#!/store/bin/perl -w
#
# Author: Petter Reinholdtsen <pere@td.org.uit.no>
# Date:   1998-09-28
#
# Make list of 'grant' commands based on current db permissions.
#
# Use './pg-show-db-access.pl |sort +5 +3' to get a nice list

sub usage {
    print "$0 [dbname [dbhost]]\n";
}

use vars qw($dbhost $db $cmd);

($db, $dbhost) = ("", "");
$db = $ARGV[0] if ( defined $ARGV[0] );
$dbhost = "-h $ARGV[1]" if ( defined $ARGV[1] );

$cmd = "psql -t -c \\\\z $dbhost $db";

open(CMD, "$cmd |") || die "Unable to execute \"$cmd\"";

while (<CMD>) {
    chomp;
    my ($table, $perm) = m/\s+\|\s+(\w+)\s+\|\s+\{(.+)\}\s+\|/;
    if ( defined $table ) {
	my @perms = split(/,/, $perm);
	for $perm (@perms) {
	    my ($username, $access) = $perm =~ m/(\w*)=(\w+)/;
	    $username = "public" unless ($username);
	    if (defined $access) {
		my %ACL;
		$ACL{SELECT} = 1 if ($access =~ m/r/);
		$ACL{INSERT} = 1 if ($access =~ m/a/);
		if ($access =~ m/w/) {
		    $ACL{DELETE} = 1;
		    $ACL{UPDATE} = 1;
		    $ACL{INSERT} = 1;
		}
		# XXX Not sure what 'R' means, skipping it
		# $ACL{PLACE_RULES} = 1 if ($access =~ m/R/);

		for $c (sort keys %ACL) {
		    print "GRANT $c ON $table TO $username;\n";
		    
		}
	    }
	}
    }
}

close(CMD);