1  -- SPDX-FileCopyrightText: 2023 LakeSoul Contributors
 2  --
 3  -- SPDX-License-Identifier: Apache-2.0
 4  
 5  SET _domain.name TO :domain;
 6  SET _user.name TO :user;
 7  SET _is_admin.value to :is_admin;
 8  DO
 9  $$
10      DECLARE role_name text;
11      DECLARE user_name text;
12      DECLARE passwd text;
13      BEGIN
14          -- create user if not exists
15          user_name := current_setting('_user.name');
16          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = user_name) THEN
17              passwd := md5(random()::text);
18              EXECUTE format('CREATE USER %s WITH PASSWORD ''%s''', user_name, passwd);
19              RAISE NOTICE 'Created user % with password: %', user_name, passwd;
20          END IF;
21          -- grant role to specified domain
22          role_name := current_setting('_domain.name');
23          EXECUTE 'GRANT ' || role_name || ' TO ' || user_name;
24          RAISE NOTICE 'Granted user % with role: %', user_name, role_name;
25          IF current_setting('_is_admin.value') THEN
26              role_name := concat(current_setting('_domain.name'), '_admins');
27          ELSE
28              role_name := concat(current_setting('_domain.name'), '_users');
29          END IF;
30          EXECUTE 'GRANT ' || role_name || ' TO ' || user_name;
31          RAISE NOTICE 'Granted user % with role: %', user_name, role_name;
32      END
33  $$;