def deriveddls()

in src/MetadataTransfer/userprivs.py [0:0]

• 60 lines of code
• 26 McCabe index (conditional complexity)

def deriveddls(privlist, targetuser):
    try:
        ddllist = []
        for i in privlist:
            objname = i[2]
            objtype = i[3]
            objowner = i[0]
            if objtype == 'table' or objtype == 'function':
                schemaname = i[1] + '.'
            elif objtype == 'default acl':
                schemaname = i[1]
            else:
                schemaname = ''
            current_user = targetuser
            privileges = i[4]
            if privileges:
                y = privileges.split(',')
                for j in y:
                    privs = decodeprivs(j)
                    grantor = privs['grantor']
                    grantee = privs['grantee']
                    if not grantor.isdigit() and not grantee.isdigit():
                        grantoption = privs['decodegrantopt']
                        nograntoption = privs['decodenograntopt']

                        if grantor != current_user and grantor != 'rdsdb' and objtype != 'default acl':
                            ddl = 'SET SESSION AUTHORIZATION ' + grantor + ';'
                            ddllist.append(ddl)

                        if grantoption and grantee != 'rdsdb':
                            if objtype == 'default acl' and schemaname:
                                ddl = 'ALTER DEFAULT PRIVILEGES FOR USER %s IN SCHEMA %s GRANT %s on %s to %s ' \
                                      'WITH GRANT OPTION;' % (objowner, schemaname, grantoption, objname, grantee)
                                ddllist.append(ddl)
                            elif objtype == 'default acl':
                                ddl = 'ALTER DEFAULT PRIVILEGES FOR USER %s GRANT %s on %s to %s WITH GRANT OPTION;' % \
                                      (objowner, grantoption, objname, grantee)
                                ddllist.append(ddl)
                            else:
                                ddl = 'GRANT %s on %s %s%s to %s WITH GRANT OPTION;' % (grantoption, objtype,
                                                                                        schemaname, objname, grantee)
                                ddllist.append(ddl)
                        if nograntoption and grantee != 'rdsdb':
                            if objtype == 'default acl' and schemaname:
                                ddl = 'ALTER DEFAULT PRIVILEGES FOR USER %s IN SCHEMA %s GRANT %s on %s to %s;' % \
                                      (objowner, schemaname, nograntoption, objname, grantee)
                                ddllist.append(ddl)
                            elif objtype == 'default acl':
                                ddl = 'ALTER DEFAULT PRIVILEGES FOR USER %s GRANT %s on %s to %s;' % \
                                      (objowner, nograntoption, objname, grantee)
                                ddllist.append(ddl)
                            else:
                                ddl = 'GRANT %s on %s %s%s to %s;' % (nograntoption, objtype, schemaname,
                                                                      objname, grantee)
                                ddllist.append(ddl)

                        if grantor != current_user and grantor != 'rdsdb' and objtype != 'default acl':
                            ddl = 'RESET SESSION AUTHORIZATION;'
                            ddllist.append(ddl)
        return ddllist
    except Exception as err:
        print "[%s] ERROR: %s" % (str(datetime.now()), err)
        exit()