#!/bin/sh
#
# shell script to grant privileges to the bacula database
#
#
#  Bacula® - The Network Backup Solution
#
#  Copyright (C) 2000-2014 Free Software Foundation Europe e.V.
#
#  The main author of Bacula is Kern Sibbald, with contributions from many
#  others, a complete list can be found in the file AUTHORS.
#
#  You may use this file and others of this release according to the
#  license defined in the LICENSE file, which includes the Affero General
#  Public License, v3.0 ("AGPLv3") and some additional permissions and
#  terms pursuant to its AGPLv3 Section 7.
#
#  Bacula® is a registered trademark of Kern Sibbald.
#
db_user=${db_user:-bacula}
bindir=/usr/local/bin
db_name=${db_name:-bacula}
db_password=
if [ "$db_password" != "" ]; then
   pass="password '$db_password'"
fi


$bindir/psql -f - -d ${db_name} $* <<END-OF-DATA

create user ${db_user} ${pass};

-- for tables
grant all on unsavedfiles to ${db_user};
grant all on basefiles	  to ${db_user};
grant all on jobmedia	  to ${db_user};
grant all on file	  to ${db_user};
grant all on job	  to ${db_user};
grant all on media	  to ${db_user};
grant all on client	  to ${db_user};
grant all on pool	  to ${db_user};
grant all on fileset	  to ${db_user};
grant all on path	  to ${db_user};
grant all on filename	  to ${db_user};
grant all on counters	  to ${db_user};
grant all on version	  to ${db_user};
grant all on cdimages	  to ${db_user};
grant all on mediatype	  to ${db_user};
grant all on storage	  to ${db_user};
grant all on device	  to ${db_user};
grant all on status	  to ${db_user};
grant all on location	  to ${db_user};
grant all on locationlog  to ${db_user};
grant all on log	  to ${db_user};
grant all on jobhisto	  to ${db_user};
grant all on PathHierarchy  to ${db_user};
grant all on PathVisibility to ${db_user};
grant all on RestoreObject to ${db_user};
-- for sequences on those tables

grant select, update on filename_filenameid_seq    to ${db_user};
grant select, update on path_pathid_seq 	   to ${db_user};
grant select, update on fileset_filesetid_seq	   to ${db_user};
grant select, update on pool_poolid_seq 	   to ${db_user};
grant select, update on client_clientid_seq	   to ${db_user};
grant select, update on media_mediaid_seq	   to ${db_user};
grant select, update on job_jobid_seq		   to ${db_user};
grant select, update on file_fileid_seq 	   to ${db_user};
grant select, update on jobmedia_jobmediaid_seq    to ${db_user};
grant select, update on basefiles_baseid_seq	   to ${db_user};
grant select, update on storage_storageid_seq	   to ${db_user};
grant select, update on mediatype_mediatypeid_seq  to ${db_user};
grant select, update on device_deviceid_seq	   to ${db_user};
grant select, update on location_locationid_seq    to ${db_user};
grant select, update on locationlog_loclogid_seq   to ${db_user};
grant select, update on log_logid_seq		   to ${db_user};
grant select, update on restoreobject_restoreobjectid_seq to ${db_user};
END-OF-DATA
if [ $? -eq 0 ]
then
   echo "Privileges for user ${db_user} granted on database ${db_name}."
   exit 0
else
   echo "Error creating privileges."
   exit 1
fi
