Re: What role to GRANT UPDATE invoice for IS.pm:post_invoice() ?

[Chris Travers <..hidden..>]

On Wed, Jun 17, 2009 at 1:10 PM, Jeff Kowalczyk <..hidden..> wrote:

How do I discern what role in being used to execute a given query?

 

I want to learn how to know (rather than guess) what GRANT should I make to
table invoices to allow function LedgerSMB/IS.pm:post_invoice() to issue
an UPDATE invoice statement.

the create_ar_invoice is the role for this.

 

Thanks,
Jeff

Permissions on table invoice after bootstrapping with install-mycompany.sh:

 mycompany=# \dp invoice

 Access privileges for database "mycompany"

 {postgres=arwdxt/postgres,
 lsmb_mycompany__create_ar_invoice=a/postgres,
 lsmb_mycompany__create_ar_invoice_voucher=a/postgres,
 lsmb_mycompany__list_ar_transactions=r/postgres,
 lsmb_mycompany__create_ap_invoice=a/postgres,
 lsmb_mycompany__create_ap_invoice_voucher=a/postgres,
 lsmb_mycompany__list_ap_transactions=r/postgres,
 lsmb_mycompany__create_pos_invoice=a/postgres,
 lsmb_mycompany__inventory_reports=r/postgres}

The error when posting an AR invoice:

 [Wed Jun 17 14:32:11 2009] [error] [client 127.0.0.1] DBD::Pg::st execute
 failed: ERROR: permission denied for relation invoice at LedgerSMB/IS.pm line
 1147., referer: http://localhost/ledgersmb/is.pl

 Error!

 UPDATE invoice
 SET trans_id = ?,
 parts_id = ?,
 description = ?,
 qty = ?,
 sellprice = ?,
 fxsellprice = ?,
 discount = ?,
 allocated = ?,
 unit = ?,
 deliverydate = ?,
 project_id = ?,
 serialnumber = ?,
 notes = ?
 WHERE id = ?
 ERROR: permission denied for relation invoice

An excerpt of the function in question:

 sub post_invoice {
     ...
     my $query;
     my $sth;
     ...
             $query = qq|
                               UPDATE invoice
                                  SET trans_id = ?,
                                      parts_id = ?,
                                      description = ?,
                                      qty = ?,
                                      sellprice = ?,
                                      fxsellprice = ?,
                                      discount = ?,
                                      allocated = ?,
                                      unit = ?,
                                      deliverydate = ?,
                                      project_id = ?,
                                      serialnumber = ?,
                                      notes = ?
                                     WHERE id = ?|;

             $sth = $dbh->prepare($query);
             $sth->execute(
                 $form->{id},               $form->{"id_$i"},
                 $form->{"description_$i"}, $form->{"qty_$i"},
                 $form->{"sellprice_$i"},   $fxsellprice,
                 $form->{"discount_$i"},    $allocated,
                 $form->{"unit_$i"},        $form->{"deliverydate_$i"},
                 $project_id,               $form->{"serialnumber_$i"},
                 $form->{"notes_$i"},
                 $invoice_id
             ) || $form->dberror($query);



------------------------------------------------------------------------------
Crystal Reports - New Free Runtime and 30 Day Trial
Check out the new simplified licensing option that enables unlimited
royalty-free distribution of the report engine for externally facing
server and web deployment.
http://p.sf.net/sfu/businessobjects
_______________________________________________
Ledger-smb-devel mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-devel