From f6beab4e89a6019c28565ff2aa3040ae900dad9e Mon Sep 17 00:00:00 2001
From: Daniel Olojakpoke <holodja@hotmail.com>
Date: Thu, 28 Jul 2022 01:49:14 +0100
Subject: [PATCH 1/3] fix: give stakeholder user permission for accessing
 public schema

---
 .../terraform/prod/schemas/stakeholder/main.tf            | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/database-grants/terraform/prod/schemas/stakeholder/main.tf b/database-grants/terraform/prod/schemas/stakeholder/main.tf
index 7eee1c9..6bb114a 100644
--- a/database-grants/terraform/prod/schemas/stakeholder/main.tf
+++ b/database-grants/terraform/prod/schemas/stakeholder/main.tf
@@ -4,4 +4,12 @@ module "microservice_schema" {
   schema = "stakeholder"
 }
 
+resource "postgresql_grant" "readonly_entity" {
+  database    = "treetracker"
+  role        = "s_stakeholder"
+  schema      = "public"
+  object_type = "table"
+  privileges  = ["SELECT"]
+}
+
 

From dee445cf955dccb1502dbaaccaf5ca21c30ee875 Mon Sep 17 00:00:00 2001
From: Daniel Olojakpoke <holodja@hotmail.com>
Date: Sun, 23 Oct 2022 23:08:22 +0100
Subject: [PATCH 2/3] fix: give reporting access to stakeholder schema

---
 .../terraform/prod/schemas/reporting/main.tf  | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/database-grants/terraform/prod/schemas/reporting/main.tf b/database-grants/terraform/prod/schemas/reporting/main.tf
index e9fd81d..8e42b6c 100644
--- a/database-grants/terraform/prod/schemas/reporting/main.tf
+++ b/database-grants/terraform/prod/schemas/reporting/main.tf
@@ -5,4 +5,31 @@ module "microservice_schema" {
   service_user_table_grants = ["SELECT", "INSERT", "UPDATE", "DELETE"] # allow delete from this schema
 }
 
+resource "postgresql_grant" "stakeholder_schema" {
+  database    = "treetracker"
+  role        = "s_reporting"
+  schema      = "stakeholder"
+  object_type = "schema"
+  privileges  = ["USAGE"]
+}
+
+resource "postgresql_grant" "stakeholder_children_function" {
+  database    = "treetracker"
+  role        = "s_reporting"
+  schema      = "stakeholder"
+  object_type = "function"
+  privileges  = ["EXECUTE"]
+}
+
+resource "postgresql_grant" "stakeholder_table" {
+  database    = "treetracker"
+  role        = "s_reporting"
+  schema      = "stakeholder"
+  object_type = "table"
+  privileges  = ["SELECT"]
+}
+
+
+
+
 

From b6fb171b155b8a32841bd76589a38dcbc12ad2ab Mon Sep 17 00:00:00 2001
From: Daniel Olojakpoke <holodja@hotmail.com>
Date: Thu, 27 Oct 2022 00:52:29 +0100
Subject: [PATCH 3/3] fix: give reporting access to regions

---
 .../terraform/prod/schemas/reporting/main.tf     | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/database-grants/terraform/prod/schemas/reporting/main.tf b/database-grants/terraform/prod/schemas/reporting/main.tf
index 8e42b6c..8332497 100644
--- a/database-grants/terraform/prod/schemas/reporting/main.tf
+++ b/database-grants/terraform/prod/schemas/reporting/main.tf
@@ -29,6 +29,22 @@ resource "postgresql_grant" "stakeholder_table" {
   privileges  = ["SELECT"]
 }
 
+resource "postgresql_grant" "regions_schema" {
+  database    = "treetracker"
+  role        = "s_reporting"
+  schema      = "regions"
+  object_type = "schema"
+  privileges  = ["USAGE"]
+}
+
+resource "postgresql_grant" "region_table" {
+  database    = "treetracker"
+  role        = "s_reporting"
+  schema      = "regions"
+  object_type = "table"
+  privileges  = ["SELECT"]
+}
+