From 35b59c448f4ee961d782eee38394071519249446 Mon Sep 17 00:00:00 2001
From: Mario de Frutos <mario.defrutos@cartodb.com>
Date: Tue, 26 Jan 2016 12:46:05 +0100
Subject: [PATCH 1/2] Add needed security definer to config function

---
 server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql | 4 +++-
 server/extension/sql/0.1.0/15_config_helper.sql        | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql b/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql
index 43aa150..cc2f44f 100644
--- a/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql
+++ b/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql
@@ -47,6 +47,7 @@ RETURNS boolean AS $$
     }
     return True
 $$ LANGUAGE plpythonu;
+
 -- Get the Redis configuration from the _conf table --
 CREATE OR REPLACE FUNCTION cdb_geocoder_server._get_geocoder_config(username text, orgname text)
 RETURNS boolean AS $$
@@ -71,7 +72,8 @@ RETURNS boolean AS $$
     # --for this user session but...
     GD[cache_key] = geocoder_config
     return True
-$$ LANGUAGE plpythonu;
+$$ LANGUAGE plpythonu SECURITY DEFINER;
+
 -- Geocodes a street address given a searchtext and a state and/or country
 CREATE OR REPLACE FUNCTION cdb_geocoder_server.cdb_geocode_street_point_v2(username TEXT, orgname TEXT, searchtext TEXT, city TEXT DEFAULT NULL, state_province TEXT DEFAULT NULL, country TEXT DEFAULT NULL)
 RETURNS Geometry AS $$
diff --git a/server/extension/sql/0.1.0/15_config_helper.sql b/server/extension/sql/0.1.0/15_config_helper.sql
index dd37953..39a8af2 100644
--- a/server/extension/sql/0.1.0/15_config_helper.sql
+++ b/server/extension/sql/0.1.0/15_config_helper.sql
@@ -22,4 +22,4 @@ RETURNS boolean AS $$
     # --for this user session but...
     GD[cache_key] = geocoder_config
     return True
-$$ LANGUAGE plpythonu;
+$$ LANGUAGE plpythonu SECURITY DEFINER;

From 2409d548b69b8a95a383171ea9dcda7d8a1a05d4 Mon Sep 17 00:00:00 2001
From: Mario de Frutos <mario.defrutos@cartodb.com>
Date: Tue, 26 Jan 2016 12:46:30 +0100
Subject: [PATCH 2/2] Grants to be applied again to give permissions to the new
 functions

---
 server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql b/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql
index cc2f44f..808a118 100644
--- a/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql
+++ b/server/extension/cdb_geocoder_server--0.0.1--0.1.0.sql
@@ -132,3 +132,10 @@ RETURNS Geometry AS $$
     plpy.error('Google geocoder is not available yet')
     return None
 $$ LANGUAGE plpythonu;
+
+-- We apply again the grants to include the new functions
+GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA cdb_geocoder_server TO geocoder_api;
+GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO geocoder_api;
+GRANT USAGE ON SCHEMA cdb_geocoder_server TO geocoder_api;
+GRANT USAGE ON SCHEMA public TO geocoder_api;
+GRANT SELECT ON ALL TABLES IN SCHEMA public TO geocoder_api;