[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

What role to GRANT UPDATE invoice for IS.pm:post_invoice() ?

Subject: What role to GRANT UPDATE invoice for IS.pm:post_invoice() ?
From: Jeff Kowalczyk <..hidden..>
Date: Wed, 17 Jun 2009 16:10:17 -0400

How do I discern what role in being used to execute a given query?

I want to learn how to know (rather than guess) what GRANT should I make to
table invoices to allow function LedgerSMB/IS.pm:post_invoice() to issue
an UPDATE invoice statement.

Thanks,
Jeff

Permissions on table invoice after bootstrapping with install-mycompany.sh:

  mycompany=# \dp invoice
  
  Access privileges for database "mycompany"
  
  {postgres=arwdxt/postgres,
  lsmb_mycompany__create_ar_invoice=a/postgres,
  lsmb_mycompany__create_ar_invoice_voucher=a/postgres,
  lsmb_mycompany__list_ar_transactions=r/postgres,
  lsmb_mycompany__create_ap_invoice=a/postgres,
  lsmb_mycompany__create_ap_invoice_voucher=a/postgres,
  lsmb_mycompany__list_ap_transactions=r/postgres,
  lsmb_mycompany__create_pos_invoice=a/postgres,
  lsmb_mycompany__inventory_reports=r/postgres}

The error when posting an AR invoice:

  [Wed Jun 17 14:32:11 2009] [error] [client 127.0.0.1] DBD::Pg::st execute
  failed: ERROR: permission denied for relation invoice at LedgerSMB/IS.pm line
  1147., referer: http://localhost/ledgersmb/is.pl
  
  Error!
  
  UPDATE invoice
  SET trans_id = ?,
  parts_id = ?,
  description = ?,
  qty = ?,
  sellprice = ?,
  fxsellprice = ?,
  discount = ?,
  allocated = ?,
  unit = ?,
  deliverydate = ?,
  project_id = ?,
  serialnumber = ?,
  notes = ?
  WHERE id = ?
  ERROR: permission denied for relation invoice

An excerpt of the function in question:

  sub post_invoice {
      ...
      my $query;
      my $sth;
      ...
              $query = qq|
  				UPDATE invoice 
  				   SET trans_id = ?,
  				       parts_id = ?,
  				       description = ?,
  				       qty = ?,
  				       sellprice = ?,
  				       fxsellprice = ?,
  				       discount = ?,
  				       allocated = ?,
  				       unit = ?,
  				       deliverydate = ?,
  				       project_id = ?,
  				       serialnumber = ?,
  				       notes = ?
  				      WHERE id = ?|;
  
              $sth = $dbh->prepare($query);
              $sth->execute(
                  $form->{id},               $form->{"id_$i"},
                  $form->{"description_$i"}, $form->{"qty_$i"},
                  $form->{"sellprice_$i"},   $fxsellprice,
                  $form->{"discount_$i"},    $allocated,
                  $form->{"unit_$i"},        $form->{"deliverydate_$i"},
                  $project_id,               $form->{"serialnumber_$i"},
                  $form->{"notes_$i"},       
                  $invoice_id
              ) || $form->dberror($query);

Follow-Ups:
- Re: What role to GRANT UPDATE invoice for IS.pm:post_invoice() ?
  - From: Chris Travers

Prev by Date: Role names: group by area first?
Next by Date: Re: What role to GRANT UPDATE invoice for IS.pm:post_invoice() ?
Previous by thread: Role names: group by area first?
Next by thread: Re: What role to GRANT UPDATE invoice for IS.pm:post_invoice() ?
Index(es):
- Date
- Thread