feat: updated docs to include filestruct

DBB/initdb/01_create_user.sh

@@ -0,0 +1,56 @@
+#!/bin/bash
+set -e  # Exit on error
+
+echo "Creating PostgreSQL user and setting permissions... $POSTGRES_USER for API user $POSTGRES_API_USER"
+
+
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+    CREATE ROLE migrate LOGIN ENCRYPTED PASSWORD '$POSTGRES_PASSWORD';
+    GRANT USAGE, CREATE ON SCHEMA public TO migrate;
+    GRANT CONNECT ON DATABASE arbeitszeitmessung TO migrate;
+EOSQL
+
+# psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+
+#     GRANT SELECT, INSERT, UPDATE ON anwesenheit, abwesenheit, user_password, wochen_report, s_feiertage TO $POSTGRES_API_USER;
+#     GRANT DELETE ON abwesenheit TO $POSTGRES_API_USER;
+#     GRANT SELECT ON s_personal_daten, s_abwesenheit_typen, s_anwesenheit_typen, s_feiertage TO $POSTGRES_API_USER;
+#     GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO $POSTGRES_API_USER;
+# EOSQL
+
+echo "User creation and permissions setup complete!"
+
+
+psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL
+
+-- privilege roles
+DO \$\$
+BEGIN
+    IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = 'app_base') THEN
+        CREATE ROLE app_base NOLOGIN;
+    END IF;
+END
+\$\$;
+
+-- dynamic login role
+DO \$\$
+BEGIN
+    IF NOT EXISTS (SELECT FROM pg_roles WHERE rolname = '$POSTGRES_API_USER') THEN
+        CREATE ROLE $POSTGRES_API_USER
+            LOGIN
+            ENCRYPTED PASSWORD '$POSTGRES_API_PASS';
+    END IF;
+END
+\$\$;
+
+-- grant base privileges
+GRANT app_base TO $POSTGRES_API_USER;
+GRANT CONNECT ON DATABASE $POSTGRES_DB TO $POSTGRES_API_USER;
+GRANT USAGE ON SCHEMA public TO $POSTGRES_API_USER;
+
+CREATE EXTENSION IF NOT EXISTS pgcrypto;
+
+EOSQL
+
+# psql -v ON_ERROR_STOP=1 --username root --dbname arbeitszeitmessung