Cradicle Explorer
ai-data-frameworks_LakeSoul
/ script / meta_rbac_init_domains_for_test.sql
meta_rbac_init_domains_for_test.sql
 1  -- SPDX-FileCopyrightText: 2023 LakeSoul Contributors
 2  --
 3  -- SPDX-License-Identifier: Apache-2.0
 4  
 5  SET domain.name TO 'domain1';
 6  DO
 7  $$
 8      DECLARE role_name text;
 9  BEGIN
10          -- Create a role with name=domain, used as a group name
11          role_name := current_setting('domain.name');
12          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
13              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
14  END IF;
15          -- Create a role with name=domain_admins, and granted base_admin_role
16          role_name := concat(current_setting('domain.name'), '_admins');
17          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
18              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
19  EXECUTE 'GRANT base_admin_role TO ' || role_name;
20  END IF;
21          -- Create a role with name=domain_users, and granted base_user_role
22          role_name := concat(current_setting('domain.name'), '_users');
23          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
24              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
25  EXECUTE 'GRANT base_user_role TO ' || role_name;
26  END IF;
27  END
28  $$;
29  
30  
31  SET domain.name TO 'domain2';
32  DO
33  $$
34      DECLARE role_name text;
35  BEGIN
36          -- Create a role with name=domain, used as a group name
37          role_name := current_setting('domain.name');
38          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
39              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
40  END IF;
41          -- Create a role with name=domain_admins, and granted base_admin_role
42          role_name := concat(current_setting('domain.name'), '_admins');
43          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
44              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
45  EXECUTE 'GRANT base_admin_role TO ' || role_name;
46  END IF;
47          -- Create a role with name=domain_users, and granted base_user_role
48          role_name := concat(current_setting('domain.name'), '_users');
49          IF NOT EXISTS (SELECT 1 FROM pg_roles WHERE rolname = role_name) THEN
50              EXECUTE 'CREATE ROLE ' || role_name || ' WITH INHERIT';
51  EXECUTE 'GRANT base_user_role TO ' || role_name;
52  END IF;
53  END
54  $$;