Module: PgRls::ActiveRecord::ConnectionAdapters::PostgreSQL::CheckRlsUserPrivileges

Includes:

SqlHelperMethod

Defined in:

lib/pg_rls/active_record/connection_adapters/postgre_sql/check_rls_user_privileges.rb

Overview

This module contains the logic to validate user privileges

Instance Method Summary

• #check_rls_user_privileges!(role_name, schema = PgRls.schema, rls_role_group = PgRls.rls_role_group) ⇒ Object
• #check_sequence_privileges!(role_name, schema, sequence_name) ⇒ Object
• #check_table_privileges!(role_name, schema, table_name) ⇒ Object
• #check_table_rls_enabled!(table_name, schema = PgRls.schema) ⇒ Object
• #check_table_user_policy_exists!(table_name, user, schema = PgRls.schema) ⇒ Object

Instance Method Details

#check_rls_user_privileges!(role_name, schema = PgRls.schema, rls_role_group = PgRls.rls_role_group) ⇒ Object

# File 'lib/pg_rls/active_record/connection_adapters/postgre_sql/check_rls_user_privileges.rb', line 11

def check_rls_user_privileges!(role_name, schema = PgRls.schema, rls_role_group = PgRls.rls_role_group)
  check_user_exists!(role_name) && check_user_in_rls_group!(role_name) &&
    check_schema_usage_privilege!(rls_role_group, schema) &&
    check_default_table_privileges!(rls_role_group,
                                    schema) && check_default_sequence_privileges!(rls_role_group, schema)
end

#check_sequence_privileges!(role_name, schema, sequence_name) ⇒ Object

# File 'lib/pg_rls/active_record/connection_adapters/postgre_sql/check_rls_user_privileges.rb', line 25

def check_sequence_privileges!(role_name, schema, sequence_name)
  execute_sql!(check_sequence_privileges_sql(role_name, schema, sequence_name))
  true
rescue ::ActiveRecord::StatementInvalid => e
  raise UserMissingSequencePrivilegesError, e.message
end

#check_table_privileges!(role_name, schema, table_name) ⇒ Object

# File 'lib/pg_rls/active_record/connection_adapters/postgre_sql/check_rls_user_privileges.rb', line 18

def check_table_privileges!(role_name, schema, table_name)
  execute_sql!(check_table_privileges_sql(role_name, schema, table_name))
  true
rescue ::ActiveRecord::StatementInvalid => e
  raise UserMissingTablePrivilegesError, e.message
end

#check_table_rls_enabled!(table_name, schema = PgRls.schema) ⇒ Object

# File 'lib/pg_rls/active_record/connection_adapters/postgre_sql/check_rls_user_privileges.rb', line 32

def check_table_rls_enabled!(table_name, schema = PgRls.schema)
  execute_sql!(check_table_rls_enabled_sql(schema, table_name))
  true
rescue ::ActiveRecord::StatementInvalid => e
  raise TableRlsNotEnabledError, e.message
end

#check_table_user_policy_exists!(table_name, user, schema = PgRls.schema) ⇒ Object

# File 'lib/pg_rls/active_record/connection_adapters/postgre_sql/check_rls_user_privileges.rb', line 39

def check_table_user_policy_exists!(table_name, user, schema = PgRls.schema)
  execute_sql!(check_table_user_policy_exists_sql(schema, table_name, user))
  true
rescue ::ActiveRecord::StatementInvalid => e
  raise TableUserPolicyDoesNotExistError, e.message
end