grant schema access to <schema>_reader

[HomoCodens]

Currently db admins need to grant all on schema <schema name> to <user name> for each individual user who needs to work with a specific schema.

Would it not be easier to grant schema access <schema>_reader (and thus _writer and _admin)? That way new users only need the grant to _reader, which they need anyway, and they are set.

Was there any reason why we did it the way we did?

[HomoCodens]

inst/sql/create_roles.sql

CREATE ROLE timeseries_reader NOLOGIN;
CREATE ROLE timeseries_writer NOLOGIN;
GRANT timeseries_reader TO timeseries_writer;

CREATE ROLE timeseries_access_public;
CREATE ROLE timeseries_access_main;
CREATE ROLE timeseries_access_restricted;
GRANT timeseries_access_public TO timeseries_access_main;
GRANT timeseries_access_main to timeseries_access_restricted;

CREATE ROLE timeseries_admin NOLOGIN;
GRANT timeseries_writer TO timeseries_admin;
GRANT timeseries_access_restricted TO timeseries_admin;
GRANT ALL ON SCHEMA timeseries TO timeseries_admin;

Well, I guess we do not want to grant ALL to readers but granting select to _reader and insert, update to _writer in this script should work.