/**
* Outputs DDL for differences in functions
*
* @param $ofs1 stage1 output pointer
* @param $ofs3 stage3 output pointer
* @param $old_schema original schema
* @param $new_schema new schema
*/
public static function diff_functions($ofs1, $ofs3, $old_schema, $new_schema)
{
// drop functions that no longer exist in stage 3
if ($old_schema != null) {
foreach (dbx::get_functions($old_schema) as $old_function) {
if (!pgsql8_schema::contains_function($new_schema, pgsql8_function::get_declaration($new_schema, $old_function, FALSE))) {
$ofs3->write(pgsql8_function::get_drop_sql($old_schema, $old_function) . "\n");
}
}
}
// Add new functions and replace modified functions
foreach (dbx::get_functions($new_schema) as $new_function) {
$old_function = null;
if ($old_schema != null) {
$old_function = dbx::get_function($old_schema, $new_function['name'], pgsql8_function::get_declaration($new_schema, $new_function));
}
if ($old_function == null || !pgsql8_function::equals($new_schema, $new_function, $old_function, pgsql8_diff::$ignore_function_whitespace)) {
$ofs1->write(pgsql8_function::get_creation_sql($new_schema, $new_function) . "\n");
} else {
if (isset($new_function['forceRedefine']) && strcasecmp($new_function['forceRedefine'], 'true') == 0) {
$ofs1->write("-- DBSteward insists on function recreation: " . $new_schema['name'] . "." . $new_function['name'] . " has forceRedefine set to true\n");
$ofs1->write(pgsql8_function::get_creation_sql($new_schema, $new_function) . "\n");
} else {
if (pgsql8_schema::contains_type($new_schema, $new_function['returns']) && pgsql8_schema::contains_type($old_schema, $new_function['returns']) && !pgsql8_type::equals(dbx::get_type($old_schema, $new_function['returns']), dbx::get_type($new_schema, $new_function['returns']))) {
$ofs1->write("-- Force function re-creation " . $new_function['name'] . " for type: " . $new_function['returns'] . "\n");
$ofs1->write(pgsql8_function::get_creation_sql($new_schema, $new_function) . "\n");
}
}
}
}
}
/**
* Drop removed types
* Add new types
* Apply type definition differences, updating the type's tables along the way
*
* @param $ofs output segementer
* @param $old_schema original schema
* @param $new_schema new schema
*/
public static function apply_changes($ofs, $old_schema, $new_schema)
{
// drop any types that are no longer defined
self::drop_types($ofs, $old_schema, $new_schema);
// create any types that are new in the new definition
self::create_types($ofs, $old_schema, $new_schema);
// there is no alter for types
// find types that still exist that are different
// placehold type data in table columns, and recreate the type
foreach (dbx::get_types($new_schema) as $new_type) {
// does type exist in old definition ?
if ($old_schema == NULL || !pgsql8_schema::contains_type($old_schema, $new_type['name'])) {
continue;
}
$old_type = dbx::get_type($old_schema, $new_type['name']);
// is there a difference between the old and new type definitions?
if (pgsql8_type::equals($old_schema, $old_type, $new_schema, $new_type)) {
continue;
}
pgsql8::set_context_replica_set_id($new_type);
$columns = array();
$is_domain = strcasecmp($new_type['type'], 'domain') === 0;
$n = $is_domain ? 3 : 4;
$word = $is_domain ? 'domain' : 'type';
$i = 1;
$old_dependent_functions = dbx::get_functions_with_dependent_type($old_schema, (string) $old_type['name']);
if (count($old_dependent_functions) > 0) {
$n += 2;
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$i}/{$n}): dependent functions return/parameter type alteration\n");
$i++;
foreach ($old_dependent_functions as $old_dependent_function) {
$ofs->write(pgsql8_function::get_drop_sql($old_schema, $old_dependent_function) . "\n");
}
$ofs->write("\n");
}
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$i}/{$n}): dependent tables column type alteration\n");
$i++;
$ofs->write(pgsql8_type::alter_column_type_placeholder($columns, $old_schema, $old_type) . "\n");
if ($is_domain) {
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$i}/{$n}): alter domain\n");
$i++;
self::apply_domain_changes($ofs, $old_schema, $old_type, $new_schema, $new_type);
} else {
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$i}/{$n}): drop old type\n");
$i++;
$ofs->write(pgsql8_type::get_drop_sql($old_schema, $old_type) . "\n\n");
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$i}/{$n}): recreate type with new definition\n");
$i++;
$ofs->write(pgsql8_type::get_creation_sql($new_schema, $new_type) . "\n\n");
}
// functions are only recreated if they changed elsewise, so need to create them here
$new_dependent_functions = dbx::get_functions_with_dependent_type($new_schema, (string) $new_type['name']);
if (count($new_dependent_functions) > 0) {
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$i}/{$n}): dependent functions return/parameter type with new definition\n");
$i++;
foreach ($new_dependent_functions as $new_dependent_function) {
$ofs->write(pgsql8_function::get_creation_sql($new_schema, $new_dependent_function) . "\n");
}
$ofs->write("\n\n");
}
$ofs->write("-- {$word} {$new_type['name']} definition migration ({$n}/{$n}): dependent tables type restoration\n");
$ofs->write(pgsql8_type::alter_column_type_restore($columns, $new_schema, $new_type) . "\n");
}
}
public static function build_schema($db_doc, $ofs, $table_depends)
{
// schema creation
foreach ($db_doc->schema as $schema) {
$ofs->write(pgsql8_schema::get_creation_sql($schema));
// schema grants
if (isset($schema->grant)) {
foreach ($schema->grant as $grant) {
$ofs->write(pgsql8_permission::get_sql($db_doc, $schema, $schema, $grant) . "\n");
}
}
}
// types: enumerated list, etc
foreach ($db_doc->schema as $schema) {
foreach ($schema->type as $type) {
$ofs->write(pgsql8_type::get_creation_sql($schema, $type) . "\n");
}
}
// table structure creation
foreach ($db_doc->schema as $schema) {
// create defined tables
pgsql8_table::$include_column_default_nextval_in_create_sql = FALSE;
foreach ($schema->table as $table) {
// table definition
$ofs->write(pgsql8_table::get_creation_sql($schema, $table) . "\n");
// table indexes
pgsql8_diff_indexes::diff_indexes_table($ofs, NULL, NULL, $schema, $table);
// table grants
if (isset($table->grant)) {
foreach ($table->grant as $grant) {
$ofs->write(pgsql8_permission::get_sql($db_doc, $schema, $table, $grant) . "\n");
}
}
$ofs->write("\n");
}
pgsql8_table::$include_column_default_nextval_in_create_sql = TRUE;
// sequences contained in the schema
if (isset($schema->sequence)) {
foreach ($schema->sequence as $sequence) {
$ofs->write(pgsql8_sequence::get_creation_sql($schema, $sequence));
// sequence permission grants
if (isset($sequence->grant)) {
foreach ($sequence->grant as $grant) {
$ofs->write(pgsql8_permission::get_sql($db_doc, $schema, $sequence, $grant) . "\n");
}
}
}
}
// add table nextvals that were omitted
foreach ($schema->table as $table) {
if (pgsql8_table::has_default_nextval($table)) {
$ofs->write(pgsql8_table::get_default_nextval_sql($schema, $table) . "\n");
}
}
}
$ofs->write("\n");
// function definitions
foreach ($db_doc->schema as $schema) {
foreach ($schema->function as $function) {
if (pgsql8_function::has_definition($function)) {
$ofs->write(pgsql8_function::get_creation_sql($schema, $function));
// when pg:build_schema() is doing its thing for straight builds, include function permissions
// they are not included in pg_function::get_creation_sql()
foreach (dbx::get_permissions($function) as $function_permission) {
$ofs->write(pgsql8_permission::get_sql($db_doc, $schema, $function, $function_permission) . "\n");
}
}
}
}
$ofs->write("\n");
// maybe move this but here we're defining column defaults fo realz
foreach ($db_doc->schema as $schema) {
foreach ($schema->table as $table) {
$ofs->write(pgsql8_table::define_table_column_defaults($schema, $table));
}
}
// define table primary keys before foreign keys so unique requirements are always met for FOREIGN KEY constraints
foreach ($db_doc->schema as $schema) {
foreach ($schema->table as $table) {
pgsql8_diff_tables::diff_constraints_table($ofs, NULL, NULL, $schema, $table, 'primaryKey', FALSE);
}
}
$ofs->write("\n");
// foreign key references
// use the dependency order to specify foreign keys in an order that will satisfy nested foreign keys and etc
for ($i = 0; $i < count($table_depends); $i++) {
$schema = $table_depends[$i]['schema'];
$table = $table_depends[$i]['table'];
if ($table['name'] === dbsteward::TABLE_DEPENDENCY_IGNORABLE_NAME) {
// don't do anything with this table, it is a magic internal DBSteward value
continue;
}
pgsql8_diff_tables::diff_constraints_table($ofs, NULL, NULL, $schema, $table, 'constraint', FALSE);
}
$ofs->write("\n");
// trigger definitions
foreach ($db_doc->schema as $schema) {
foreach ($schema->trigger as $trigger) {
// only do triggers set to the current sql format
if (strcasecmp($trigger['sqlFormat'], dbsteward::get_sql_format()) == 0) {
$ofs->write(pgsql8_trigger::get_creation_sql($schema, $trigger));
}
}
}
$ofs->write("\n");
pgsql8_diff_views::create_views_ordered($ofs, null, $db_doc);
// view permission grants
foreach ($db_doc->schema as $schema) {
foreach ($schema->view as $view) {
if (isset($view->grant)) {
foreach ($view->grant as $grant) {
$ofs->write(pgsql8_permission::get_sql($db_doc, $schema, $view, $grant) . "\n");
}
}
}
}
$ofs->write("\n");
// use pgdiff to add any configurationParameters that are defined
pgsql8_diff::update_database_config_parameters($ofs, null, $db_doc);
}
/**
* Parses CREATE FUNCTION and CREATE OR REPLACE FUNCTION command.
*
* @param database database
* @param command CREATE FUNCTION command
*/
public static function parse($database, $command)
{
if (preg_match(self::PATTERN, trim($command), $matches) > 0) {
$function_name = trim($matches[1]);
// make all functionName's fully qualified
// default_schema will make set search path induced schemas come through correctly
$function_name = sql_parser::get_schema_name($function_name, $database) . '.' . sql_parser::get_object_name($function_name);
$arguments = $matches[2];
$node_schema = dbx::get_schema($database, sql_parser::get_schema_name($function_name, $database));
if ($node_schema == null) {
throw new exception("Failed to find function schema for " . $function_name);
}
$node_function = dbx::get_function($node_schema, sql_parser::get_object_name($function_name), null, true);
//@TODO: this may be a problem when there is more than one prototype for a function
$function_declaration = pgsql8_function::set_declaration($node_schema, $node_function, $arguments);
// check remaining definition for function modifiers by chopping of function declaration
$function_close_position = stripos($command, ')');
$function_modifiers = str_replace("\n", ' ', substr($command, $function_close_position + 1));
// kill extra whitespace by regex match
$function_modifiers = preg_replace("/\\s+/", " ", $function_modifiers);
// kill trailing semicolon
$function_modifiers = trim($function_modifiers);
if (substr($function_modifiers, -1) == ';') {
$function_modifiers = trim(substr($function_modifiers, 0, -1));
}
$function_modifiers = ' ' . $function_modifiers . ' ';
// AS token (definition) token
// AS $_$ BEGIN DO STUFF END $_$
if (($as_pos = stripos($function_modifiers, ' AS ')) !== false) {
$end_as_token_pos = strpos($function_modifiers, ' ', $as_pos + 4);
$as_token = substr($function_modifiers, $as_pos + 4, $end_as_token_pos - ($as_pos + 4));
$definition_start = strpos($function_modifiers, $as_token, $as_pos) + strlen($as_token);
$definition_end = strpos($function_modifiers, $as_token, $definition_start + strlen($as_token));
$definition = substr($function_modifiers, $definition_start, $definition_end - $definition_start);
$definition = trim($definition);
pgsql8_function::set_definition($node_function, $definition);
// cut out what we just found
$function_modifiers = substr($function_modifiers, 0, $as_pos) . ' ' . substr($function_modifiers, $definition_end + strlen($as_token));
}
// now that the AS <token> (definition) <token> section is gone, parsing is simpler:
// RETURNS (type)
if (preg_match(self::PATTERN_RETURNS, $function_modifiers, $matches) > 0) {
dbx::set_attribute($node_function, 'returns', trim($matches[1]));
}
// LANGUAGE (languagename)
if (preg_match(self::PATTERN_LANGUAGE, $function_modifiers, $matches) > 0) {
dbx::set_attribute($node_function, 'language', trim($matches[1]));
}
// check for IMMUTABLE | STABLE | VOLATILE modifiers
if (preg_match('/.*\\s+IMMUTABLE\\s+.*/i', $function_modifiers, $matches) > 0) {
dbx::set_attribute($node_function, 'cachePolicy', 'IMMUTABLE');
}
if (preg_match('/.*\\s+STABLE\\s+.*/i', $function_modifiers, $matches) > 0) {
dbx::set_attribute($node_function, 'cachePolicy', 'STABLE');
}
if (preg_match('/.*\\s+VOLATILE\\s+.*/i', $function_modifiers, $matches) > 0) {
dbx::set_attribute($node_function, 'cachePolicy', 'VOLATILE');
}
// check for SECURITY DEFINER modifier
if (preg_match('/.*\\s+SECURITY DEFINER\\s+.*/i', $function_modifiers, $matches) > 0) {
dbx::set_attribute($node_function, 'securityDefiner', 'true');
}
} else {
throw new exception("Cannot parse command: " . $command);
}
}
protected static function update_permissions($ofs1, $ofs3)
{
foreach (dbx::get_schemas(dbsteward::$new_database) as $new_schema) {
pgsql8::set_context_replica_set_id($new_schema);
$old_schema = dbx::get_schema(dbsteward::$old_database, $new_schema['name']);
foreach (dbx::get_permissions($new_schema) as $new_permission) {
if ($old_schema == null || !pgsql8_permission::has_permission($old_schema, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_schema, $new_permission) . "\n");
}
}
foreach (dbx::get_tables($new_schema) as $new_table) {
pgsql8::set_context_replica_set_id($new_table);
$old_table = null;
if ($old_schema != null) {
$old_table = dbx::get_table($old_schema, $new_table['name']);
}
if (!dbsteward::$ignore_oldnames && pgsql8_diff_tables::is_renamed_table($new_schema, $new_table)) {
// oldTableName renamed table ? skip permission diffing on it, it is the same
continue;
}
foreach (dbx::get_permissions($new_table) as $new_permission) {
if ($old_table == null || !pgsql8_permission::has_permission($old_table, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_table, $new_permission) . "\n");
}
}
}
foreach (dbx::get_sequences($new_schema) as $new_sequence) {
$old_sequence = null;
if ($old_schema != null) {
$old_sequence = dbx::get_sequence($old_schema, $new_sequence['name']);
}
foreach (dbx::get_permissions($new_sequence) as $new_permission) {
if ($old_sequence == null || !pgsql8_permission::has_permission($old_sequence, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_sequence, $new_permission) . "\n");
}
}
}
foreach (dbx::get_functions($new_schema) as $new_function) {
$old_function = null;
if ($old_schema != null) {
$old_function = dbx::get_function($old_schema, $new_function['name'], pgsql8_function::get_declaration($new_schema, $new_function));
}
foreach (dbx::get_permissions($new_function) as $new_permission) {
if ($old_function == null || !pgsql8_permission::has_permission($old_function, $new_permission)) {
$ofs1->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_function, $new_permission) . "\n");
}
}
}
foreach (dbx::get_views($new_schema) as $new_view) {
$old_view = NULL;
if ($old_schema != NULL) {
$old_view = dbx::get_view($old_schema, $new_view['name']);
}
foreach (dbx::get_permissions($new_view) as $new_permission) {
// if always_recreate_views flag is on, always grant all view permissions, as the view was recreated
if (dbsteward::$always_recreate_views || $old_view == NULL || !pgsql8_permission::has_permission($old_view, $new_permission) || pgsql8_diff_views::is_view_modified($old_view, $new_view)) {
// view permissions are in schema stage 3 file because views are (re)created in that stage for SELECT * expansion
$ofs3->write(pgsql8_permission::get_sql(dbsteward::$new_database, $new_schema, $new_view, $new_permission) . "\n");
}
}
}
}
}
public static function equals($node_schema_a, $node_function_a, $node_function_b, $ignore_function_whitespace)
{
if (strcasecmp($node_function_a['name'], $node_function_b['name']) != 0) {
return false;
}
$a_definition = pgsql8_function::get_definition($node_function_a);
$b_definition = pgsql8_function::get_definition($node_function_b);
if ($ignore_function_whitespace) {
$a_definition = preg_replace("/\\s+/", " ", $a_definition);
$b_definition = preg_replace("/\\s+/", " ", $b_definition);
}
$db_doc = $node_schema_a->xpath('..');
$a_owner = xml_parser::role_enum($db_doc[0], $node_function_a['owner']);
$b_owner = xml_parser::role_enum($db_doc[0], $node_function_b['owner']);
$equals = strcasecmp(pgsql8_function::get_declaration($node_schema_a, $node_function_a), pgsql8_function::get_declaration($node_schema_a, $node_function_b)) == 0 && strcasecmp($a_definition, $b_definition) == 0 && strcasecmp($a_owner, $b_owner) == 0 && strcasecmp($node_function_a['type'], $node_function_b['type']) == 0;
return $equals;
}
public static function &get_function(&$node_schema, $name, $declaration = NULL, $create_if_not_exist = FALSE)
{
$node_function = NULL;
$nodes = $node_schema->xpath("function[@name='" . $name . "']");
// filter out versions of functon in languages that are not relevant to the current format being processed
$filtered_nodes = array();
foreach ($nodes as $node) {
if (format_function::has_definition($node)) {
$filtered_nodes[] = $node;
}
}
$nodes = $filtered_nodes;
// TODO: this logic is buggy and needs fixed
if (count($nodes) == 0) {
if ($create_if_not_exist) {
// function not found, caller wants the function created in the db
$node_function = $node_schema->addChild('function');
$node_function->addAttribute('name', $name);
}
} else {
if (count($nodes) > 1) {
if (strlen($declaration) == 0) {
throw new exception("more than one match for function " . $name . " and declaration is blank");
}
foreach ($nodes as $node) {
if (strcasecmp(pgsql8_function::get_declaration($node_schema, $node), $declaration) == 0) {
if ($node_function == NULL) {
$node_function = $node;
} else {
throw new exception("more than one function match " . $name . " matches passed declaration: " . $declaration);
}
}
}
if ($node_function == NULL) {
//@DEBUG: use this to make sure function declaration comparisons are working properly
dbsteward::warning("NOTICE: no functions named " . $name . " match passed declaration: " . $declaration);
}
} else {
$node_function = $nodes[0];
}
}
return $node_function;
}
public function testFunctionNameQuoting()
{
$xml = <<<XML
<dbsteward>
<schema name="test">
<table name="test1">
<column name="col1" type="int" />
</table>
<function name="testfunc" returns="int" owner="ROLE_OWNER" cachePolicy="VOLATILE" description="test function">
<functionParameter name="test_id" type="int" />
<functionDefinition language="plpgsql" sqlFormat="pgsql8">
BEGIN
RETURN test_id;
END;
</functionDefinition>
</function>
</schema>
</dbsteward>
XML;
$db_doc = simplexml_load_string($xml);
$fxn_sql = pgsql8_function::get_declaration($db_doc->schema, $db_doc->schema->function);
$expected = '"test"."testfunc"(test_id int)';
$this->assertEquals($expected, $fxn_sql);
}
public static function get_sql($db_doc, $node_schema, $node_object, $node_permission)
{
format::set_context_replica_set_id($node_object);
$perms = pgsql8_permission::get_permission_operations($node_permission);
$roles = preg_split(dbsteward::PATTERN_SPLIT_ROLE, $node_permission['role'], -1, PREG_SPLIT_NO_EMPTY);
$object_type = strtoupper($node_object->getName());
switch ($object_type) {
case 'SCHEMA':
$object_name = pgsql8::get_quoted_schema_name($node_schema['name']);
break;
case 'SEQUENCE':
case 'TABLE':
case 'VIEW':
$object_name = pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($node_object['name']);
break;
case 'FUNCTION':
$object_name = pgsql8_function::get_declaration($node_schema, $node_object);
break;
default:
throw new exception("unknown object type encountered: " . $object_type);
}
$sql = '';
for ($j = 0; $j < count($roles); $j++) {
$with = '';
if (isset($node_permission['with']) && strlen($node_permission['with']) > 0) {
$with = "WITH " . $node_permission['with'] . " OPTION";
}
if (strcasecmp($object_type, 'VIEW') == 0) {
// postgresql doesn't want you to name the view keyword when you grant rights to views
$pg_object_type = '';
} else {
$pg_object_type = $object_type;
}
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement(strtoupper($node_permission->getName()), implode(', ', $perms), $pg_object_type, $object_name, xml_parser::role_enum($db_doc, $roles[$j]), $with);
// SCHEMA IMPLICIT GRANTS
if (strcasecmp($object_type, 'SCHEMA') == 0) {
// READYONLY USER PROVISION: grant usage on the schema for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'USAGE', 'SCHEMA', pgsql8::get_quoted_schema_name($node_schema['name']), $db_doc->database->role->readonly);
}
}
// SEQUENCE IMPLICIT GRANTS
if (strcasecmp($object_type, 'SEQUENCE') == 0) {
// READYONLY USER PROVISION: generate a SELECT on the sequence for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'SELECT', 'SEQUENCE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($node_object['name']), $db_doc->database->role->readonly);
}
}
// TABLE IMPLICIT GRANTS
if (strcasecmp($object_type, 'TABLE') == 0) {
// READYONLY USER PROVISION: grant select on the table for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'SELECT', 'TABLE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($node_object['name']), $db_doc->database->role->readonly);
}
// don't need to grant cascaded serial permissions to the table owner
if (strcasecmp('ROLE_OWNER', $roles[$j]) == 0) {
continue;
}
// set serial columns permissions based on table permissions
foreach ($node_object->column as $column) {
if (preg_match(pgsql8::PATTERN_TABLE_LINKED_TYPES, $column['type']) > 0) {
$col_sequence = pgsql8::identifier_name($node_schema['name'], $node_object['name'], $column['name'], '_seq');
$seq_priv = array();
// if you can SELECT, INSERT or UPDATE the table, you can SELECT on the sequence
if (in_array('SELECT', $perms) || in_array('INSERT', $perms) || in_array('UPDATE', $perms)) {
$seq_priv[] = 'SELECT';
}
// if you can INSERT or UPDATE the table, you can UPDATE the sequence
if (in_array('INSERT', $perms) || in_array('UPDATE', $perms)) {
$seq_priv[] = 'UPDATE';
}
// if you only have USAGE or SELECT
// then seq_priv is empty, and no grant should be issued
if (count($seq_priv) > 0) {
$with = '';
if (isset($node_permission['with']) && strlen($node_permission['with']) > 0) {
$with = "WITH " . $node_permission['with'] . " OPTION";
}
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', implode(',', $seq_priv), 'SEQUENCE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($col_sequence), xml_parser::role_enum($db_doc, $roles[$j]), $with);
}
// READYONLY USER PROVISION: grant implicit select on the sequence for the readonly user
if (strlen($db_doc->database->role->readonly) > 0) {
if (strlen($sql) > 0) {
$sql .= "\n";
}
$sql .= self::compile_sql_statement('GRANT', 'SELECT', 'SEQUENCE', pgsql8::get_quoted_schema_name($node_schema['name']) . '.' . pgsql8::get_quoted_table_name($col_sequence), $db_doc->database->role->readonly);
}
}
}
}
}
return $sql;
}