terraform/vendor/github.com/sean-/postgresql-acl/schema.go

package acl

import (
	"bytes"
	"fmt"

	"github.com/lib/pq"
)

// Schema models the privileges of a schema aclitem
type Schema struct {
	ACL
}

// NewSchema parses an ACL object and returns a Schema object.
func NewSchema(acl ACL) (Schema, error) {
	if !validRights(acl, validSchemaPrivs) {
		return Schema{}, fmt.Errorf("invalid flags set for schema (%+q), only %+q allowed", permString(acl.Privileges, acl.GrantOptions), validSchemaPrivs)
	}

	return Schema{ACL: acl}, nil
}

// Merge adds the argument's attributes to the receiver for values that are
// composable or not set and returns a new Schema object with the resulting
// values.  Be careful with the role "" which is implicitly interpreted as the
// PUBLIC role.
func (s Schema) Merge(x Schema) Schema {
	role := s.Role
	if role == "" {
		role = x.Role
	}

	grantedBy := s.GrantedBy
	if grantedBy == "" {
		grantedBy = x.GrantedBy
	}

	return Schema{
		ACL{
			Privileges:   s.Privileges | x.Privileges,
			GrantOptions: s.GrantOptions | x.GrantOptions,
			Role:         role,
			GrantedBy:    grantedBy,
		},
	}
}

// Grants returns a list of SQL queries that constitute the privileges specified
// in the receiver for the target schema.
func (s Schema) Grants(target string) []string {
	const maxQueries = 2
	queries := make([]string, 0, maxQueries)

	if s.GetPrivilege(Create) {
		b := bytes.NewBufferString("GRANT CREATE ON SCHEMA ")
		fmt.Fprint(b, pq.QuoteIdentifier(target), " TO ", quoteRole(s.Role))

		if s.GetGrantOption(Create) {
			fmt.Fprint(b, " WITH GRANT OPTION")
		}

		queries = append(queries, b.String())
	}

	if s.GetPrivilege(Usage) {
		b := bytes.NewBufferString("GRANT USAGE ON SCHEMA ")
		fmt.Fprint(b, pq.QuoteIdentifier(target), " TO ", quoteRole(s.Role))

		if s.GetGrantOption(Usage) {
			fmt.Fprint(b, " WITH GRANT OPTION")
		}

		queries = append(queries, b.String())
	}

	return queries
}

// Revokes returns a list of SQL queries that remove the privileges specified
// in the receiver from the target schema.
func (s Schema) Revokes(target string) []string {
	const maxQueries = 2
	queries := make([]string, 0, maxQueries)

	if s.GetPrivilege(Create) {
		b := bytes.NewBufferString("REVOKE")
		if s.GetGrantOption(Create) {
			fmt.Fprint(b, " GRANT OPTION FOR")
		}

		fmt.Fprint(b, " CREATE ON SCHEMA ")
		fmt.Fprint(b, pq.QuoteIdentifier(target), " FROM ", quoteRole(s.Role))
		queries = append(queries, b.String())
	}

	if s.GetPrivilege(Usage) {
		b := bytes.NewBufferString("REVOKE")
		if s.GetGrantOption(Usage) {
			fmt.Fprint(b, " GRANT OPTION FOR")
		}

		fmt.Fprint(b, " USAGE ON SCHEMA ")
		fmt.Fprint(b, pq.QuoteIdentifier(target), " FROM ", quoteRole(s.Role))
		queries = append(queries, b.String())
	}

	return queries
}
Update and rename pgacl to postgresql-acl. 2016-12-25 13:15:37 +01:00			`package acl`

			`import (`
			`"bytes"`
			`"fmt"`

			`"github.com/lib/pq"`
			`)`

			`// Schema models the privileges of a schema aclitem`
			`type Schema struct {`
			`ACL`
			`}`

			`// NewSchema parses an ACL object and returns a Schema object.`
			`func NewSchema(acl ACL) (Schema, error) {`
			`if !validRights(acl, validSchemaPrivs) {`
			`return Schema{}, fmt.Errorf("invalid flags set for schema (%+q), only %+q allowed", permString(acl.Privileges, acl.GrantOptions), validSchemaPrivs)`
			`}`

			`return Schema{ACL: acl}, nil`
			`}`

			`// Merge adds the argument's attributes to the receiver for values that are`
			`// composable or not set and returns a new Schema object with the resulting`
			`// values. Be careful with the role "" which is implicitly interpreted as the`
			`// PUBLIC role.`
			`func (s Schema) Merge(x Schema) Schema {`
			`role := s.Role`
			`if role == "" {`
			`role = x.Role`
			`}`

			`grantedBy := s.GrantedBy`
			`if grantedBy == "" {`
			`grantedBy = x.GrantedBy`
			`}`

			`return Schema{`
			`ACL{`
			`Privileges: s.Privileges \| x.Privileges,`
			`GrantOptions: s.GrantOptions \| x.GrantOptions,`
			`Role: role,`
			`GrantedBy: grantedBy,`
			`},`
			`}`
			`}`

			`// Grants returns a list of SQL queries that constitute the privileges specified`
			`// in the receiver for the target schema.`
			`func (s Schema) Grants(target string) []string {`
			`const maxQueries = 2`
			`queries := make([]string, 0, maxQueries)`

			`if s.GetPrivilege(Create) {`
			`b := bytes.NewBufferString("GRANT CREATE ON SCHEMA ")`
			`fmt.Fprint(b, pq.QuoteIdentifier(target), " TO ", quoteRole(s.Role))`

			`if s.GetGrantOption(Create) {`
			`fmt.Fprint(b, " WITH GRANT OPTION")`
			`}`

			`queries = append(queries, b.String())`
			`}`

			`if s.GetPrivilege(Usage) {`
			`b := bytes.NewBufferString("GRANT USAGE ON SCHEMA ")`
			`fmt.Fprint(b, pq.QuoteIdentifier(target), " TO ", quoteRole(s.Role))`

			`if s.GetGrantOption(Usage) {`
			`fmt.Fprint(b, " WITH GRANT OPTION")`
			`}`

			`queries = append(queries, b.String())`
			`}`

			`return queries`
			`}`

			`// Revokes returns a list of SQL queries that remove the privileges specified`
			`// in the receiver from the target schema.`
			`func (s Schema) Revokes(target string) []string {`
			`const maxQueries = 2`
			`queries := make([]string, 0, maxQueries)`

			`if s.GetPrivilege(Create) {`
			`b := bytes.NewBufferString("REVOKE")`
			`if s.GetGrantOption(Create) {`
			`fmt.Fprint(b, " GRANT OPTION FOR")`
			`}`

			`fmt.Fprint(b, " CREATE ON SCHEMA ")`
			`fmt.Fprint(b, pq.QuoteIdentifier(target), " FROM ", quoteRole(s.Role))`
			`queries = append(queries, b.String())`
			`}`

			`if s.GetPrivilege(Usage) {`
			`b := bytes.NewBufferString("REVOKE")`
			`if s.GetGrantOption(Usage) {`
			`fmt.Fprint(b, " GRANT OPTION FOR")`
			`}`

			`fmt.Fprint(b, " USAGE ON SCHEMA ")`
			`fmt.Fprint(b, pq.QuoteIdentifier(target), " FROM ", quoteRole(s.Role))`
			`queries = append(queries, b.String())`
			`}`

			`return queries`
			`}`