Skip to content

Commit 0d0eb2f

Browse files
samrosesamrose
authored
Merge branch 'develop' into sam/postgis-tiger-fix
2 parents 2e2fab6 + 66fb5c1 commit 0d0eb2f

File tree

2 files changed

+32
-0
lines changed

2 files changed

+32
-0
lines changed

ansible/files/postgresql_extension_custom_scripts/pgsodium/after-create.sql

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,26 @@
11
grant execute on function pgsodium.crypto_aead_det_decrypt(bytea, bytea, uuid, bytea) to service_role;
22
grant execute on function pgsodium.crypto_aead_det_encrypt(bytea, bytea, uuid, bytea) to service_role;
33
grant execute on function pgsodium.crypto_aead_det_keygen to service_role;
4+
5+
CREATE OR REPLACE FUNCTION pgsodium.mask_role(masked_role regrole, source_name text, view_name text)
6+
RETURNS void
7+
LANGUAGE plpgsql
8+
SECURITY DEFINER
9+
SET search_path TO ''
10+
AS $function$
11+
BEGIN
12+
EXECUTE format(
13+
'GRANT SELECT ON pgsodium.key TO %s',
14+
masked_role);
15+
16+
EXECUTE format(
17+
'GRANT pgsodium_keyiduser, pgsodium_keyholder TO %s',
18+
masked_role);
19+
20+
EXECUTE format(
21+
'GRANT ALL ON %I TO %s',
22+
view_name,
23+
masked_role);
24+
RETURN;
25+
END
26+
$function$;

ansible/files/postgresql_extension_custom_scripts/pgsodium/before-create.sql

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,9 @@
1+
do $$
2+
declare
3+
_extversion text := @extversion@;
4+
_r record;
5+
begin
6+
if _extversion is not null and _extversion != '3.1.8' then
7+
raise exception 'only pgsodium 3.1.8 is supported';
8+
end if;
9+
end $$;

0 commit comments

Comments
 (0)