Skip to content

Commit d41ed15

Browse files
soedirgosoedirgo
committed
fix: pgsodium after-create script
1 parent 3df2ac1 commit d41ed15

File tree

2 files changed

+26
-3
lines changed

2 files changed

+26
-3
lines changed

ansible/files/postgresql_extension_custom_scripts/pgsodium/after-create.sql

Lines changed: 23 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,26 @@
11
grant execute on function pgsodium.crypto_aead_det_decrypt(bytea, bytea, uuid, bytea) to service_role;
22
grant execute on function pgsodium.crypto_aead_det_encrypt(bytea, bytea, uuid, bytea) to service_role;
33
grant execute on function pgsodium.crypto_aead_det_keygen to service_role;
4+
5+
CREATE OR REPLACE FUNCTION pgsodium.mask_role(masked_role regrole, source_name text, view_name text)
6+
RETURNS void
7+
LANGUAGE plpgsql
8+
SECURITY DEFINER
9+
SET search_path TO ''
10+
AS $function$
11+
BEGIN
12+
EXECUTE format(
13+
'GRANT SELECT ON pgsodium.key TO %s',
14+
masked_role);
15+
16+
EXECUTE format(
17+
'GRANT pgsodium_keyiduser, pgsodium_keyholder TO %s',
18+
masked_role);
19+
20+
EXECUTE format(
21+
'GRANT ALL ON %I TO %s',
22+
view_name,
23+
masked_role);
24+
RETURN;
25+
END
26+
$function$;

ansible/vars.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -9,9 +9,9 @@ postgres_major:
99

1010
# Full version strings for each major version
1111
postgres_release:
12-
postgresorioledb-17: "17.0.1.012-orioledb"
13-
postgres15: "15.8.1.022"
14-
postgres16: "16.3.1.028"
12+
postgresorioledb-17: "17.0.1.013-orioledb"
13+
postgres15: "15.8.1.023"
14+
postgres16: "16.3.1.029"
1515

1616
# Non Postgres Extensions
1717
pgbouncer_release: "1.19.0"

0 commit comments

Comments
 (0)