test

Author: soedirgo

ansible/files/admin_api_scripts/pg_upgrade_scripts/initiate.sh

@@ -316,6 +316,7 @@ function initiate_upgrade {
     if [ "$OLD_BOOTSTRAP_USER" = "postgres" ]; then
         run_sql -c "create role supabase_tmp login superuser;"
         # TODO: move to its own file
+        # TODO: GRANTED BY, ADMIN OPTION
         psql -h localhost -U supabase_tmp -d postgres <<'EOSQL'
 do $$
 declare
@@ -465,10 +466,16 @@ begin
   foreach obj in array schemas
   loop
     if obj->>'owner' = 'postgres' then
-      execute(format('alter schema %s owner to postgres;', (obj->>'oid')::regnamespace));
+      execute(format('alter schema %I owner to postgres;', (obj->>'oid')::regnamespace));
     end if;
     -- TODO: don't modify system catalog directly
-    update pg_namespace set nspacl = (obj->>'acl')::aclitem[] where nspname = obj->>'oid';
+    for rec in
+      select grantor, grantee, privilege_type, is_grantable
+      from aclexplode((obj->>'acl')::aclitem[])
+      where grantee = 'supabase_admin'::regrole
+    loop
+      execute(format('grant %s on schema %s to postgres %s', rec.privilege_type, (obj->>'oid')::regnamespace, case when rec.is_grantable then 'with grant option' else '' end));
+    end loop;
   end loop;
 
   -- types