fix: db grant problem with function; wallet opeator permission

Greenstand · Nov 21, 2023 · 64321c7 · 64321c7
1 parent 64a9f32
commit 64321c7
Show file tree

Hide file tree

Showing 4 changed files with 104 additions and 103 deletions.
diff --git a/database-grants/terraform/prod/extra/main.tf b/database-grants/terraform/prod/extra/main.tf
@@ -22,3 +22,107 @@ resource "postgresql_grant" "wallet-operator-seq" {
   privileges  = ["USAGE", "SELECT"]
 
 }
+
+resource "postgresql_grant" "wallet-operator-schema-public" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "public"
+  object_type = "schema"
+  privileges  = ["USAGE", "CREATE"]
+}
+
+resource "postgresql_grant" "wallet-operator-table-public" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "public"
+  object_type = "table"
+  privileges  = ["SELECT", "INSERT", "UPDATE", "DELETE"]
+}
+
+
+resource "postgresql_grant" "wallet-operator-seq-public" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "public"
+  object_type = "sequence"
+  privileges  = ["USAGE", "SELECT"]
+
+}
+
+
+resource "postgresql_grant" "wallet-operator-schema-herbarium" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "herbarium"
+  object_type = "schema"
+  privileges  = ["USAGE", "CREATE"]
+}
+
+resource "postgresql_grant" "wallet-operator-table-herbarium" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "herbarium"
+  object_type = "table"
+  privileges  = ["SELECT", "INSERT", "UPDATE", "DELETE"]
+}
+
+
+resource "postgresql_grant" "wallet-operator-seq-herbarium" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "herbarium"
+  object_type = "sequence"
+  privileges  = ["USAGE", "SELECT"]
+}
+
+
+resource "postgresql_grant" "wallet-operator-schema-stakeholder" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "stakeholder"
+  object_type = "schema"
+  privileges  = ["USAGE", "CREATE"]
+}
+
+resource "postgresql_grant" "wallet-operator-table-stakeholder" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "stakeholder"
+  object_type = "table"
+  privileges  = ["SELECT", "INSERT", "UPDATE", "DELETE"]
+}
+
+
+resource "postgresql_grant" "wallet-operator-seq-stakeholder" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "stakeholder"
+  object_type = "sequence"
+  privileges  = ["USAGE", "SELECT"]
+}
+
+
+resource "postgresql_grant" "wallet-operator-schema-treetracker" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "treetracker"
+  object_type = "schema"
+  privileges  = ["USAGE", "CREATE"]
+}
+
+resource "postgresql_grant" "wallet-operator-table-treetracker" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "treetracker"
+  object_type = "table"
+  privileges  = ["SELECT", "INSERT", "UPDATE", "DELETE"]
+}
+
+
+resource "postgresql_grant" "wallet-operator-seq-treetracker" {
+  database    = "treetracker"
+  role        = "wallet_operator"
+  schema      = "treetracker"
+  object_type = "sequence"
+  privileges  = ["USAGE", "SELECT"]
+}
diff --git a/database-grants/terraform/prod/main.tf b/database-grants/terraform/prod/main.tf
@@ -56,13 +56,6 @@ module "messaging_schema" {
   }
 }
 
-module "query_schema" {
-  source = "./schemas/query"
-  providers = {
-    postgresql = postgresql.treetracker
-  }
-}
-
 module "stakeholder_schema" {
   source = "./schemas/stakeholder"
   providers = {

diff --git a/database-grants/terraform/prod/schemas/query/main.tf b/database-grants/terraform/prod/schemas/query/main.tf
diff --git a/database-grants/terraform/prod/schemas/query/provider.tf b/database-grants/terraform/prod/schemas/query/provider.tf