diff --git a/deploy/grant_select_on_payment_status_to_guest.sql b/deploy/grant_select_on_payment_status_to_guest.sql new file mode 100644 index 0000000..e903209 --- /dev/null +++ b/deploy/grant_select_on_payment_status_to_guest.sql @@ -0,0 +1,11 @@ +-- Deploy camper:grant_select_on_payment_status_to_guest to pg +-- requires: roles +-- requires: payment_status +-- requires: payment_status_i18n + +begin; + +grant select on table camper.payment_status to guest; +grant select on table camper.payment_status_i18n to guest; + +commit; diff --git a/revert/grant_select_on_payment_status_to_guest.sql b/revert/grant_select_on_payment_status_to_guest.sql new file mode 100644 index 0000000..d5d0a50 --- /dev/null +++ b/revert/grant_select_on_payment_status_to_guest.sql @@ -0,0 +1,8 @@ +-- Revert camper:grant_select_on_payment_status_to_guest from pg + +begin; + +revoke select on camper.payment_status_i18n from guest; +revoke select on camper.payment_status from guest; + +commit; diff --git a/sqitch.plan b/sqitch.plan index cd09dd8..ab06474 100644 --- a/sqitch.plan +++ b/sqitch.plan @@ -261,3 +261,4 @@ payment_reference [roles schema_camper payment] 2024-02-14T01:45:37Z jordi fita @v4 2024-02-27T17:30:17Z jordi fita mas # Tag v4 company__tourist_tax_max_days [company] 2024-02-27T18:03:51Z jordi fita mas # Add tourist_tax_max_days to company draft_payment [draft_payment@v4 company__tourist_tax_max_days] 2024-02-27T17:49:05Z jordi fita mas # Limit the number of nights that have tourist tax in draft_payment +grant_select_on_payment_status_to_guest [roles payment_status payment_status_i18n] 2024-02-29T16:42:13Z jordi fita mas # Grant SELECT on payment_status and payment_status_i18n to guest diff --git a/test/payment_status.sql b/test/payment_status.sql index fb7ac14..6ba156b 100644 --- a/test/payment_status.sql +++ b/test/payment_status.sql @@ -11,7 +11,7 @@ set search_path to camper, public; select has_table('payment_status'); select has_pk('payment_status'); -select table_privs_are('payment_status', 'guest', array[]::text[]); +select table_privs_are('payment_status', 'guest', array['SELECT']); select table_privs_are('payment_status', 'employee', array['SELECT']); select table_privs_are('payment_status', 'admin', array['SELECT']); select table_privs_are('payment_status', 'authenticator', array[]::text[]); diff --git a/test/payment_status_i18n.sql b/test/payment_status_i18n.sql index 7b68ed6..0a85172 100644 --- a/test/payment_status_i18n.sql +++ b/test/payment_status_i18n.sql @@ -12,7 +12,7 @@ set search_path to camper, public; select has_table('payment_status_i18n'); select has_pk('payment_status_i18n'); select col_is_pk('payment_status_i18n', array['payment_status', 'lang_tag']); -select table_privs_are('payment_status_i18n', 'guest', array[]::text[]); +select table_privs_are('payment_status_i18n', 'guest', array['SELECT']); select table_privs_are('payment_status_i18n', 'employee', array['SELECT']); select table_privs_are('payment_status_i18n', 'admin', array['SELECT']); select table_privs_are('payment_status_i18n', 'authenticator', array[]::text[]); diff --git a/verify/grant_select_on_payment_status_to_guest.sql b/verify/grant_select_on_payment_status_to_guest.sql new file mode 100644 index 0000000..a73860b --- /dev/null +++ b/verify/grant_select_on_payment_status_to_guest.sql @@ -0,0 +1,19 @@ +-- Verify camper:grant_select_on_payment_status_to_guest on pg + +begin; + +select 1 / count(*) from information_schema.table_privileges +where table_schema = 'camper' + and table_name = 'payment_status' + and grantee = 'guest' + and privilege_type = 'SELECT' +; + +select 1 / count(*) from information_schema.table_privileges +where table_schema = 'camper' + and table_name = 'payment_status_i18n' + and grantee = 'guest' + and privilege_type = 'SELECT' +; + +rollback;