Skip to content

sean-/postgresql-acl

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

postgresql-acl

acl Library

acl parses PostgreSQL's ACL syntax and returns a usable structure. Library documentation is available at https://godoc.org/github.com/sean-/postgresql-acl.

package main

import (
	"fmt"

	"github.com/sean-/postgresql-acl"
)

func structToString() acl.ACL {
	return acl.ACL{
		Role:         "foo",
		GrantedBy:    "bar",
		Privileges:   acl.Usage | acl.Create,
		GrantOptions: acl.Create,
	}
}

func stringToStruct() acl.Schema {
	// Parse an aclitem string
	aclitem, err := acl.Parse("foo=C*U/bar")
	if err != nil {
		panic(fmt.Sprintf("bad: %v", err))
	}

	// Verify that ACL permissions are appropriate for a schema type
	schema, err := acl.NewSchema(aclitem)
	if err != nil {
		panic(fmt.Sprintf("bad: %v", err))
	}

	return schema
}

func main() {
	fmt.Printf("ACL Struct to String: %+q\n", structToString().String())
	fmt.Printf("ACL String to Struct: %#v\n", stringToStruct().String())
}
ACL Struct to String: "foo=UC*/bar"
ACL String to Struct: "foo=UC*/bar"

Supported PostgreSQL aclitem Types

  • column permissions
  • database
  • domain
  • foreign data wrappers
  • foreign server
  • function
  • language
  • large object
  • schema
  • sequences
  • table
  • table space
  • type

Notes

The output from String() should match the ordering of characters in aclitem.

The target of each of these ACLs (e.g. schema name, table name, etc) is not contained within PostgreSQLs aclitem and it is expected this value is managed elsewhere in your object model.

Arrays of aclitem are supposed to be iterated over by the caller. For example:

const schema = "public"
var name, owner string
var acls []string
err := conn.QueryRow("SELECT n.nspname, pg_catalog.pg_get_userbyid(n.nspowner), COALESCE(n.nspacl, '{}'::aclitem[])::TEXT[] FROM pg_catalog.pg_namespace n WHERE n.nspname = $1", schema).Scan(&name, &owner, pq.Array(&acls))
if err == nil {
    for _, acl := range acls {
        acl, err = pgacl.NewSchema(acl)
        if err != nil {
            return err
        }
        // ...
    }
}

About

Parse PostgreSQL ACLs in Go

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages