diff options
| author | Igor Pashev <pashev.igor@gmail.com> | 2017-02-17 16:13:53 +0300 |
|---|---|---|
| committer | Igor Pashev <pashev.igor@gmail.com> | 2017-02-17 16:13:53 +0300 |
| commit | 1a10798a630376c0d784b93b02580fbf70f50caa (patch) | |
| tree | 82e939415188a73407a4802c8503790c6e2b03db /modules/apps | |
| parent | 8f15147aec30758426db88800c0bf983d63a70d2 (diff) | |
| download | nixsap-1a10798a630376c0d784b93b02580fbf70f50caa.tar.gz | |
mariadb: fixed order roles are removed in
The list of SQL statements is constructed and then executed.
Thus if you delete role `foo` which was granted another role `bar`,
role `bar` has to be revoked before `foo` is removed.
Diffstat (limited to 'modules/apps')
| -rw-r--r-- | modules/apps/mariadb/roles.nix | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/modules/apps/mariadb/roles.nix b/modules/apps/mariadb/roles.nix index 5ec3571..a3c24df 100644 --- a/modules/apps/mariadb/roles.nix +++ b/modules/apps/mariadb/roles.nix @@ -161,15 +161,6 @@ let ON u = user WHERE user IS NULL ; - -- Remove old roles. - SELECT CONCAT('DROP ROLE \''', user, '\';') - FROM __roles - RIGHT OUTER JOIN user - ON u = user - WHERE u IS NULL AND is_role = 'Y' ; - - DROP TABLE __roles; - CREATE TEMPORARY TABLE __roles_mapping (u CHAR(80), r CHAR(80)); ${concatMapAttrs (role: subroles: '' @@ -194,6 +185,15 @@ let DROP TABLE __roles_mapping; + -- Remove old roles. + SELECT CONCAT('DROP ROLE \''', user, '\';') + FROM __roles + RIGHT OUTER JOIN user + ON u = user + WHERE u IS NULL AND is_role = 'Y' ; + + DROP TABLE __roles; + ''; roleType = |