provider-sql icon indicating copy to clipboard operation
provider-sql copied to clipboard
verified publisher icon crossplane-contrib

[PGSQL] Extend Grant kind to support more than database object

Open Bastichou opened this issue 11 months ago • 7 comments

Support schema,objects,objectType specifications on Grant kind to grand permission on other object than the database.

This feature request will cover the following issues:

  • https://github.com/crossplane-contrib/provider-sql/issues/161
  • https://github.com/crossplane-contrib/provider-sql/issues/72
  • https://github.com/crossplane-contrib/provider-sql/issues/145

What problem are you facing?

Currently the GRANT object only support granting privileges to the Database object: GRANT %s ON DATABASE %s TO %s %s %s

Grant kind only supports granting permissions on Database object. The Grant kind doest allow fine-grained permission on sub-object such as schemas, extensions, tables, columns etc.

How could Crossplane help solve your problem?

Introducing Schema, ObjectType and Objects to better qualify the grant specification is probably the way to do (this is how this Terraform provider is taking care of this) but this would be a breaking change (unless we set object database as default maybe).

Slack discussion link: https://crossplane.slack.com/archives/C0384KWFD52/p1739825314454329

Bastichou avatar Feb 20 '25 16:02 Bastichou

@Bastichou I'd like to contribute to this issue. please let me know if I can work on this

unni-facets avatar Feb 21 '25 11:02 unni-facets

I started working on this PR (realy stage draft), feel free to comment. We can sync on Slack if you wanna give me more inputs or recommandations :)

Bastichou avatar Feb 21 '25 14:02 Bastichou

Guys, I'm sorry but I really miss out of time and I wont be able to work as much I as would like on this. If anyone is keen to take over please do :'(

I do have a PR in draft if you want to keep going.

Bastichou avatar Apr 02 '25 17:04 Bastichou

I started working on something similar but for the moment it's postponed at work. Love what you started @Bastichou. It's quite evolved.

benoittgt avatar Apr 22 '25 10:04 benoittgt

@chlunde I wanted to have a shot at this as it's a feature we'd really like to have. But it looks like you moved this in progress. Does that mean, you're now implementing this feature? Asking because it doesn't make sense if two people work on it :)

Kidswiss avatar Jun 18 '25 09:06 Kidswiss

@Kidswiss there are two PRs already 😓

  • https://github.com/crossplane-contrib/provider-sql/pull/235
  • https://github.com/crossplane-contrib/provider-sql/pull/218

But I'm looking into the design, I'm not entirely sure it's the right design. So feedback on #235 would be nice.

chlunde avatar Jun 18 '25 09:06 chlunde

Hi @chlunde , have you got any update on this issue?

tomitesh avatar Aug 05 '25 15:08 tomitesh