1### Workflow to grant read (SELECT) privilege to all users in NSAPH admin role
2# Copyright (c) 2022. Harvard University
3#
4# Developed by Research Software Engineering,
5# Faculty of Arts and Sciences, Research Computing (FAS RC)
6# Author: Michael A Bouzinier
7#
8# Licensed under the Apache License, Version 2.0 (the "License");
9# you may not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS,
16# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19#
20
21cwlVersion: v1.2
22class: Workflow
23
24doc: |
25 This workflow executes an SQL statement in the database to grant
26 read priviligies to NSAPH users (memebrs of group nsaph_admin)
27 This is a wrapper around the tool to be called from Airflow DAG.
28
29inputs:
30 database:
31 type: File
32 doc: Path to database connection file, usually database.ini
33 connection_name:
34 type: string
35 doc: The name of the section in the database.ini file
36 sql:
37 type: string[]
38 default:
39 - "call public.grant_select('nsaph_admin');"
40
41steps:
42 grant:
43 run: alter_database.cwl
44 doc: |
45 Grants read access to the members of NSAPH group for newly created
46 or updated tables
47 in:
48 database: database
49 connection_name: connection_name
50 sql: sql
51 out:
52 - log
53 - err
54
55
56outputs:
57 grant_log:
58 type: File
59 outputSource: grant/log
60 grant_err:
61 type: File
62 outputSource: grant/err