CDB-3094 Makes organization member group role name unique to database by using the database name md5 hash

This commit is contained in:
Raul Ochoa 2014-06-25 12:38:14 +02:00
parent 8624dd1a00
commit 55efde5039

View File

@ -1,8 +1,17 @@
CREATE OR REPLACE
FUNCTION cartodb.CDB_Organization_Member_Group_Role_Member_Name()
RETURNS TEXT
AS 'SELECT ''cdb_org_member''::text || ''_'' || md5(current_database());'
LANGUAGE SQL IMMUTABLE;
DO LANGUAGE 'plpgsql' $$ DO LANGUAGE 'plpgsql' $$
DECLARE
cdb_org_member_role_name TEXT;
BEGIN BEGIN
IF NOT EXISTS ( SELECT * FROM pg_roles WHERE rolname= 'cdb_org_member' ) cdb_org_member_role_name := cartodb.CDB_Organization_Member_Group_Role_Member_Name();
IF NOT EXISTS ( SELECT * FROM pg_roles WHERE rolname= cdb_org_member_role_name )
THEN THEN
CREATE ROLE cdb_org_member NOLOGIN; EXECUTE 'CREATE ROLE "' || cdb_org_member_role_name || '" NOLOGIN;';
END IF; END IF;
END END
$$; $$;
@ -12,7 +21,7 @@ FUNCTION cartodb.CDB_Organization_Create_Member(role_name text)
RETURNS void RETURNS void
AS $$ AS $$
BEGIN BEGIN
EXECUTE 'GRANT cdb_org_member TO "' || role_name || '"'; EXECUTE 'GRANT "' || cartodb.CDB_Organization_Member_Group_Role_Member_Name() || '" TO "' || role_name || '"';
END END
$$ LANGUAGE PLPGSQL VOLATILE; $$ LANGUAGE PLPGSQL VOLATILE;
@ -35,7 +44,7 @@ FUNCTION cartodb.CDB_Organization_Add_Table_Organization_Read_Permission(from_sc
RETURNS void RETURNS void
AS $$ AS $$
BEGIN BEGIN
EXECUTE 'SELECT cartodb.CDB_Organization_Add_Table_Read_Permission(''' || from_schema || ''', ''' || table_name || ''', ''cdb_org_member'');'; EXECUTE 'SELECT cartodb.CDB_Organization_Add_Table_Read_Permission(''' || from_schema || ''', ''' || table_name || ''', ''' || cartodb.CDB_Organization_Member_Group_Role_Member_Name() || ''');';
END END
$$ LANGUAGE PLPGSQL VOLATILE; $$ LANGUAGE PLPGSQL VOLATILE;
@ -54,7 +63,7 @@ FUNCTION cartodb.CDB_Organization_Add_Table_Organization_Read_Write_Permission(f
RETURNS void RETURNS void
AS $$ AS $$
BEGIN BEGIN
EXECUTE 'SELECT cartodb.CDB_Organization_Add_Table_Read_Write_Permission(''' || from_schema || ''', ''' || table_name || ''', ''cdb_org_member'');'; EXECUTE 'SELECT cartodb.CDB_Organization_Add_Table_Read_Write_Permission(''' || from_schema || ''', ''' || table_name || ''', ''' || cartodb.CDB_Organization_Member_Group_Role_Member_Name() || ''');';
END END
$$ LANGUAGE PLPGSQL VOLATILE; $$ LANGUAGE PLPGSQL VOLATILE;
@ -76,6 +85,6 @@ FUNCTION cartodb.CDB_Organization_Remove_Organization_Access_Permission(from_sch
RETURNS void RETURNS void
AS $$ AS $$
BEGIN BEGIN
EXECUTE 'SELECT cartodb.CDB_Organization_Remove_Access_Permission(''' || from_schema || ''', ''' || table_name || ''', ''cdb_org_member'');'; EXECUTE 'SELECT cartodb.CDB_Organization_Remove_Access_Permission(''' || from_schema || ''', ''' || table_name || ''', ''' || cartodb.CDB_Organization_Member_Group_Role_Member_Name() || ''');';
END END
$$ LANGUAGE PLPGSQL VOLATILE; $$ LANGUAGE PLPGSQL VOLATILE;