diff options
author | Jeremy Kerr <jk@ozlabs.org> | 2008-10-09 22:49:18 +1100 |
---|---|---|
committer | Jeremy Kerr <jk@ozlabs.org> | 2008-10-09 22:49:18 +1100 |
commit | 4a039197705f92ee1c362401a7f7bb834ecc9079 (patch) | |
tree | 4d5ab43e19b9e0edb1c990a0baa92c4b63a1d79b /lib/sql | |
parent | 65404776f7f0e975737a5c8c69dc0b2ae5fe93da (diff) | |
download | patchwork-4a039197705f92ee1c362401a7f7bb834ecc9079.tar.bz2 patchwork-4a039197705f92ee1c362401a7f7bb834ecc9079.tar.xz |
[sql] use separate grant-all scripts for postgresql and mysql
Mysql doesn't support granting to multiple tables, and requires a
different username format.
Would be nice to code the permissions somewhere, then generate the
grant statements as required.
Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Diffstat (limited to 'lib/sql')
-rw-r--r-- | lib/sql/grant-all.mysql.sql | 35 | ||||
-rw-r--r-- | lib/sql/grant-all.postgres.sql (renamed from lib/sql/grant-all.sql) | 0 |
2 files changed, 35 insertions, 0 deletions
diff --git a/lib/sql/grant-all.mysql.sql b/lib/sql/grant-all.mysql.sql new file mode 100644 index 0000000..4dd6efb --- /dev/null +++ b/lib/sql/grant-all.mysql.sql @@ -0,0 +1,35 @@ +BEGIN; +-- give necessary permissions to the web server. Becuase the admin is all +-- web-based, these need to be quite permissive +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_message TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON django_session TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON django_site TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON django_admin_log TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON django_content_type TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_group_permissions TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_user TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_user_groups TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_group TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_user_user_permissions TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON auth_permission TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_userpersonconfirmation TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_state TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_comment TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_person TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_userprofile TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_userprofile_maintainer_projects TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_project TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_bundle TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_bundle_patches TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON patchwork_patch TO 'www-data'@localhost; +GRANT SELECT, UPDATE, INSERT, DELETE ON registration_registrationprofile TO 'www-data'@localhost; + +-- allow the mail user (in this case, 'nobody') to add patches +GRANT INSERT, SELECT ON patchwork_patch TO 'nobody'@localhost; +GRANT INSERT, SELECT ON patchwork_comment TO 'nobody'@localhost; +GRANT INSERT, SELECT ON patchwork_person TO 'nobody'@localhost; +GRANT SELECT ON patchwork_project TO 'nobody'@localhost; +GRANT SELECT ON patchwork_state TO 'nobody'@localhost; + +COMMIT; + diff --git a/lib/sql/grant-all.sql b/lib/sql/grant-all.postgres.sql index 72e1f31..72e1f31 100644 --- a/lib/sql/grant-all.sql +++ b/lib/sql/grant-all.postgres.sql |