Added revocation_sql to the website docs
This commit is contained in:
parent
da9ee9a4c1
commit
e0fb8c17ce
|
@ -37,8 +37,11 @@ func pathRoles(b *backend) *framework.Path {
|
|||
},
|
||||
|
||||
"revocation_sql": {
|
||||
Type: framework.TypeString,
|
||||
Description: "SQL string to revoke a user. This is in beta; use with caution.",
|
||||
Type: framework.TypeString,
|
||||
Description: `SQL statements to be executed to revoke a user. Must be a semicolon-separated
|
||||
string, a base64-encoded semicolon-separated string, a serialized JSON string
|
||||
array, or a base64-encoded serialized JSON string array. The '{{name}}' value
|
||||
will be substituted.`,
|
||||
},
|
||||
},
|
||||
|
||||
|
@ -193,4 +196,12 @@ Example of a decent SQL query to use:
|
|||
|
||||
Note the above user would be able to access everything in schema public.
|
||||
For more complex GRANT clauses, see the PostgreSQL manual.
|
||||
|
||||
The "revocation_sql" parameter customizes the SQL string used to revoke a user.
|
||||
Example of a decent revocation SQL query to use:
|
||||
|
||||
REVOKE ALL PRIVILEGES ON ALL TABLES IN SCHEMA public FROM {{name}};
|
||||
REVOKE ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public FROM {{name}};
|
||||
REVOKE USAGE ON SCHEMA public FROM {{name}};
|
||||
DROP ROLE IF EXISTS {{name}};
|
||||
`
|
||||
|
|
|
@ -247,6 +247,16 @@ subpath for interactive help output.
|
|||
values will be substituted.
|
||||
</li>
|
||||
</ul>
|
||||
<ul>
|
||||
<li>
|
||||
<span class="param">revocation_sql</span>
|
||||
<span class="param-flags">optional</span>
|
||||
SQL statements to be executed to revoke a user. Must be a semicolon-separated
|
||||
string, a base64-encoded semicolon-separated string, a serialized JSON string
|
||||
array, or a base64-encoded serialized JSON string array. The '{{name}}' value
|
||||
will be substituted.
|
||||
</li>
|
||||
</ul>
|
||||
</dd>
|
||||
|
||||
<dt>Returns</dt>
|
||||
|
|
Loading…
Reference in a new issue