);