1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
BEGIN;
-- give necessary permissions to the web server. Becuase the admin is all
-- web-based, these need to be quite permissive
GRANT SELECT, UPDATE, INSERT, DELETE ON
auth_message,
django_session,
django_site,
django_admin_log,
django_content_type,
auth_group_permissions,
auth_user,
auth_user_groups,
auth_group,
auth_user_user_permissions,
auth_permission,
patchwork_emailconfirmation,
patchwork_state,
patchwork_comment,
patchwork_person,
patchwork_userprofile,
patchwork_userprofile_maintainer_projects,
patchwork_project,
patchwork_bundle,
patchwork_bundlepatch,
patchwork_patch,
patchwork_emailoptout,
patchwork_patchchangenotification
TO "www-data";
GRANT SELECT, UPDATE ON
auth_group_id_seq,
auth_group_permissions_id_seq,
auth_message_id_seq,
auth_permission_id_seq,
auth_user_groups_id_seq,
auth_user_id_seq,
auth_user_user_permissions_id_seq,
django_admin_log_id_seq,
django_content_type_id_seq,
django_site_id_seq,
patchwork_bundle_id_seq,
patchwork_bundlepatch_id_seq,
patchwork_comment_id_seq,
patchwork_patch_id_seq,
patchwork_person_id_seq,
patchwork_project_id_seq,
patchwork_state_id_seq,
patchwork_emailconfirmation_id_seq,
patchwork_userprofile_id_seq,
patchwork_userprofile_maintainer_projects_id_seq
TO "www-data";
-- allow the mail user (in this case, 'nobody') to add patches
GRANT INSERT, SELECT ON
patchwork_patch,
patchwork_comment,
patchwork_person
TO "nobody";
GRANT SELECT ON
patchwork_project,
patchwork_state
TO "nobody";
GRANT UPDATE, SELECT ON
patchwork_patch_id_seq,
patchwork_person_id_seq,
patchwork_comment_id_seq
TO "nobody";
COMMIT;
|