bugfix in create_readonly_postgres_user: granting SELECT on pg_authid should...

bugfix in create_readonly_postgres_user: granting SELECT on pg_authid should be handled separately from readonly user creation

utils.sh

@@ -308,11 +308,14 @@ function create_readonly_postgres_user() {
         echo "    +-- password: $RUSER_PW"
     fi
 
-    # make sure the role exists and has the basic required privileges (and lacks the unneeded ones)
+    # make sure the role exists
     PGPASSWORD="$PG_PASS" psql -h "$PG_HOST" -U "$PG_USER" -c "
-        CREATE ROLE $RUSER_NAME NOSUPERUSER NOCREATEDB NOCREATEROLE LOGIN NOREPLICATION PASSWORD '$RUSER_PW';
-        GRANT SELECT ON pg_authid TO $RUSER_NAME;" postgres \
-        || { display_error "Error creating the $RUSER_NAME role and granting SELECT on pg_authid."; return 1; }
+        CREATE ROLE $RUSER_NAME NOSUPERUSER NOCREATEDB NOCREATEROLE LOGIN NOREPLICATION PASSWORD '$RUSER_PW';" postgres \
+        || { display_error "Error creating the $RUSER_NAME role."; return 1; }
+        
+    # make sure the role has the basic required privileges (and lacks the unneeded ones)
+    PGPASSWORD="$PG_PASS" psql -h "$PG_HOST" -U "$PG_USER" -c "GRANT SELECT ON pg_authid TO $RUSER_NAME;" postgres \
+        || { display_error "Error granting $RUSER_NAME role SELECT on pg_authid."; return 1; }
     
     # get the list of roles
     ROLES="$( PGPASSWORD="$PG_PASS" psql -h "$PG_HOST" -U "$PG_USER" -qt -c '\dg' postgres | grep '|' | cut -d '|' -f 1 | tr -d ' ' | egrep -v '^$' )" \
@@ -604,4 +607,4 @@ function ssh_rsa_decrypt {
     # decrypt from stdin to stdout
     openssl pkeyutl -decrypt -inkey "$PRIVKEY"
 }
-export -f ssh_rsa_decrypt
\ No newline at end of file
+export -f ssh_rsa_decrypt