DROP USER IF EXISTS api;

SET password_encryption = 'scram-sha-256';

CREATE ROLE api WITH 
    LOGIN
	NOSUPERUSER
	NOCREATEDB
	NOCREATEROLE
	INHERIT
	NOREPLICATION
	CONNECTION LIMIT -1
	PASSWORD 'api';
	
--------------------grant--------------------------------------------------
    
GRANT USAGE ON SCHEMA lgdat TO api;

GRANT SELECT /*, UPDATE, INSERT, DELETE*/ ON ALL TABLES IN SCHEMA lgdat TO api;

GRANT USAGE ON ALL SEQUENCES IN SCHEMA lgdat TO api;

ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT SELECT/*, UPDATE, INSERT, DELETE*/ ON TABLES TO api;

ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat GRANT USAGE ON SEQUENCES TO api;

---------------------------revoke---------------------------------------

REVOKE USAGE ON SCHEMA lgdat FROM api;

REVOKE USAGE ON SCHEMA lgdat FROM api;

REVOKE SELECT , UPDATE, INSERT, DELETE ON ALL TABLES IN SCHEMA lgdat FROM api;

REVOKE USAGE ON ALL SEQUENCES IN SCHEMA lgdat FROM api;

ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE SELECT, UPDATE, INSERT, DELETE ON TABLES FROM api;

ALTER DEFAULT PRIVILEGES IN SCHEMA lgdat REVOKE USAGE ON SEQUENCES FROM api;