From a2b657c7b02498f92426edf2300153115b29031c Mon Sep 17 00:00:00 2001
From: Munthikodu <Sreejith.Munthikodu@gov.bc.ca>
Date: Wed, 20 Nov 2024 13:06:33 -0800
Subject: [PATCH] Added usage on schema statements to apply grants script

---
 shared/bcts_access_management/bcts_acces_apply_grants.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/shared/bcts_access_management/bcts_acces_apply_grants.py b/shared/bcts_access_management/bcts_acces_apply_grants.py
index fd32aa4..186865d 100644
--- a/shared/bcts_access_management/bcts_acces_apply_grants.py
+++ b/shared/bcts_access_management/bcts_acces_apply_grants.py
@@ -40,7 +40,14 @@ def apply_grants():
     all_statements = []
     for _, row in df.iterrows():
         all_statements.extend(generate_grant_statements(row))
-        # Execute the grant statements in PostgreSQL
+    
+    # Execute the grant statements in PostgreSQL
+    schema_roles_list = list(set([(x.split(' ON ')[1].split('.')[0], x.split(' TO ')[1].split(';')[0]) for x in all_statements]))
+    usage_statements = []
+    for (schema, role) in schema_roles_list:
+        usage_statement = f"GRANT USAGE ON SCHEMA {schema} TO {role};"
+        usage_statements.append(usage_statement)
+    all_statements.extend(usage_statements)
     with engine.begin() as connection:
         for statement in all_statements:
             logging.info(statement)