|
|
@ -34,8 +34,8 @@ FUNCTION cartodb.CDB_Organization_Add_Table_Read_Permission(from_schema text, ta
|
|
|
|
RETURNS void
|
|
|
|
RETURNS void
|
|
|
|
AS $$
|
|
|
|
AS $$
|
|
|
|
BEGIN
|
|
|
|
BEGIN
|
|
|
|
EXECUTE 'GRANT USAGE ON SCHEMA ' || from_schema || ' TO "' || to_role_name || '"';
|
|
|
|
EXECUTE 'GRANT USAGE ON SCHEMA "' || from_schema || '" TO "' || to_role_name || '"';
|
|
|
|
EXECUTE 'GRANT SELECT ON ' || from_schema || '.' || table_name || ' TO "' || to_role_name || '"';
|
|
|
|
EXECUTE 'GRANT SELECT ON "' || from_schema || '".' || table_name || ' TO "' || to_role_name || '"';
|
|
|
|
END
|
|
|
|
END
|
|
|
|
$$ LANGUAGE PLPGSQL VOLATILE;
|
|
|
|
$$ LANGUAGE PLPGSQL VOLATILE;
|
|
|
|
|
|
|
|
|
|
|
@ -53,8 +53,8 @@ FUNCTION cartodb.CDB_Organization_Add_Table_Read_Write_Permission(from_schema te
|
|
|
|
RETURNS void
|
|
|
|
RETURNS void
|
|
|
|
AS $$
|
|
|
|
AS $$
|
|
|
|
BEGIN
|
|
|
|
BEGIN
|
|
|
|
EXECUTE 'GRANT USAGE ON SCHEMA ' || from_schema || ' TO "' || to_role_name || '"';
|
|
|
|
EXECUTE 'GRANT USAGE ON SCHEMA "' || from_schema || '" TO "' || to_role_name || '"';
|
|
|
|
EXECUTE 'GRANT SELECT, INSERT, UPDATE, DELETE ON ' || from_schema || '.' || table_name || ' TO "' || to_role_name || '"';
|
|
|
|
EXECUTE 'GRANT SELECT, INSERT, UPDATE, DELETE ON "' || from_schema || '".' || table_name || ' TO "' || to_role_name || '"';
|
|
|
|
END
|
|
|
|
END
|
|
|
|
$$ LANGUAGE PLPGSQL VOLATILE;
|
|
|
|
$$ LANGUAGE PLPGSQL VOLATILE;
|
|
|
|
|
|
|
|
|
|
|
@ -73,7 +73,7 @@ FUNCTION cartodb.CDB_Organization_Remove_Access_Permission(from_schema text, tab
|
|
|
|
RETURNS void
|
|
|
|
RETURNS void
|
|
|
|
AS $$
|
|
|
|
AS $$
|
|
|
|
BEGIN
|
|
|
|
BEGIN
|
|
|
|
EXECUTE 'REVOKE ALL PRIVILEGES ON TABLE ' || from_schema || '.' || table_name || ' FROM "' || to_role_name || '"';
|
|
|
|
EXECUTE 'REVOKE ALL PRIVILEGES ON TABLE "' || from_schema || '".' || table_name || ' FROM "' || to_role_name || '"';
|
|
|
|
-- EXECUTE 'REVOKE USAGE ON SCHEMA ' || from_schema || ' FROM "' || to_role_name || '"';
|
|
|
|
-- EXECUTE 'REVOKE USAGE ON SCHEMA ' || from_schema || ' FROM "' || to_role_name || '"';
|
|
|
|
-- We need to revoke usage on schema only if we are revoking privileges from the last table where to_role_name has
|
|
|
|
-- We need to revoke usage on schema only if we are revoking privileges from the last table where to_role_name has
|
|
|
|
-- any permission granted within the schema from_schema
|
|
|
|
-- any permission granted within the schema from_schema
|
|
|
|