From 01ae7b8c1025de65dedab31c8c7b33bea8543aee Mon Sep 17 00:00:00 2001
From: Sandro Santilli <strk@keybit.net>
Date: Fri, 6 Jun 2014 11:02:51 +0200
Subject: [PATCH] Drop role management

Roles are not created anymore, previously private functions for table
information extraction (CDB_UserTables, CDB_TableIndexes, CDB_ColumnNames,
CDB_ColumnType) will now be callable by anyone while only returning
information about tables over which the calling user has SELECT privilege.

Closes #36
---
 Makefile                               |  1 -
 NEWS                                   |  4 ++++
 scripts-available/CDB_ColumnNames.sql  |  3 ---
 scripts-available/CDB_ColumnType.sql   |  3 ---
 scripts-available/CDB_DDLTriggers.sql  |  5 -----
 scripts-available/CDB_Roles.sql        | 13 -------------
 scripts-available/CDB_TableIndexes.sql |  6 ++----
 scripts-available/CDB_UserTables.sql   |  8 ++++----
 8 files changed, 10 insertions(+), 33 deletions(-)
 delete mode 100644 scripts-available/CDB_Roles.sql

diff --git a/Makefile b/Makefile
index 3881e89..c3ce7f8 100644
--- a/Makefile
+++ b/Makefile
@@ -6,7 +6,6 @@ EXTVERSION = 0.2.0dev
 SED = sed
 
 CDBSCRIPTS = \
-  scripts-available/CDB_Roles.sql \
   scripts-enabled/*.sql \
   scripts-available/CDB_SearchPath.sql \
   scripts-available/CDB_DDLTriggers.sql \
diff --git a/NEWS b/NEWS
index c4f469a..5ca6552 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,10 @@
 Important changes:
 
  - This release adds dependency on "plpythonu" extension
+ - Roles are not created anymore, previously private functions
+   for table information extraction will now be callable by
+   anyone while only returning information about tables over
+   which the calling user has SELECT privilege (#36)
 
 Bug fixes:
 
diff --git a/scripts-available/CDB_ColumnNames.sql b/scripts-available/CDB_ColumnNames.sql
index 2c74dbc..c392321 100644
--- a/scripts-available/CDB_ColumnNames.sql
+++ b/scripts-available/CDB_ColumnNames.sql
@@ -11,6 +11,3 @@ AS $$
          
 $$ LANGUAGE SQL;
 
--- This is a private function, so only the db owner need privileges
-REVOKE ALL ON FUNCTION CDB_ColumnNames(REGCLASS) FROM PUBLIC;
-GRANT EXECUTE ON FUNCTION CDB_ColumnNames(REGCLASS) TO ":DATABASE_USERNAME";
diff --git a/scripts-available/CDB_ColumnType.sql b/scripts-available/CDB_ColumnType.sql
index 6b8196e..4319bbe 100644
--- a/scripts-available/CDB_ColumnType.sql
+++ b/scripts-available/CDB_ColumnType.sql
@@ -12,6 +12,3 @@ AS $$
          
 $$ LANGUAGE SQL;
 
--- This is a private function, so only the db owner need privileges
-REVOKE ALL ON FUNCTION CDB_ColumnType(REGCLASS, TEXT) FROM PUBLIC;
-GRANT EXECUTE ON FUNCTION CDB_ColumnType(REGCLASS, TEXT) TO ":DATABASE_USERNAME";
diff --git a/scripts-available/CDB_DDLTriggers.sql b/scripts-available/CDB_DDLTriggers.sql
index ccb25c8..37ab988 100644
--- a/scripts-available/CDB_DDLTriggers.sql
+++ b/scripts-available/CDB_DDLTriggers.sql
@@ -1,8 +1,3 @@
---LOAD 'schema_triggers.so';
---CREATE EXTENSION IF NOT EXISTS schema_triggers;
-
---GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA schema_triggers TO public;
-
 -- Table creation
 -- {
 CREATE OR REPLACE FUNCTION cartodb.cdb_handle_create_table ()
diff --git a/scripts-available/CDB_Roles.sql b/scripts-available/CDB_Roles.sql
deleted file mode 100644
index c984d3c..0000000
--- a/scripts-available/CDB_Roles.sql
+++ /dev/null
@@ -1,13 +0,0 @@
-DO LANGUAGE 'plpgsql' $$
-BEGIN
-  IF NOT EXISTS ( SELECT * FROM pg_roles WHERE rolname= 'cdb_org_admin' )
-  THEN
-    CREATE ROLE cdb_org_admin NOLOGIN;
-  END IF;
-
-  IF NOT EXISTS ( SELECT * FROM pg_roles WHERE rolname= 'cdb_org_user' )
-  THEN
-    CREATE ROLE cdb_org_user NOLOGIN;
-  END IF;
-END
-$$;
diff --git a/scripts-available/CDB_TableIndexes.sql b/scripts-available/CDB_TableIndexes.sql
index c6871fe..bbb7e00 100644
--- a/scripts-available/CDB_TableIndexes.sql
+++ b/scripts-available/CDB_TableIndexes.sql
@@ -17,10 +17,8 @@ AS $$
   ON pg_class.oid = idx.indexrelid 
   WHERE pg_indexes.tablename = '' || $1 || ''
   AND '' || $1 || '' IN (SELECT CDB_UserTables())
-  AND pg_class.relname=pg_indexes.indexname;
+  AND pg_class.relname=pg_indexes.indexname
+  ;
 
 $$ LANGUAGE SQL;
 
--- This is a private function, so only the db owner need privileges
-REVOKE ALL ON FUNCTION CDB_TableIndexes(REGCLASS) FROM PUBLIC;
-GRANT EXECUTE ON FUNCTION CDB_TableIndexes(REGCLASS) TO ":DATABASE_USERNAME";
diff --git a/scripts-available/CDB_UserTables.sql b/scripts-available/CDB_UserTables.sql
index c2fa4ee..aa9e350 100644
--- a/scripts-available/CDB_UserTables.sql
+++ b/scripts-available/CDB_UserTables.sql
@@ -26,14 +26,14 @@ AS $$
     FROM usertables
   )
   SELECT t FROM perms
-  WHERE p = CASE WHEN $1 = 'private' THEN false
+  WHERE (
+    p = CASE WHEN $1 = 'private' THEN false
                  WHEN $1 = 'public' THEN true
                  ELSE not p -- none
             END
     OR $1 = 'all'
+  )
+  AND has_table_privilege('public'||'.'||t, 'SELECT')
    ;
 $$ LANGUAGE 'sql';
 
--- This is a private function, so only the db owner need privileges
-REVOKE ALL ON FUNCTION CDB_UserTables(text) FROM PUBLIC;
-GRANT EXECUTE ON FUNCTION CDB_UserTables(text) TO ":DATABASE_USERNAME";