| 1234567891011121314151617181920212223242526272829 |
- #! /usr/bin/env bash
-
- psql <<-EOF
- CREATE ROLE readaccess;
-
- REVOKE ALL ON DATABASE ${POSTGRES_DB} FROM readaccess;
- GRANT CONNECT ON DATABASE ${POSTGRES_DB} TO readaccess;
-
- \c ${POSTGRES_DB}
-
- REVOKE ALL ON SCHEMA public FROM readaccess;
- REVOKE CREATE ON SCHEMA public FROM readaccess;
- GRANT USAGE ON SCHEMA public TO readaccess;
-
- REVOKE ALL ON ALL TABLES IN SCHEMA public FROM readaccess;
- GRANT SELECT ON ALL TABLES IN SCHEMA public TO readaccess;
- ALTER DEFAULT PRIVILEGES IN SCHEMA public REVOKE ALL ON TABLES FROM readaccess;
- ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readaccess;
-
- REVOKE ALL ON ALL SEQUENCES IN SCHEMA public FROM readaccess;
- GRANT USAGE ON ALL SEQUENCES IN SCHEMA public TO readaccess;
- ALTER DEFAULT PRIVILEGES IN SCHEMA public REVOKE ALL ON SEQUENCES FROM readaccess;
- ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT USAGE ON SEQUENCES TO readaccess;
-
- REVOKE ALL ON ALL FUNCTIONS IN SCHEMA public FROM readaccess;
- GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO readaccess;
- ALTER DEFAULT PRIVILEGES IN SCHEMA public REVOKE ALL ON FUNCTIONS FROM readaccess;
- ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS TO readaccess;
- EOF
|
