Skip to content

Commit 8a4d0b7

Browse files
nmarukovichnmarukovich
authored
K8SPG-571 public schema access fix (#1201)
* K8SPG-571 fix public schema access * fix
1 parent f9e5124 commit 8a4d0b7

File tree

1 file changed

+9
-6
lines changed

1 file changed

+9
-6
lines changed

internal/postgres/users.go

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,7 @@ import (
88
"bytes"
99
"context"
1010
"encoding/json"
11+
"fmt"
1112
"strings"
1213

1314
pg_query "github.com/pganalyze/pg_query_go/v6"
@@ -271,26 +272,28 @@ func grantUserAccessToPublicSchemaInPostgreSQL(ctx context.Context, exec Executo
271272

272273
databases, _ := json.Marshal(user.Databases)
273274

275+
// Format the username as an identifier
276+
username := fmt.Sprintf(`"%s"`, user.Name)
277+
274278
stdout, stderr, err := exec.ExecInDatabasesFromQuery(ctx,
275279
sql.String(),
276280
strings.Join([]string{
277281
// Quiet NOTICE messages from IF EXISTS statements.
278282
`SET client_min_messages = WARNING;`,
279283

280284
// Grant all privileges on the public schema to the user
281-
`GRANT ALL PRIVILEGES ON SCHEMA public TO :"username";`,
285+
fmt.Sprintf(`GRANT ALL PRIVILEGES ON SCHEMA public TO %s;`, username),
282286

283287
// Grant all privileges on existing tables and sequences in the public schema
284-
`GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO :"username";`,
285-
`GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO :"username";`,
288+
fmt.Sprintf(`GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO %s;`, username),
289+
fmt.Sprintf(`GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO %s;`, username),
286290

287291
// Set default privileges for future objects created in the public schema
288-
`ALTER DEFAULT PRIVILEGES FOR ROLE "username" IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO "username";`,
289-
`ALTER DEFAULT PRIVILEGES FOR ROLE "username" IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO "username";`,
292+
fmt.Sprintf(`ALTER DEFAULT PRIVILEGES FOR ROLE %s IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO %s;`, username, username),
293+
fmt.Sprintf(`ALTER DEFAULT PRIVILEGES FOR ROLE %s IN SCHEMA public GRANT ALL PRIVILEGES ON SEQUENCES TO %s;`, username, username),
290294
}, "\n"),
291295
map[string]string{
292296
"databases": string(databases),
293-
"username": string(user.Name),
294297
"ON_ERROR_STOP": "on", // Abort when any one statement fails.
295298
"QUIET": "on", // Do not print successful commands to stdout.
296299
},

0 commit comments

Comments
 (0)