summaryrefslogtreecommitdiffstats
path: root/lib/sql/grant-all.sql
blob: 4b8a43bc33d60bc1403a205bdf7574bbaab9b21b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
BEGIN;
-- give necessary permissions to the web server. Becuase the admin is all
-- web-based, these need to be quite permissive
GRANT SELECT, UPDATE, INSERT, DELETE ON
	auth_message,
	django_session,
	django_site,
	django_admin_log,
	django_content_type,
	auth_group_permissions,
	auth_user,
	auth_user_groups,
	auth_group,
	auth_user_user_permissions,
	auth_permission,
	patchwork_registrationrequest,
	patchwork_userpersonconfirmation,
	patchwork_state,
	patchwork_comment,
	patchwork_person,
	patchwork_userprofile,
	patchwork_userprofile_maintainer_projects,
	patchwork_project,
	patchwork_bundle,
	patchwork_bundle_patches,
	patchwork_patch
TO "www-data";
GRANT SELECT, UPDATE ON
	auth_group_id_seq,
	auth_group_permissions_id_seq,
	auth_message_id_seq,
	auth_permission_id_seq,
	auth_user_groups_id_seq,
	auth_user_id_seq,
	auth_user_user_permissions_id_seq,
	django_admin_log_id_seq,
	django_content_type_id_seq,
	django_site_id_seq,
	patchwork_bundle_id_seq,
	patchwork_bundle_patches_id_seq,
	patchwork_comment_id_seq,
	patchwork_patch_id_seq,
	patchwork_person_id_seq,
	patchwork_project_id_seq,
	patchwork_registrationrequest_id_seq,
	patchwork_state_id_seq,
	patchwork_userpersonconfirmation_id_seq,
	patchwork_userprofile_id_seq,
	patchwork_userprofile_maintainer_projects_id_seq
TO "www-data";

-- allow the mail user (in this case, 'nobody') to add patches
GRANT INSERT, SELECT ON
	patchwork_patch,
	patchwork_comment,
	patchwork_person
TO "nobody";
GRANT SELECT ON
	patchwork_project
TO "nobody";
GRANT UPDATE, SELECT ON
	patchwork_patch_id_seq,
	patchwork_person_id_seq,
	patchwork_comment_id_seq
TO "nobody";

COMMIT;