Mercurial > ~dholland > hg > swallowtail > index.cgi
diff database/schema/messages.sql @ 55:40f64a96481f
Adjust database user arrangements and grant schema privs.
author | David A. Holland |
---|---|
date | Sun, 10 Apr 2022 19:36:29 -0400 |
parents | 36d91dfe017f |
children |
line wrap: on
line diff
--- a/database/schema/messages.sql Sun Apr 10 17:41:24 2022 -0400 +++ b/database/schema/messages.sql Sun Apr 10 19:36:29 2022 -0400 @@ -53,3 +53,16 @@ -- uniqueness and to enable lookup. CREATE UNIQUE INDEX ON messages (pr, number_in_pr); CREATE UNIQUE INDEX ON attachments (msgid, number_in_msg); + +-- The raw mail queue is append-only except to admins. +GRANT SELECT, INSERT, UPDATE, DELETE ON rawmail TO swallowtail_admin; +GRANT INSERT ON rawmail TO swallowtail_writer; + +-- Messages and attachments are generically accessible, but we don't +-- allow ordinary writers to modify them. (XXX: is that silly?) +GRANT SELECT, INSERT, UPDATE, DELETE ON messages TO swallowtail_admin; +GRANT SELECT, INSERT, UPDATE, DELETE ON attachments TO swallowtail_admin; +GRANT SELECT, INSERT ON messages TO swallowtail_writer; +GRANT SELECT, INSERT ON attachments TO swallowtail_writer; +GRANT SELECT ON messages, attachments TO swallowtail_reader; +GRANT SELECT ON messages, attachments TO swallowtail_public;