1  -- SPDX-FileCopyrightText: 2023 LakeSoul Contributors
 2  --
 3  -- SPDX-License-Identifier: Apache-2.0
 4  
 5  SET domain.name TO :domain;
 6  DO
 7  $$
 8      DECLARE role_name text;
 9      BEGIN
10          -- Create a role with name=domain, used as a group name
11          role_name := current_setting('domain.name');
12          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
13              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
14          END IF;
15          -- Create a role with name=domain_admins, and granted base_admin_role
16          role_name := concat(current_setting('domain.name'), '_admins');
17          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
18              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
19              EXECUTE 'GRANT base_admin_role TO ' || role_name;
20          END IF;
21          -- Create a role with name=domain_users, and granted base_user_role
22          role_name := concat(current_setting('domain.name'), '_users');
23          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
24              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
25              EXECUTE 'GRANT base_user_role TO ' || role_name;
26          END IF;
27      END
28  $$;