From df637af43fb3feac127a0eecf4082d3bdb271cd5 Mon Sep 17 00:00:00 2001 From: arjen Date: Wed, 23 Mar 2011 17:04:41 +0000 Subject: [PATCH] Added a new group daemon and created additional permissions to the database. --- src/database/create.sql | 61 +++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 59 insertions(+), 2 deletions(-) diff --git a/src/database/create.sql b/src/database/create.sql index d32de26..5d6cab9 100644 --- a/src/database/create.sql +++ b/src/database/create.sql @@ -12,7 +12,10 @@ -- DBA create the database and give access permissions. -- -- $Log: create.sql,v $ --- Revision 1.23 2007-11-17 09:32:24 arjen +-- Revision 1.24 2011-03-23 17:04:41 arjen +-- Added a new group daemon and created additional permissions to the database. +-- +-- Revision 1.23 2007/11/17 09:32:24 arjen -- Minor fixes to make created and upgraded databases equal. -- Cleanup of database destruction script. -- @@ -773,46 +776,100 @@ CREATE INDEX usr_security_level ON usr USING btree (security_level); CREATE GROUP view; CREATE GROUP ops; CREATE GROUP admin; +CREATE GROUP daemon; + +-- The default user 'gnucomo' used by the daemons + +CREATE ROLE gnucomo LOGIN PASSWORD 'gnucomo' IN GROUP daemon; GRANT SELECT ON action TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON action_user TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON db_value TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON db_value TO GROUP daemon; GRANT SELECT ON history TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON history TO GROUP daemon; GRANT SELECT ON log TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON log TO GROUP daemon; GRANT SELECT ON log_notification TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON notification TO GROUP view, GROUP ops, GROUP admin; -GRANT SELECT ON object TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON notification TO GROUP daemon; +GRANT SELECT ON object TO GROUP view, GROUP ops, GROUP admin, GROUP daemon; GRANT SELECT ON object_abuse TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON object_abuse TO GROUP daemon; GRANT SELECT ON object_issue TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON object_priority TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON object_service TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON object_service TO GROUP daemon; GRANT SELECT ON object_statistics TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON object_statistics TO GROUP daemon; GRANT SELECT ON object_user TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON object_user TO GROUP daemon; GRANT SELECT ON parameter TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON parameter TO GROUP daemon; GRANT SELECT ON parameter_class TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON parameter_class TO GROUP daemon; GRANT SELECT ON parameter_notification TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON parameter_notification TO GROUP daemon; GRANT SELECT ON priority TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON property TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON property TO GROUP daemon; GRANT SELECT ON service TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON service TO GROUP daemon; GRANT SELECT ON status TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON supported_os TO GROUP view, GROUP ops, GROUP admin; GRANT SELECT ON type_of_issue TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON type_of_issue TO GROUP daemon; GRANT SELECT ON usr TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON usr TO GROUP daemon; GRANT INSERT ON action_user TO GROUP ops, GROUP admin; +GRANT INSERT ON action_user TO GROUP daemon; +GRANT DELETE ON action_user TO GROUP daemon; GRANT UPDATE ON action_user_actionstepid_seq TO GROUP ops, GROUP admin; +GRANT UPDATE ON action_user_actionstepid_seq TO GROUP daemon; +GRANT UPDATE ON db_value TO GROUP daemon; +GRANT INSERT ON log TO GROUP daemon; +GRANT DELETE ON log TO GROUP daemon; +GRANT UPDATE ON log_logid_seq TO GROUP daemon; +GRANT INSERT ON log_notification TO GROUP daemon; +GRANT SELECT ON log_notification TO GROUP daemon; +GRANT DELETE ON log_notification TO GROUP daemon; GRANT UPDATE ON notification TO GROUP ops, GROUP admin; +GRANT INSERT ON notification TO GROUP daemon; +GRANT DELETE ON notification TO GROUP daemon; GRANT INSERT ON object TO GROUP admin; GRANT UPDATE ON object TO GROUP ops, GROUP admin; +GRANT UPDATE ON object TO GROUP daemon; GRANT DELETE ON object TO GROUP admin; GRANT INSERT ON object_abuse TO GROUP admin; GRANT UPDATE ON object_abuse TO GROUP ops, GROUP admin; GRANT DELETE ON object_abuse TO GROUP admin; +GRANT INSERT ON log_abuse TO GROUP daemon; +GRANT INSERT ON object_abuse TO GROUP daemon; +GRANT UPDATE ON object_abuse TO GROUP daemon; +GRANT INSERT ON object_statistics TO GROUP daemon; +GRANT UPDATE ON object_statistics TO GROUP daemon; + +GRANT INSERT ON parameter_notification TO GROUP daemon; +GRANT INSERT ON parameter TO GROUP daemon; +GRANT UPDATE ON paramid_seq TO GROUP daemon; +GRANT UPDATE ON notification_notificationid_seq TO GROUP daemon; +GRANT SELECT ON notification_notificationid_seq TO GROUP daemon; +GRANT INSERT ON property TO GROUP daemon; +GRANT UPDATE ON property TO GROUP daemon; +GRANT INSERT ON history TO GROUP daemon; +GRANT INSERT ON parameter_class TO GROUP admin; +GRANT UPDATE ON parameter_class TO GROUP admin; +GRANT DELETE ON parameter_class TO GROUP admin; + GRANT UPDATE ON usr TO GROUP view, GROUP ops, GROUP admin; GRANT INSERT ON usr TO GROUP admin; GRANT DELETE ON usr TO GROUP admin; GRANT SELECT ON service_pattern TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON service_pattern TO GROUP daemon; GRANT INSERT ON service_pattern TO GROUP admin; GRANT UPDATE ON service_pattern TO GROUP ops, GROUP admin; GRANT DELETE ON service_pattern TO GROUP admin; GRANT SELECT ON log_abuse TO GROUP view, GROUP ops, GROUP admin; +GRANT SELECT ON log_abuse TO GROUP daemon; +GRANT DELETE ON log_abuse TO GROUP daemon; -- 2.11.0