monoadmin/the-other-dude
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(db): add missing GRANT statements to v9.7 migrations

Browse Source 
Migrations 030 (sites), 032 (device_interfaces), 033 (wireless_links),
and 034 (sectors) were missing GRANT statements for app_user and
poller_user. Without these, fresh deploys crash on site/sector CRUD
with permission denied errors. Also added poller_user SELECT grants
to migration 035 (site_alert_rules/events).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Jason Staack
2026-03-19 17:46:23 -05:00
parent dffea763f6
commit 413376e363
5 changed files with 20 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
backend/alembic/versions/030_create_sites_table.py
View File

@@ -70,7 +70,11 @@ def upgrade() -> None:
""") """)
) )
# 3. Add nullable site_id FK column to devices table # 3. Grant app_user access
conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON sites TO app_user"))
conn.execute(sa.text("GRANT SELECT ON sites TO poller_user"))
# 4. Add nullable site_id FK column to devices table
op.add_column( op.add_column(
"devices", "devices",
sa.Column( sa.Column(

4
backend/alembic/versions/032_device_interfaces_table.py
View File

@@ -73,6 +73,10 @@ def upgrade() -> None:
""") """)
) )
# Grant app_user and poller_user access
conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON device_interfaces TO app_user"))
conn.execute(sa.text("GRANT SELECT ON device_interfaces TO poller_user"))
def downgrade() -> None: def downgrade() -> None:
conn = op.get_bind() conn = op.get_bind()

4
backend/alembic/versions/033_wireless_links_table.py
View File

@@ -102,6 +102,10 @@ def upgrade() -> None:
""") """)
) )
# Grant app_user and poller_user access
conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON wireless_links TO app_user"))
conn.execute(sa.text("GRANT SELECT ON wireless_links TO poller_user"))
def downgrade() -> None: def downgrade() -> None:
conn = op.get_bind() conn = op.get_bind()

6
backend/alembic/versions/034_create_sectors_table.py
View File

@@ -74,7 +74,11 @@ def upgrade() -> None:
""") """)
) )
# 3. Add nullable sector_id FK column to devices table # 3. Grant app_user and poller_user access
conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON sectors TO app_user"))
conn.execute(sa.text("GRANT SELECT ON sectors TO poller_user"))
# 4. Add nullable sector_id FK column to devices table
op.add_column( op.add_column(
"devices", "devices",
sa.Column( sa.Column(

2
backend/alembic/versions/035_site_alert_rules_and_events.py
View File

@@ -184,6 +184,7 @@ def upgrade() -> None:
""") """)
) )
conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON site_alert_rules TO app_user")) conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON site_alert_rules TO app_user"))
conn.execute(sa.text("GRANT SELECT ON site_alert_rules TO poller_user"))
# site_alert_events RLS # site_alert_events RLS
conn.execute(sa.text("ALTER TABLE site_alert_events ENABLE ROW LEVEL SECURITY")) conn.execute(sa.text("ALTER TABLE site_alert_events ENABLE ROW LEVEL SECURITY"))
@@ -202,6 +203,7 @@ def upgrade() -> None:
""") """)
) )
conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON site_alert_events TO app_user")) conn.execute(sa.text("GRANT SELECT, INSERT, UPDATE, DELETE ON site_alert_events TO app_user"))
conn.execute(sa.text("GRANT SELECT ON site_alert_events TO poller_user"))
def downgrade() -> None: def downgrade() -> None: