29 lines
844 B
SQL
29 lines
844 B
SQL
\connect kandimat_db
|
|
|
|
-- Create schema for kandimat_data
|
|
create SCHEMA kandimat_data;
|
|
create SCHEMA kandimat_data_privat;
|
|
|
|
-- create roles
|
|
create role kandimat_person;
|
|
create role kandimat_anonymous;
|
|
create role kandimat_editor;
|
|
create role kandimat_candidate;
|
|
|
|
grant kandimat_editor to kandimat_postgraphile;
|
|
grant kandimat_candidate to kandimat_postgraphile;
|
|
grant kandimat_person to kandimat_postgraphile, kandimat_candidate, kandimat_editor;
|
|
grant kandimat_anonymous to kandimat_postgraphile;
|
|
|
|
create type kandimat_data.role as enum (
|
|
'kandimat_editor',
|
|
'kandimat_candidate',
|
|
'kandimat_person'
|
|
);
|
|
|
|
-- set table wide permissions
|
|
grant usage on schema kandimat_data to kandimat_anonymous, kandimat_person;
|
|
|
|
-- make functions non executeable w/o further checks
|
|
alter default privileges revoke execute on functions from public;
|