From 8a97bf0da5f3181a14d5cdb7848b9e935e822341 Mon Sep 17 00:00:00 2001 From: Aron Roberts Date: Mon, 3 Dec 2012 12:48:41 -0800 Subject: [PATCH] CSPACE-4796: Remove post-init check that effectively blocked the default 'reader' database account in PostgreSQL from obtaining read-only access to extension schemas. --- .../report/nuxeo/ReportPostInitHandler.java | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportPostInitHandler.java b/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportPostInitHandler.java index 34121f4c5..409bfd5cd 100644 --- a/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportPostInitHandler.java +++ b/services/report/service/src/main/java/org/collectionspace/services/report/nuxeo/ReportPostInitHandler.java @@ -82,23 +82,10 @@ public class ReportPostInitHandler extends InitHandler implements IInitHandler { } else if(databaseProductType != DatabaseProductType.POSTGRESQL) { throw new Exception("Unrecognized database system " + databaseProductType); } else { - boolean hasRights = false; - // Check for rights on report_common, and infer rights from that - sql = "SELECT has_table_privilege('"+readerRoleName - +"', '"+ReportConstants.DB_COMMON_PART_TABLE_NAME+"', 'SELECT')"; - conn = JDBCTools.getConnection(dataSource); - stmt = conn.createStatement(); - ResultSet rs = stmt.executeQuery(sql); - if(rs.next()) { - hasRights = rs.getBoolean(1); - } - rs.close(); - if(!hasRights) { - sql = "REVOKE SELECT ON ALL TABLES IN SCHEMA public FROM "+readerRoleName; + sql = "REVOKE SELECT ON ALL TABLES IN SCHEMA public FROM "+readerRoleName; stmt.execute(sql); - sql = "GRANT SELECT ON ALL TABLES IN SCHEMA public TO "+readerRoleName; + sql = "GRANT SELECT ON ALL TABLES IN SCHEMA public TO "+readerRoleName; stmt.execute(sql); - } } } catch (SQLException sqle) { -- 2.47.3