Class: ActiveRecord::ConnectionAdapters::PostgreSQLGrantPrivilege

Inherits:
PostgreSQLPrivilege show all
Defined in:
lib/active_record/postgresql_extensions/permissions.rb

Overview

Creates queries for granting PostgreSQL role privileges.

This class is meant to be used by the grant_*_privileges methods in the PostgreSQLAdapter. Different database objects have different privileges that you can apply to a role. See the PostgreSQLPrivilege PRIVILEGE_TYPES constant for usage. Generally speaking, you usually don’t want to use this class directly, but rather the aforementioned wrapped methods.

When using the grant_*_privileges methods, you can specify multiple permissions, objects and roles by using Arrays for the appropriate argument. You can also apply the privileges to all objects within a schema by using the :all option in the options Hash and supply the schema name as the first argument.

Examples

grant_table_privileges([ :table1, :table2 ], :select, :joe)
# => GRANT SELECT ON TABLE "table1", "table2" TO "joe"

grant_sequence_privileges(:my_seq, [ :select, :update ], :public)
# => GRANT SELECT, UPDATE ON SEQUENCE "my_seq" TO PUBLIC

grant_sequence_privileges(:public, [ :select, :update ], :joe, :all => true)
# => GRANT SELECT, UPDATE ON ALL SEQUENCES IN SCHEMA PUBLIC TO "joe"

You can specify the :with_grant_option in any of the grant_*_privilege methods to add a WITH GRANT OPTION clause to the command.

Instance Attribute Summary

Attributes inherited from PostgreSQLPrivilege

#base, #objects, #options, #privileges, #query_options, #roles, #type

Instance Method Summary collapse

Methods inherited from PostgreSQLPrivilege

#initialize

Constructor Details

This class inherits a constructor from ActiveRecord::ConnectionAdapters::PostgreSQLPrivilege

Instance Method Details

#to_sqlObject Also known as: to_s

:nodoc:



260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
 
# File 'lib/active_record/postgresql_extensions/permissions.rb', line 260

def to_sql #:nodoc:
  my_query_options = {
    :quote_objects => true,
    :named_object_type => true
  }.merge query_options

  sql = "GRANT #{Array.wrap(privileges).collect(&:to_s).collect(&:upcase).join(', ')} ON "

  if options[:all]
    ActiveRecord::PostgreSQLExtensions::Features.check_feature(:modify_mass_privileges)

    sql << "ALL #{type.to_s.upcase}S IN SCHEMA #{base.quote_schema(objects)}"
  else
    sql << "#{type.to_s.gsub('_', ' ').upcase} " if my_query_options[:named_object_type]

    sql << Array.wrap(objects).collect do |t|
      if my_query_options[:quote_objects]
        if my_query_options[:ignore_schema]
          base.quote_generic_ignore_scoped_schema(t)
        else
          base.quote_table_name(t)
        end
      else
        t
      end
    end.join(', ')
  end

  sql << ' TO ' << Array.wrap(roles).collect do |r|
    r = r.to_s
    if r.upcase == 'PUBLIC'
      'PUBLIC'
    else
      base.quote_role r
    end
  end.join(', ')

  sql << ' WITH GRANT OPTION' if options[:with_grant_option]
  "#{sql};"
end