Make doctrine role a database-level setting

.env.dist

@@ -3,16 +3,17 @@ CHECKER_MEMBERSHIP_API_ENDPOINT=https://tue-lookup.test.gewis.nl/user/
 CHECKER_MEMBERSHIP_API_KEY=c2VjcmV0
 CHECKER_MEMBERSHIP_API_MAX_TOTAL_REQUESTS=200
 CHECKER_MEMBERSHIP_API_MAX_MANUAL_REQUESTS=20
-DOCTRINE_ROLE=gewisdb
 DOCTRINE_DEFAULT_HOST=postgresql
 DOCTRINE_DEFAULT_PORT=5432
 DOCTRINE_DEFAULT_USER=gewisdb
 DOCTRINE_DEFAULT_PASSWORD=gewisdb
+DOCTRINE_DEFAULT_ROLE=gewisdb
 DOCTRINE_DEFAULT_DATABASE=gewisdb
 DOCTRINE_REPORT_HOST=postgresql
 DOCTRINE_REPORT_PORT=5432
 DOCTRINE_REPORT_USER=gewisdb
 DOCTRINE_REPORT_PASSWORD=gewisdb
+DOCTRINE_REPORT_ROLE=gewisdb
 DOCTRINE_REPORT_DATABASE=gewisdb_report
 
 # Laminas settings

module/Application/src/Extensions/Doctrine/Middleware/Driver.php

@@ -9,11 +9,16 @@
 use Doctrine\DBAL\Driver\Middleware\AbstractDriverMiddleware;
 use SensitiveParameter;
 
+use function implode;
+
 class Driver extends AbstractDriverMiddleware
 {
+    /**
+     * @param array<non-empty-string,non-empty-string> $roles
+     */
     public function __construct(
         DriverInterface $driver,
-        private readonly string $role,
+        private readonly array $roles,
         private readonly bool $isPgSQL,
     ) {
         parent::__construct($driver);
@@ -28,8 +33,10 @@ public function connect(
     ): ConnectionInterface {
         $connection = parent::connect($params);
 
-        if ($this->isPgSQL) {
-            $connection->exec('SET ROLE ' . $connection->quote($this->role));
+        if ($this->isPgSQL && isset($params['host']) && isset($params['port']) && isset($params['dbname'])) {
+            $role = $this->roles[implode(':', [$params['host'], $params['port'], $params['dbname']])];
+
+            $connection->exec('SET ROLE ' . $connection->quote($role));
         }
 
         return $connection;

module/Application/src/Extensions/Doctrine/Middleware/SetRoleMiddleware.php

@@ -9,6 +9,7 @@
 use RuntimeException;
 
 use function getenv;
+use function implode;
 
 class SetRoleMiddleware implements MiddlewareInterface
 {
@@ -22,11 +23,31 @@ public function wrap(DriverInterface $driver): DriverInterface
             throw new RuntimeException('Expected DBAL Driver to be PDO PgSQL, but got ' . $driver::class);
         }
 
-        $role = getenv('DOCTRINE_ROLE');
-        if (false === $role) {
-            throw new RuntimeException('Required DOCTRINE_ROLE not set...');
+        $roleDefault = getenv('DOCTRINE_DEFAULT_ROLE');
+        if (false === $roleDefault) {
+            throw new RuntimeException('Required `DOCTRINE_DEFAULT_ROLE` not set...');
         }
 
-        return new Driver($driver, $role, $isPgSQL);
+        $roleReport = getenv('DOCTRINE_REPORT_ROLE');
+        if (false === $roleReport) {
+            throw new RuntimeException('Required `DOCTRINE_REPORT_ROLE` not set...');
+        }
+
+        $roles = [
+            implode(':', [
+                getenv('DOCTRINE_DEFAULT_HOST'),
+                getenv('DOCTRINE_DEFAULT_PORT'),
+                getenv('DOCTRINE_DEFAULT_DATABASE'),
+            ])
+                => $roleDefault,
+            implode(':', [
+                getenv('DOCTRINE_REPORT_HOST'),
+                getenv('DOCTRINE_REPORT_PORT'),
+                getenv('DOCTRINE_REPORT_DATABASE'),
+            ])
+                => $roleReport,
+        ];
+
+        return new Driver($driver, $roles, $isPgSQL);
     }
 }