--DROP POLICY rls_accuty ON acq.currency_type;
\dp acq.currency_type
+ CREATE POLICY rls_acedac ON acq.edi_account TO stest USING (true);
+ --DROP POLICY rls_acedac ON acq.edi_account;
+ \dp acq.edi_account
+
+ CREATE POLICY rls_acpr ON acq.provider TO stest USING (true);
+ --DROP POLICY rls_acpr ON acq.provider;
+ \dp acq.provider
+
+ CREATE POLICY rls_acpr ON acq.provider TO stest USING (true);
+ --DROP POLICY rls_acpr ON acq.provider;
+ \dp acq.provider
+
+ CREATE POLICY rls_acprad ON acq.provider_address TO stest USING (true);
+ --DROP POLICY rls_acprad ON acq.provider_address;
+ \dp acq.provider_address
+
+ CREATE POLICY rls_acprco ON acq.provider_contact TO stest USING (true);
+ --DROP POLICY rls_acprco ON acq.provider_contact;
+ \dp acq.provider_contact
+
+ CREATE POLICY rls_acprcoad ON acq.provider_contact_address TO stest USING (true);
+ --DROP POLICY rls_acprcoad ON acq.provider_contact_address;
+ \dp acq.provider_contact_address
+
+ CREATE POLICY rls_acprhosuma ON acq.provider_holding_subfield_map TO stest USING (true);
+ --DROP POLICY rls_acprhosuma ON acq.provider_holding_subfield_map;
+ \dp acq.provider_holding_subfield_map
+
+ CREATE POLICY rls_acprno ON acq.provider_note TO stest USING (creator in(select id from actor.usr) and editor in(select id from actor.usr));
+ --DROP POLICY rls_acprno ON acq.provider_note;
+ \dp acq.provider_note
+
CREATE POLICY rls_acedat ON acq.edi_attr TO stest USING (true);
--DROP POLICY rls_acedat ON acq.edi_attr;
\dp acq.edi_attr
--DROP POLICY rls_acfica ON acq.fiscal_calendar;
\dp acq.fiscal_calendar
- CREATE POLICY rls_acfu ON acq.fund TO stest USING (year = date_part('year'::text, now()));
+ CREATE POLICY rls_acfiye ON acq.fiscal_year TO stest USING (true);
+ --DROP POLICY rls_acfiye ON acq.fiscal_year;
+ \dp acq.fiscal_year
+
+ CREATE POLICY rls_acfu ON acq.fund TO stest USING (year >= date_part('year'::text, now())-1);
--DROP POLICY rls_acfu ON acq.fund;
\dp acq.fund
+ CREATE POLICY rls_acfuso ON acq.funding_source TO stest USING (true);
+ --DROP POLICY rls_acfuso ON acq.funding_source;
+ \dp acq.funding_source;
+
+ CREATE POLICY rls_acfusocr ON acq.funding_source_credit TO stest USING (true);
+ --DROP POLICY rls_acfusocr ON acq.funding_source_credit
+ \dp acq.funding_source_credit
+
+ CREATE POLICY rls_acfutr ON acq.fund_transfer TO stest USING ((dest_fund is null or dest_fund in(select id from acq.fund)) and src_fund in(select id from acq.fund) and transfer_user in(select id from actor.usr));
+ --DROP POLICY rls_acfutr ON acq.fund_transfer;
+ \dp acq.fund_transfer
+
CREATE POLICY rls_acfual ON acq.fund_allocation TO stest USING ((id < 10 or id % 2 = 0) and extract(year from create_time) >= extract(year from now())-1 and fund in(select id from acq.fund) and allocator in(select id from actor.usr));
--DROP POLICY rls_acfual ON acq.fund_allocation;
\dp acq.fund_allocation
- CREATE POLICY rls_acfude ON acq.fund_debit TO stest USING ((id < 10 or id % 1000 = 0) and extract(year from create_time) >= extract(year from now())-1 and fund in(select id from acq.fund));
+ CREATE POLICY rls_acfualpe ON acq.fund_allocation_percent TO stest USING (allocator in(select id from actor.usr));
+ --DROP POLICY rls_acfualpe ON acq.fund_allocation_percent;
+ \dp acq.fund_allocation_percent
+
+ CREATE POLICY rls_acpuorhi ON acq.acq_purchase_order_history TO stest USING (extract(year from create_time) >= extract(year from now())-1 and creator in(select id from actor.usr) and editor in(select id from actor.usr) and owner in(select id from actor.usr) and (provider is null or provider in(select id from acq.provider)));
+ --DROP POLICY rls_acpuorhi ON acq.acq_purchase_order_history;
+ \dp acq.acq_purchase_order_history
+
+ CREATE POLICY rls_acpuor ON acq.purchase_order TO stest USING (id in(select id from acq.acq_purchase_order_history));
+ --DROP POLICY rls_acpuor ON acq.purchase_order;
+ \dp acq.purchase_order
+
+ CREATE POLICY rls_acedme ON acq.edi_message TO stest USING (purchase_order in(select id from acq.purchase_order));
+ --DROP POLICY rls_acedme ON acq.edi_message;
+ \dp acq.edi_message
+
+ CREATE POLICY rls_acpi ON acq.picklist TO stest USING (extract(year from create_time) >= extract(year from now())-1 and creator in(select id from actor.usr) and editor in(select id from actor.usr) and owner in(select id from actor.usr));
+ --DROP POLICY rls_acpi ON acq.picklist;
+ \dp acq.picklist
+
+ CREATE POLICY rls_aclihi ON acq.acq_lineitem_history TO stest USING (extract(year from create_time) >= extract(year from now())-1 and (purchase_order is null or (purchase_order % 5 = 0 and purchase_order in(select id from acq.purchase_order))) and (eg_bib_id is null or eg_bib_id in(select id from biblio.record_entry)) and (queued_record is null or queued_record in(select id from vandelay.queued_bib_record)) and (provider is null or provider in(select id from acq.provider)) and (picklist is null or picklist in(select id from acq.picklist)) and creator in(select id from actor.usr) and editor in(select id from actor.usr) and selector in(select id from actor.usr));
+ --DROP POLICY rls_aclihi ON acq.acq_lineitem_history;
+ \dp acq.acq_lineitem_history
+
+ CREATE POLICY rls_acli ON acq.lineitem TO stest USING (id in(select id from acq.acq_lineitem_history));
+ --DROP POLICY rls_acli ON acq.lineitem;
+ \dp acq.lineitem
+
+ CREATE POLICY rls_acliat ON acq.lineitem_attr TO stest USING (lineitem in(select id from acq.lineitem));
+ --DROP POLICY rls_acliat ON acq.lineitem_attr;
+ \dp acq.lineitem_attr
+
+ CREATE POLICY rls_acliatde ON acq.lineitem_attr_definition TO stest USING (true);
+ --DROP POLICY rls_acliatde ON acq.lineitem_attr_definition;
+ \dp acq.lineitem_attr_definition
+
+ CREATE POLICY rls_acligeatde ON acq.lineitem_generated_attr_definition TO stest USING (true);
+ --DROP POLICY rls_acligeatde ON acq.lineitem_generated_attr_definition;
+ \dp acq.lineitem_generated_attr_definition
+
+ CREATE POLICY rls_acliloatde ON acq.lineitem_local_attr_definition TO stest USING (true);
+ --DROP POLICY rls_acliloatde ON acq.lineitem_local_attr_definition;
+ \dp acq.lineitem_local_attr_definition
+
+ CREATE POLICY rls_acliloatde ON acq.lineitem_marc_attr_definition TO stest USING (true);
+ --DROP POLICY rls_acliloatde ON acq.lineitem_marc_attr_definition;
+ \dp acq.lineitem_marc_attr_definition
+
+ CREATE POLICY rls_acfude ON acq.fund_debit TO stest USING (fund in(select id from acq.fund) and (invoice_entry is null or invoice_entry in(select id from acq.invoice_entry)));
--DROP POLICY rls_acfude ON acq.fund_debit;
\dp acq.fund_debit
- CREATE POLICY rls_acfuso ON acq.funding_source TO stest USING (true);
- --DROP POLICY rls_acfuso ON acq.funding_source;
- \dp acq.funding_source;
+ CREATE POLICY rls_acfuta ON acq.fund_tag TO stest USING (true);
+ --DROP POLICY rls_acfuta ON acq.fund_tag;
+ \dp acq.fund_tag
+
+ CREATE POLICY rls_acfutama ON acq.fund_tag_map TO stest USING (fund in(select id from acq.fund));
+ --DROP POLICY rls_acfutama ON acq.fund_tag_map;
+ \dp acq.fund_tag_map
+
+ CREATE POLICY rls_acdeat ON acq.debit_attribution TO stest USING (fund_debit in(select id from acq.fund_debit));
+ --DROP POLICY rls_acdeat ON acq.debit_attribution;
+ \dp acq.debit_attribution
+
+ CREATE POLICY rls_aclide ON acq.lineitem_detail TO stest USING ((lineitem is null or lineitem in(select id from acq.lineitem)) and fund in(select id from acq.fund) and location in(select id from asset.copy_location) and (receiver is null or receiver in(select id from actor.usr)));
+ --DROP POLICY rls_aclide ON acq.lineitem_detail;
+ \dp acq.lineitem_detail
+
+ CREATE POLICY rls_aclialte ON acq.lineitem_alert_text TO stest USING (true);
+ --DROP POLICY rls_aclialte ON acq.lineitem_alert_text;
+ \dp acq.lineitem_alert_text
+
+ CREATE POLICY rls_aclino ON acq.lineitem_note TO stest USING (alert_text in(select id from acq.lineitem_alert_text) and creator in(select id from actor.usr) and editor in(select id from actor.usr) and lineitem in(select id from acq.lineitem));
+ --DROP POLICY rls_aclino ON acq.lineitem_note;
+ \dp acq.lineitem_note
+
+ CREATE POLICY rls_aclipratde ON acq.lineitem_provider_attr_definition TO stest USING (true);
+ --DROP POLICY rls_aclipratde ON acq.lineitem_provider_attr_definition;
+ \dp acq.lineitem_provider_attr_definition
+
+ CREATE POLICY rls_acliusatde ON acq.lineitem_usr_attr_definition TO stest USING (usr in(select id from actor.usr));
+ --DROP POLICY rls_acliusatde ON acq.lineitem_usr_attr_definition;
+ \dp acq.lineitem_usr_attr_definition
+
+ CREATE POLICY rls_acdifo ON acq.distribution_formula TO stest USING (true);
+ --DROP POLICY rls_acdifo ON acq.distribution_formula;
+ \dp acq.distribution_formula
+
+ CREATE POLICY rls_acdifoap ON acq.distribution_formula_application TO stest USING (creator in(select id from actor.usr) and lineitem in(select id from acq.lineitem));
+ --DROP POLICY rls_acdifoap ON acq.distribution_formula_application;
+ \dp acq.distribution_formula_application
+
+ CREATE POLICY rls_acdifoen ON acq.distribution_formula_entry TO stest USING (fund in(select id from acq.fund) and location in(select id from asset.copy_location));
+ --DROP POLICY rls_acdifoen ON acq.distribution_formula_entry;
+ \dp acq.distribution_formula_entry
+
+ CREATE POLICY rls_acinme ON acq.invoice_method TO stest USING (true);
+ --DROP POLICY rls_acinme ON acq.invoice_method;
+ \dp acq.invoice_method
+
+ CREATE POLICY rls_acinpame ON acq.invoice_payment_method TO stest USING (true);
+ --DROP POLICY rls_acinpame ON acq.invoice_payment_method;
+ \dp acq.invoice_payment_method
+
+ CREATE POLICY rls_acin ON acq.invoice TO stest USING (id % 10 = 0 and (closed_by is null or closed_by in(select id from actor.usr)) and provider in(select id from acq.provider) and shipper in(select id from acq.provider));
+ --DROP POLICY rls_acin ON acq.invoice;
+ \dp acq.invoice
+
+ CREATE POLICY rls_acinen ON acq.invoice_entry TO stest USING (invoice in(select id from acq.invoice) and lineitem in(select id from acq.lineitem) and purchase_order in(select id from acq.purchase_order));
+ --DROP POLICY rls_acinen ON acq.invoice_entry;
+ \dp acq.invoice_entry
+
+ CREATE POLICY rls_acinitty ON acq.invoice_item_type TO stest USING (true);
+ --DROP POLICY rls_acinitty ON acq.invoice_item_type;
+ \dp acq.invoice_item_type
+
+ CREATE POLICY rls_acpoit ON acq.po_item TO stest USING ((fund_debit is null or fund_debit in(select id from acq.fund_debit)) and (fund is null or fund in(select id from acq.fund)) and (purchase_order is null or purchase_order in(select id from acq.purchase_order)));
+ --DROP POLICY rls_acpoit ON acq.po_item;
+ \dp acq.po_item;
+
+ CREATE POLICY rls_acpono ON acq.po_note TO stest USING (creator in(select id from actor.usr) and editor in(select id from actor.usr) and purchase_order in(select id from acq.purchase_order));
+ --DROP POLICY rls_acpono ON acq.po_note;
+ \dp acq.po_note
+
+ CREATE POLICY rls_acinit ON acq.invoice_item TO stest USING ((fund_debit is null or fund_debit in(select id from acq.fund_debit)) and (fund is null or fund in(select id from acq.fund)) and invoice in(select id from acq.invoice) and (po_item is null or po_item in(select id from acq.purchase_order)) and (purchase_order is null or purchase_order in(select id from acq.purchase_order)));
+ --DROP POLICY rls_acinit ON acq.invoice_item;
+ \dp acq.invoice_item
+
+ CREATE POLICY rls_acclevty ON acq.claim_event_type TO stest USING (true);
+ --DROP POLICY rls_acclevty ON acq.claim_event_type;
+ \dp acq.claim_event_type
+
+ CREATE POLICY rls_acclpo ON acq.claim_policy TO stest USING (true);
+ --DROP POLICY rls_acclpo ON acq.claim_policy;
+ \dp acq.claim_policy
+
+ CREATE POLICY rls_acclpoac ON acq.claim_policy_action TO stest USING (true);
+ --DROP POLICY rls_acclpoac ON acq.claim_policy_action;
+ \dp acq.claim_policy_action
+
+ CREATE POLICY rls_acclty ON acq.claim_type TO stest USING (true);
+ --DROP POLICY rls_acclty ON acq.claim_type;
+ \dp acq.claim_type;
+
+ CREATE POLICY rls_accl ON acq.claim TO stest USING (lineitem_detail in(select id from acq.lineitem_detail));
+ --DROP POLICY rls_accl ON acq.claim;
+ \dp acq.claim;
+
+ CREATE POLICY rls_acclev ON acq.claim_event TO stest USING (claim in(select id from acq.claim) and creator in(select id from actor.usr));
+ --DROP POLICY rls_acclev ON acq.claim_event;
+ \dp acq.claim_event;
CREATE POLICY rls_achore ON action.hold_request TO stest USING (id % 2 = 0 and requestor in(select id from actor.usr) and usr in(select id from actor.usr));
--DROP POLICY rls_achore ON action.hold_request;
--DROP POLICY rls_vaimer ON vandelay.import_error;
\dp vandelay.import_error
- CREATE POLICY rls_vaquaure ON vandelay.queued_authority_record TO stest USING (import_error in(select code from vandelay.import_error) and imported_as in(select id from authority.record_entry) and queue in(select id from vandelay.authority_queue));
- --DROP POLICY rls_vaquaure ON vandelay.queued_authority_record
+ CREATE POLICY rls_vaquaure ON vandelay.queued_authority_record TO stest USING (imported_as in(select id from authority.record_entry) and queue in(select id from vandelay.authority_queue));
+ --DROP POLICY rls_vaquaure ON vandelay.queued_authority_record;
\dp vandelay.queued_authority_record
- CREATE POLICY rls_vaaumu ON vandelay.authority_match TO stest USING (eg_record in(select id from authority.record_entry) and queued_record in(select id from vandelay.queued_authority_record));
+ CREATE POLICY rls_vaauma ON vandelay.authority_match TO stest USING (eg_record in(select id from authority.record_entry) and queued_record in(select id from vandelay.queued_authority_record));
--DROP POLICY rls_vaauma ON vandelay.authority_match;
\dp vandelay.authority_match
- RAISE NOTICE 'ADD RLS POLICY FOR TABLE %.%', sch, tbl;
pg>
\c 'user=postgres dbname=test'
\c 'user=postgres dbname=nc'
END;
$do$;
- DROP POLICY rls_circ_limit_set_copy_loc_map ON config.circ_limit_set_copy_loc_map;
CREATE POLICY rls_cocilisecoloma ON config.circ_limit_set_copy_loc_map TO stest USING (copy_loc in(select id from asset.copy_location));
+ --DROP POLICY rls_cocilisecoloma ON config.circ_limit_set_copy_loc_map;
\dp config.circ_limit_set_copy_loc_map
- DROP POLICY rls_circ_matrix_matchpoint ON config.circ_matrix_matchpoint;
CREATE POLICY rls_cocimama ON config.circ_matrix_matchpoint TO stest USING (copy_location in(select id from asset.copy_location));
+ --DROP POLICY rls_cocimama ON config.circ_matrix_matchpoint;
\dp config.circ_matrix_matchpoint
- DROP POLICY rls_circ_matrix_limit_set_map ON config.circ_matrix_limit_set_map;
CREATE POLICY rls_cocimalisema ON config.circ_matrix_limit_set_map TO stest USING (matchpoint in(select id from config.circ_matrix_matchpoint));
+ --DROP POLICY rls_cocimalisema ON config.circ_matrix_limit_set_map;
\dp config.circ_matrix_limit_set_map
- DROP POLICY rls_filter_dialog_filter_set ON config.filter_dialog_filter_set;
CREATE POLICY rls_cofidifise ON config.filter_dialog_filter_set TO stest USING (creator in(select id from actor.usr));
+ --DROP POLICY rls_cobireenbuty ON container.biblio_record_entry_bucket_type;
\dp config.filter_dialog_filter_set
CREATE POLICY rls_cobireenbuty ON container.biblio_record_entry_bucket_type TO stest USING (true);
--DROP POLICY rls_mereso ON metabib.record_sorter;
\dp metabib.record_sorter
- CREATE POLICY rls_mereso ON metabib.record_sorter TO stest USING (source in(select id from biblio.record_entry));
- --DROP POLICY rls_mereso ON metabib.record_sorter;
- \dp metabib.record_sorter
-
CREATE POLICY rls_mesefien ON metabib.series_field_entry TO stest USING (source in(select id from biblio.record_entry));
--DROP POLICY rls_mesefien ON metabib.series_field_entry;
\dp metabib.series_field_entry
--DROP POLICY rls_mogopa ON money.goods_payment;
\dp money.goods_payment
- >>
+ CREATE POLICY rls_ofsc ON offline.script TO stest USING (requestor in(select id from actor.usr) and workstation in(select name from actor.workstation));
+ --DROP POLICY rls_ofsc ON offline.script;
+ \dp offline.script
+
+ CREATE POLICY rls_ofse ON offline.session TO stest USING (creator in(select id from actor.usr));
+ --DROP POLICY rls_ofse ON offline.session;
+ \dp offline.session
+
+ CREATE POLICY rls_pepeli ON permission.perm_list TO stest USING (true);
+ --DROP POLICY rls_pepeli ON permission.perm_list;
+ \dp permission.perm_list;
+
+ CREATE POLICY rls_pegrpeth ON permission.grp_penalty_threshold TO stest USING (true);
+ --DROP POLICY rls_pegrpeth ON permission.grp_penalty_threshold;
+ \dp permission.grp_penalty_threshold
+
+ CREATE POLICY rls_pegrpema ON permission.grp_perm_map TO stest USING (true);
+ --DROP POLICY rls_pegrpema ON permission.grp_perm_map;
+ \dp permission.grp_perm_map
+
+ CREATE POLICY rls_pegrtrdien ON permission.grp_tree_display_entry TO stest USING (true);
+ --DROP POLICY rls_pegrtrdien ON permission.grp_tree_display_entry;
+ \dp permission.grp_tree_display_entry
+
+ CREATE POLICY rls_peusgrma ON permission.usr_grp_map TO stest USING (usr in(select id from actor.usr));
+ --DROP POLICY rls_peusgrma ON permission.usr_grp_map;
+ \dp permission.usr_grp_map
+
+ CREATE POLICY rls_peusobpema ON permission.usr_object_perm_map TO stest USING (usr in(select id from actor.usr));
+ --DROP POLICY rls_peusobpema ON permission.usr_object_perm_map;
+ \dp permission.usr_object_perm_map
+
+ CREATE POLICY rls_peuspema ON permission.usr_perm_map TO stest USING (usr in(select id from actor.usr));
+ --DROP POLICY rls_peuspema ON permission.usr_perm_map;
+ \dp permission.usr_perm_map
+
+ CREATE POLICY rls_peuswoouma ON permission.usr_work_ou_map TO stest USING (usr in(select id from actor.usr));
+ --DROP POLICY rls_peuswoouma ON permission.usr_work_ou_map;
+ \dp permission.usr_work_ou_map
+
+ pg>
+ \c 'user=postgres dbname=test'
+ \c 'user=postgres dbname=nc'
+ DO $do$
+ DECLARE
+ sch text;
+ tbl text;
+ BEGIN
+ FOR sch IN SELECT nspname FROM pg_namespace where nspname = 'query'
+ LOOP
+ FOR tbl IN SELECT tablename FROM pg_tables WHERE schemaname = sch order by 1 LOOP
+ RAISE NOTICE 'ADD RLS POLICY FOR TABLE %.%', sch, tbl;
+ EXECUTE format($$ CREATE POLICY rls_%I ON %I.%I TO stest USING (true) $$, tbl, sch, tbl);
+ END LOOP;
+ END LOOP;
+ END;
+ $do$;
+
+
+ CREATE POLICY rls_raba ON rating.badge TO stest USING (true);
+ --DROP POLICY rls_raba ON rating.badge;
+ \dp rating.badge
+
+ CREATE POLICY rls_rapopa ON rating.popularity_parameter TO stest USING (true);
+ --DROP POLICY rls_rapopa ON rating.popularity_parameter;
+ \dp rating.popularity_parameter
+
+ CREATE POLICY rls_rarebasc ON rating.record_badge_score TO stest USING (record in(select id from biblio.record_entry));
+ --DROP POLICY rls_rarebasc ON rating.record_badge_score;
+ \dp rating.record_badge_score
+
+ CREATE POLICY rls_rehorere ON reporter.hold_request_record TO stest USING (target in(select id from biblio.record_entry) and bib_record in(select id from biblio.record_entry));
+ --DROP POLICY rls_rehorere ON reporter.hold_request_record;
+ \dp reporter.hold_request_record
+
+ CREATE POLICY rls_reoufo ON reporter.output_folder TO stest USING (true);
+ --DROP POLICY rls_reoufo ON reporter.output_folder;
+ \dp reporter.output_folder
+
+ CREATE POLICY rls_rerefo ON reporter.report_folder TO stest USING (owner in(select id from actor.usr));
+ --DROP POLICY rls_rerefo ON reporter.report_folder;
+ \dp reporter.report_folder
+
+ CREATE POLICY rls_rere ON reporter.report TO stest USING (id % 100 = 0 and folder in(select id from reporter.report_folder) and owner in(select id from actor.usr) and extract(year from create_time) >= extract(year from now())-1);
+ --DROP POLICY rls_rere ON reporter.report;
+ \dp reporter.report
+
+ CREATE POLICY rls_resc ON reporter.schedule TO stest USING (report in(select id from reporter.report) and runner in(select id from actor.usr));
+ --DROP POLICY rls_resc ON reporter.schedule;
+ \dp reporter.schedule
+
+ CREATE POLICY rls_retefo ON reporter.template_folder TO stest USING (owner in(select id from actor.usr));
+ --DROP POLICY rls_retefo ON reporter.template_folder;
+ \dp reporter.template_folder
+
+ CREATE POLICY rls_rete ON reporter.template TO stest USING (id % 100 = 0 and folder in(select id from reporter.template_folder) and owner in(select id from actor.usr) and extract(year from create_time) >= extract(year from now())-1);
+ --DROP POLICY rls_rete ON reporter.template;
+ \dp reporter.template
+
+ CREATE POLICY rls_seread ON search.relevance_adjustment TO stest USING (true);
+ --DROP POLICY rls_seread ON search.relevance_adjustment;
+ \dp search.relevance_adjustment
+
+ CREATE POLICY rls_sesu ON serial.subscription TO stest USING (record_entry is null or record_entry in(select id from biblio.record_entry));
+ --DROP POLICY rls_sesu ON serial.subscription;
+ \dp serial.subscription
+
+ CREATE POLICY rls_sereen ON serial.record_entry TO stest USING (record in(select id from biblio.record_entry) and creator in(select id from actor.usr) and editor in(select id from actor.usr));
+ --DROP POLICY rls_sereen ON serial.record_entry;
+ \dp serial.record_entry;
+
+ CREATE POLICY rls_sedi ON serial.distribution TO stest USING ((bind_call_number is null or bind_call_number in(select id from asset.call_number)) and (receive_call_number is null or receive_call_number in(select id from asset.call_number)) and (bind_unit_template is null or bind_unit_template in(select id from asset.copy_template)) and (receive_unit_template is null or receive_unit_template in(select id from asset.copy_template)) and (record_entry is null or record_entry in(select id from serial.record_entry)) and subscription in(select id from serial.subscription));
+ --DROP POLICY rls_sedi ON serial.distribution;
+ \dp serial.distribution
+
+ CREATE POLICY rls_sedino ON serial.distribution_note TO stest USING (creator in(select id from actor.usr) and distribution in(select id from serial.distribution));
+ --DROP POLICY rls_sedino ON serial.distribution_note;
+ \dp serial.distribution_note
+
+ CREATE POLICY rls_sebasu ON serial.basic_summary TO stest USING (distribution in(select id from serial.distribution));
+ --DROP POLICY rls_sebasu ON serial.basic_summary;
+ \dp serial.basic_summary
+
+ CREATE POLICY rls_secapa ON serial.caption_and_pattern TO stest USING (subscription in(select id from serial.subscription));
+ --DROP POLICY rls_secapa ON serial.caption_and_pattern;
+ \dp serial.caption_and_pattern
+
+ CREATE POLICY rls_seinsu ON serial.index_summary TO stest USING (distribution in(select id from serial.distribution));
+ --DROP POLICY rls_seinsu ON serial.index_summary;
+ \dp serial.index_summary
+
+ CREATE POLICY rls_seis ON serial.issuance TO stest USING ((caption_and_pattern is null or caption_and_pattern in(select id from serial.caption_and_pattern)) and creator in(select id from actor.usr) and editor in(select id from actor.usr) and subscription in(select id from serial.subscription));
+ --DROP POLICY rls_seis ON serial.issuance;
+ \dp serial.issuance
+
+ CREATE POLICY rls_seinsu ON serial.stream TO stest USING (distribution in(select id from serial.distribution));
+ --DROP POLICY rls_seinsu ON serial.stream;
+ \dp serial.stream
+
+ CREATE POLICY rls_seit ON serial.item TO stest USING (creator in(select id from actor.usr) and editor in(select id from actor.usr) and issuance in(select id from serial.issuance) and stream in(select id from serial.stream) and (unit is null or unit in(select id from serial.unit)));
+ --DROP POLICY rls_seit ON serial.item;
+ \dp serial.item
+
+ CREATE POLICY rls_seitno ON serial.item_note TO stest USING (creator in(select id from actor.usr) and item in(select id from serial.item));
+ --DROP POLICY rls_seitno ON serial.item_note;
+ \dp serial.item_note
+
+ CREATE POLICY rls_acsecl ON acq.serial_claim TO stest USING (item in(select id from serial.item));
+ --DROP POLICY rls_acsecl ON acq.serial_claim;
+ \dp acq.serial_claim
+
+ CREATE POLICY rls_acseclev ON acq.serial_claim_event TO stest USING (claim in(select id from acq.serial_claim) and creator in(select id from actor.usr));
+ --DROP POLICY rls_acseclev ON acq.serial_claim_event;
+ \dp acq.serial_claim_event
+
+ CREATE POLICY rls_acusrety ON acq.user_request_type TO stest USING (true);
+ --DROP POLICY rls_acusrety ON acq.user_request_type;
+ \dp acq.user_request_type
+
+ CREATE POLICY rls_acusrestty ON acq.user_request_status_type TO stest USING (true);
+ --DROP POLICY rls_acusrestty ON acq.user_request_status_type;
+ \dp acq.user_request_status_type
+
+ CREATE POLICY rls_acusre ON acq.user_request TO stest USING ((eg_bib is null or eg_bib in(select id from biblio.record_entry)) and (lineitem is null or lineitem in(select id from acq.lineitem)) and usr in(select id from actor.usr));
+ --DROP POLICY rls_acusre ON acq.user_request;
+ \dp acq.user_request
+
+ CREATE POLICY rls_semahoco ON serial.materialized_holding_code TO stest USING (issuance in(select id from serial.issuance));
+ --DROP POLICY rls_semahoco ON serial.materialized_holding_code;
+ \dp serial.materialized_holding_code
+
+ CREATE POLICY rls_sepate ON serial.pattern_template TO stest USING (true);
+ --DROP POLICY rls_sepate ON serial.pattern_template;
+ \dp serial.pattern_template
+
+ CREATE POLICY rls_serolius ON serial.routing_list_user TO stest USING (reader in(select id from actor.usr) and stream in(select id from serial.stream));
+ --DROP POLICY rls_serolius ON serial.routing_list_user;
+ \dp serial.routing_list_user;
+
+ CREATE POLICY rls_sesuno ON serial.subscription_note TO stest USING (creator in(select id from actor.usr) and subscription in(select id from serial.subscription));
+ --DROP POLICY rls_sesuno ON serial.subscription_note;
+ \dp serial.subscription_note
+
+ CREATE POLICY rls_sesusu ON serial.supplement_summary TO stest USING (distribution in(select id from serial.distribution));
+ --DROP POLICY rls_sesusu ON serial.supplement_summary;
+ \dp serial.supplement_summary
+
+ CREATE POLICY rls_stmaadst ON staging.mailing_address_stage TO stest USING (row_id % 200 = 0);
+ --DROP POLICY rls_stmaadst ON staging.mailing_address_stage;
+ \dp staging.mailing_address_stage
+
+ CREATE POLICY rls_stsest ON staging.setting_stage TO stest USING (row_id % 200 = 0);
+ --DROP POLICY rls_stsest ON staging.setting_stage;
+ \dp staging.setting_stage
+
+ CREATE POLICY rls_stusst ON staging.user_stage TO stest USING (requesting_usr in(select id from actor.usr));
+ --DROP POLICY rls_stusst ON staging.user_stage;
+ \dp staging.user_stage
+
+ CREATE POLICY rls_stbiadst ON staging.billing_address_stage TO stest USING (true);
+ --DROP POLICY rls_stbiadst ON staging.billing_address_stage;
+ \dp staging.billing_address_stage
+
+ CREATE POLICY rls_stcast ON staging.card_stage TO stest USING (true);
+ --DROP POLICY rls_stcast ON staging.card_stage;
+ \dp staging.card_stage
+
+ CREATE POLICY rls_ststst ON staging.statcat_stage TO stest USING (true);
+ --DROP POLICY rls_ststst ON staging.statcat_stage;
+ \dp staging.statcat_stage
+
+ CREATE POLICY rls_unbroula ON unapi.bre_output_layout TO stest USING (true);
+ --DROP POLICY rls_unbroula ON unapi.bre_output_layout;
+ \dp unapi.bre_output_layout
+
+ CREATE POLICY rls_urvese ON url_verify.session TO stest USING (container in(select id from container.biblio_record_entry_bucket) and creator in(select id from actor.usr));
+ --DROP POLICY rls_urvese ON url_verify.session;
+ \dp url_verify.session
+
+ CREATE POLICY rls_urveurse ON url_verify.url_selector TO stest USING (session in(select id from url_verify.session));
+ --DROP POLICY rls_urveurse ON url_verify.url_selector;
+ \dp url_verify.url_selector
+
+ CREATE POLICY rls_urveur ON url_verify.url TO stest USING (item in(select id from container.biblio_record_entry_bucket_item) and session in(select id from url_verify.session) and url_selector in(select id from url_verify.url_selector));
+ --DROP POLICY rls_urveur ON url_verify.url;
+ \dp url_verify.url
+
+ CREATE POLICY rls_urveveat ON url_verify.verification_attempt TO stest USING (session in(select id from url_verify.session) and usr in(select id from actor.usr));
+ --DROP POLICY rls_urveveat ON url_verify.verification_attempt;
+ \dp url_verify.verification_attempt
+
+ CREATE POLICY rls_urveurve ON url_verify.url_verification TO stest USING (attempt in(select id from url_verify.verification_attempt) and redirect_to in(select id from url_verify.url) and url in(select id from url_verify.url));
+ --DROP POLICY rls_urveurve ON url_verify.url_verification;
+ \dp url_verify.url_verification
+
+ CREATE POLICY rls_vaauatde ON vandelay.authority_attr_definition TO stest USING (true);
+ --DROP POLICY rls_vaauatde ON vandelay.authority_attr_definition;
+ \dp vandelay.authority_attr_definition
+
+ CREATE POLICY rls_vabiatde ON vandelay.bib_attr_definition TO stest USING (true);
+ --DROP POLICY rls_vabiatde ON vandelay.bib_attr_definition;
+ \dp vandelay.bib_attr_definition
+
+ CREATE POLICY rls_vaimitatde ON vandelay.import_item_attr_definition TO stest USING (true);
+ --DROP POLICY rls_vaimitatde ON vandelay.import_item_attr_definition;
+ \dp vandelay.import_item_attr_definition
+
+ CREATE POLICY rls_vabiqu ON vandelay.bib_queue TO stest USING (item_attr_def in(select id from vandelay.import_item_attr_definition));
+ --DROP POLICY rls_vabiqu ON vandelay.bib_queue;
+ \dp vandelay.bib_queue
+
+ CREATE POLICY rls_vaqubire ON vandelay.queued_bib_record TO stest USING (imported_as in(select id from biblio.record_entry) and queue in(select id from vandelay.bib_queue));
+ --DROP POLICY rls_vaqubire ON vandelay.queued_bib_record;
+ \dp vandelay.queued_bib_record
+
+ CREATE POLICY rls_vabima ON vandelay.bib_match TO stest USING (eg_record in(select id from biblio.record_entry) and queued_record in(select id from vandelay.queued_bib_record));
+ --DROP POLICY rls_vabima ON vandelay.bib_match;
+ \dp vandelay.bib_match
+
+ CREATE POLICY rls_vaimbitrgr ON vandelay.import_bib_trash_group TO stest USING (true);
+ --DROP POLICY rls_vaimbitrgr ON vandelay.import_bib_trash_group;
+ \dp vandelay.import_bib_trash_group
+
+ CREATE POLICY rls_vaimbitrfi ON vandelay.import_bib_trash_fields TO stest USING (true);
+ --DROP POLICY rls_vaimbitrfi ON vandelay.import_bib_trash_fields;
+ \dp vandelay.import_bib_trash_fields
+
+ CREATE POLICY rls_vaimit ON vandelay.import_item TO stest USING (definition in(select id from vandelay.import_item_attr_definition) and record in(select id from vandelay.queued_bib_record));
+ --DROP POLICY rls_vaimit ON vandelay.import_item;
+ \dp vandelay.import_item
+
+ CREATE POLICY rls_vamase ON vandelay.match_set TO stest USING (true);
+ --DROP POLICY rls_vamase ON vandelay.match_set;
+ \dp vandelay.match_set
+
+ CREATE POLICY rls_vamasepo ON vandelay.match_set_point TO stest USING (true);
+ --DROP POLICY rls_vamasepo ON vandelay.match_set_point;
+ \dp vandelay.match_set_point
+
+ CREATE POLICY rls_vamasequ ON vandelay.match_set_quality TO stest USING (true);
+ --DROP POLICY rls_vamasequ ON vandelay.match_set_quality;
+ \dp vandelay.match_set_quality
+
+ CREATE POLICY rls_vamepr ON vandelay.merge_profile TO stest USING (true);
+ --DROP POLICY rls_vamepr ON vandelay.merge_profile;
+ \dp vandelay.merge_profile
+
+ CREATE POLICY rls_vaqu ON vandelay.queue TO stest USING (owner in(select id from actor.usr));
+ --DROP POLICY rls_vaqu ON vandelay.queue;
+ \dp vandelay.queue
+
+ CREATE POLICY rls_vaquaureat ON vandelay.queued_authority_record_attr TO stest USING (field in(select id from vandelay.authority_attr_definition) and record in(select id from vandelay.queued_authority_record));
+ --DROP POLICY rls_vaquaureat ON vandelay.queued_authority_record_attr;
+ \dp vandelay.queued_authority_record_attr
+
+ CREATE POLICY rls_vaqubireat ON vandelay.queued_bib_record_attr TO stest USING (field in(select id from vandelay.bib_attr_definition) and record in(select id from vandelay.queued_bib_record));
+ --DROP POLICY rls_vaqubireat ON vandelay.queued_bib_record_attr;
+ \dp vandelay.queued_bib_record_attr
+
+ CREATE POLICY rls_vaqure ON vandelay.queued_record TO stest USING (true);
+ --DROP POLICY rls_vaqure ON vandelay.queued_record;
+ \dp vandelay.queued_record
+
+ CREATE POLICY rls_vasetr ON vandelay.session_tracker TO stest USING (usr in(select id from actor.usr) and workstation in(select id from actor.workstation));
+ --DROP POLICY rls_vasetr ON vandelay.session_tracker;
+ \dp vandelay.session_tracker
+
+
+ --
+ -- REMAINING TABLES
+ --
- >>>> resume adding below policies to nc database <<<
==
LIST POLICIES:
select schemaname,tablename,policyname from pg_catalog.pg_policies order by 1,2,3;
LIST TABLES WITHOUT POLICIES:
- select * from (select schemaname,tablename from pg_catalog.pg_policies) as a right join (select schemaname,tablename from pg_catalog.pg_tables) as b
- on a.schemaname = b.schemaname
- and a.tablename = b.tablename and a.schemaname is null and a.tablename is null;
+ select tbb as policy_missing from
+ (select schemaname || '.' || tablename as tba from pg_catalog.pg_policies order by 1) as a
+ right join
+ (select schemaname || '.' || tablename as tbb from pg_catalog.pg_tables where schemaname != 'information_schema' and schemaname !~* 'pg_' order by 1) as b
+ on tba = tbb
+ where tba is null order by 1;
+
+IF NEED TO DELETE POLICIES:
+ pg>
+ \c 'user=postgres dbname=test'
+ \c 'user=postgres dbname=nc'
+ DO $do$
+ DECLARE
+ sch text;
+ tbl text;
+ BEGIN
+ FOR sch IN SELECT nspname FROM pg_namespace where nspname != 'information_schema' and nspname !~* 'pg_' order by 1
+ LOOP
+ FOR tbl IN SELECT tablename FROM pg_tables WHERE schemaname = sch order by 1 LOOP
+ RAISE NOTICE 'DROP RLS POLICY FOR TABLE %.%', sch, tbl;
+ FOR pol IN SELECT policyname FROM pg_policies WHERE schemaname = sch and tablename = tbl order by 1 LOOP
+ EXECUTE format($$ DROP POLICY %I ON %I.%I TO stest USING (true) $$, pol, sch, tbl);
+ END LOOP;
+ END LOOP;
+ END LOOP;
+ END;
+ $do$;
+
EVERGREEN DISK SPACE PER SCHEMA:
https://galencharlton.com/blog/2010/05/database-server-disk-space-usage-in-evergreen/
projects / working / random.git / commitdiff