zaid.marzguioui/myeasycms-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(db): add explicit GRANT permissions for all CMS module tables
Some checks failed
Workflow / ⚫️ Test (push) Has been cancelled
Details
Workflow / ʦ TypeScript (push) Has been cancelled
Details

Browse Source 
The REVOKE+GRANT pattern in migrations can fail if a previous migration run
partially succeeded. Adding explicit GRANTs to dev-bootstrap.sh ensures all
tables have correct permissions on every deploy. Fixes 500 error on
Sitzungsprotokolle (meeting_protocol_items permission denied).
This commit is contained in:
Zaid Marzguioui
2026-04-01 13:32:32 +02:00
parent 5294cfab61
commit 9484ba91f8
1 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docker/db/dev-bootstrap.sh
View File

@@ -48,4 +48,26 @@ END \$\$;" 2>&1 || true
$PSQL -c "GRANT SELECT ON public.events TO anon;" 2>&1 || true $PSQL -c "GRANT SELECT ON public.events TO anon;" 2>&1 || true
$PSQL -c "GRANT SELECT ON public.courses TO anon;" 2>&1 || true $PSQL -c "GRANT SELECT ON public.courses TO anon;" 2>&1 || true
echo "🔐 Ensuring table permissions for all CMS modules..."
$PSQL -c "
GRANT SELECT, INSERT, UPDATE, DELETE ON public.meeting_protocols TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.meeting_protocol_items TO authenticated;
GRANT ALL ON public.meeting_protocols TO service_role;
GRANT ALL ON public.meeting_protocol_items TO service_role;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.waters TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.fish_species TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.fish_stocking TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.fishing_leases TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.catch_books TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.catch_entries TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.fishing_permits TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.fishing_competitions TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.member_clubs TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.club_contacts TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.club_roles TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.association_types TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.club_fee_types TO authenticated;
GRANT SELECT, INSERT, UPDATE, DELETE ON public.club_fees TO authenticated;
" 2>&1 || true
echo "✅ Dev bootstrap complete." echo "✅ Dev bootstrap complete."