Adding roles for voucher/batch deletion. Moving functions to SECURITY DEFINER to allow for more granular delete permissions.

git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@2106 4979c152-3d1c-0410-bac9-87ea11338e46

2 files changed, 16 insertions, 2 deletions

diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql
index e10a23a6..80c98771 100644
--- a/sql/modules/Roles.sql
+++ b/sql/modules/Roles.sql
@@ -1395,3 +1395,13 @@ GRANT ALL ON pending_job_id_seq TO public;
 -- CT:  The following grant is required for now, but will hopefully become less 
 -- important when we get to 1.4 and can more sensibly lock things down.
 GRANT ALL ON dpt_trans TO public;
+
+-- Roles dependant on FUNCTIONS
+CREATE ROLE lsmb_<?lsmb dbname ?>__voucher_delete 
+WITH INHERIT NOLOGIN;
+
+GRANT EXECUTE ON FUNCTION voucher__delete(int) 
+TO lsmb_<?lsmb dbname ?>__voucher_delete;
+
+GRANT EXECUTE ON FUNCTION batch__delete(int) 
+TO lsmb_<?lsmb dbname ?>__voucher_delete;
diff --git a/sql/modules/Voucher.sql b/sql/modules/Voucher.sql
index a04c5ed7..736abcfc 100644
--- a/sql/modules/Voucher.sql
+++ b/sql/modules/Voucher.sql
@@ -333,7 +333,9 @@ BEGIN
 
 	RETURN 1;
 END;
-$$ language plpgsql;
+$$ language plpgsql SECURITY DEFINER;
+
+REVOKE ALL ON FUNCTION batch__delete(int) FROM PUBLIC;
 
 CREATE OR REPLACE FUNCTION voucher__delete(in_voucher_id int)
 RETURNS int AS
@@ -371,4 +373,6 @@ BEGIN
 	END IF;
 	RETURN 1;
 END;
-$$ LANGUAGE PLPGSQL;
+$$ LANGUAGE PLPGSQL SECURITY DEFINER;
+
+REVOKE ALL ON voucher__delete FROM public;