Skip to content
Find file Normal view History Permalink
01-init.sql 1.1 KiB
Newer Older
Sonia Zorba's avatar
Added private-rows-extensions Maven project
Sonia Zorba committed
1 2 3 4 5 6 7 8 9 10 
CREATE SCHEMA demo;

CREATE TABLE demo.private_rows (
  value varchar(255),
  policy varchar(255),
  "group" varchar(255)
);

INSERT INTO demo.private_rows (value, policy, "group") VALUES ('value1', 'FREE', '');
INSERT INTO demo.private_rows (value, policy, "group") VALUES ('value2', 'FREE', '');
Sonia Zorba's avatar
Changes for using RAP tokens and GMS groups  
Sonia Zorba committed
11 12 13 14 
INSERT INTO demo.private_rows (value, policy, "group") VALUES ('value3', 'PRIV', 'VLKB.group1');
INSERT INTO demo.private_rows (value, policy, "group") VALUES ('value4', 'PRIV', 'VLKB.group1');
INSERT INTO demo.private_rows (value, policy, "group") VALUES ('value5', 'PRIV', 'VLKB.group2');
INSERT INTO demo.private_rows (value, policy, "group") VALUES ('value6', 'PRIV', 'VLKB.group2');
Sonia Zorba's avatar
Added private-rows-extensions Maven project
Sonia Zorba committed
15 16 17 18 19 20 21 22 23 24 

-- WARNING: always create a new role because Row Level Security doesn't work for table owner
CREATE ROLE tap WITH LOGIN PASSWORD 'demo';

GRANT USAGE ON SCHEMA demo TO tap;
GRANT SELECT ON demo.private_rows TO tap;

ALTER TABLE demo.private_rows ENABLE ROW LEVEL SECURITY;

CREATE POLICY filter_rls_policy ON demo.private_rows FOR ALL TO PUBLIC USING (policy = 'FREE' OR "group" = ANY(current_setting('my.tap_groups', true)::varchar[]));