REVOKE ALL ON company		 FROM scanner;
REVOKE ALL ON session            FROM scanner;
REVOKE ALL ON config             FROM scanner;
REVOKE ALL ON classification     FROM scanner;
REVOKE ALL ON file               FROM scanner;
REVOKE ALL ON filetag            FROM scanner;
REVOKE ALL ON filetype           FROM scanner;
REVOKE ALL ON filetypetag        FROM scanner;
REVOKE ALL ON fileview           FROM scanner;
REVOKE ALL ON loginattempt       FROM scanner;
REVOKE ALL ON retention          FROM scanner;
REVOKE ALL ON role               FROM scanner;
REVOKE ALL ON scanoption         FROM scanner;
REVOKE ALL ON tag                FROM scanner;
REVOKE ALL ON "user"               FROM scanner;
REVOKE ALL ON userclassification FROM scanner;
REVOKE ALL ON userrole           FROM scanner;
REVOKE ALL ON workflow 		FROM scanner;
REVOKE ALL ON workflowstep FROM scanner;

GRANT SELECT ON company TO scanner;
GRANT SELECT ON config TO scanner;
GRANT SELECT ON session TO scanner;
GRANT SELECT ON classification to scanner;
GRANT SELECT ON role to scanner;
GRANT SELECT ON retention to scanner;
GRANT SELECT ON scanoption to scanner;
GRANT SELECT ON tag TO scanner;
GRANT SELECT ON workflow TO scanner;

-- Default on function is execute to public

REVOKE ALL ON FUNCTION fn_addfiletag      ( int_userid integer, int_fileid integer, varchar_tagname character varying) FROM public;
REVOKE ALL ON FUNCTION fn_addfiletypetag  ( int_userid integer, int_filetypeid integer, varchar_tagname character varying) FROM public;
REVOKE ALL ON FUNCTION fn_adduserrole     ( int_userid integer, int_edituserid integer, int_roleid integer) FROM public;
REVOKE ALL ON FUNCTION fn_browsedates     ( int_userid integer, int_year integer, int_month integer) FROM public;
REVOKE ALL ON FUNCTION fn_browsefiles     ( int_userid integer, var_how character varying, int_year integer, int_month integer, int_day integer, var_filetypename character varying, var_tagname character varying) FROM public;
REVOKE ALL ON FUNCTION fn_changeuserclass ( int_userid integer, int_edituserid integer, int_newclassid integer) FROM public;
REVOKE ALL ON FUNCTION fn_checkfiletype   ( character varying, integer) FROM public;
REVOKE ALL ON FUNCTION fn_checklogin      ( character varying, character varying, character varying) FROM public;
REVOKE ALL ON FUNCTION fn_checkscanoption ( integer, integer, character varying, boolean) FROM public;
REVOKE ALL ON FUNCTION fn_checktag        ( character varying) FROM public;
REVOKE ALL ON FUNCTION fn_delfiletag      ( int_userid integer, int_fileid integer, int_filetagid integer) FROM public;
REVOKE ALL ON FUNCTION fn_delfiletypetag  ( int_userid integer, int_filetypeid integer, int_filetypetagid integer) FROM public;
REVOKE ALL ON FUNCTION fn_deltag          ( int_userid integer, int_tagid integer, int_mergetagid integer) FROM public;
REVOKE ALL ON FUNCTION fn_deluserrole     ( int_userid integer, int_userroleid integer) FROM public;
REVOKE ALL ON FUNCTION fn_file            ( int_userid integer, int_fileid integer) FROM public;
REVOKE ALL ON FUNCTION fn_filetags        ( int_userid integer, int_fileid integer, int_filetagid integer) FROM public;
REVOKE ALL ON FUNCTION fn_filetype        ( int_userid integer, int_filetypeid integer, var_filetypename character varying, var_filetypedesc character varying, int_classificationid integer, int_retentionid integer, int_scanoptionid integer, bool_ocr boolean) FROM public;
REVOKE ALL ON FUNCTION fn_filetypes       ( int_userid integer, int_filetypeid integer, int_classificationid integer) FROM public;
REVOKE ALL ON FUNCTION fn_filetypetags    ( int_userid integer, int_filetypeid integer, int_filetypetagid integer) FROM public;
REVOKE ALL ON FUNCTION fn_insertfile      ( integer, character varying, date, integer, character varying, character varying, character varying, character varying, character varying, boolean, character varying, character varying) FROM public;
REVOKE ALL ON FUNCTION fn_insertview      ( int_userid integer, int_fileid integer) FROM public;
REVOKE ALL ON FUNCTION fn_int2ltree       ( integer) FROM public;
REVOKE ALL ON FUNCTION fn_hasrole         ( int_userid integer, varchar_rolename varchar) FROM public;
REVOKE ALL ON FUNCTION fn_persistsession  ( var_sessionid character varying, var_sessiondata character varying) FROM public;
REVOKE ALL ON FUNCTION fn_scanoptions     ( var_filetypename character varying) FROM public;
REVOKE ALL ON FUNCTION fn_searchresults   ( arr_tags anyarray, arr_keywords anyarray, arr_filetypes anyarray) FROM public;
REVOKE ALL ON FUNCTION fn_updatefilename  ( int_userid integer, var_filename character varying, var_newfilename character varying) FROM public;
REVOKE ALL ON FUNCTION fn_user            ( int_userid integer, int_edituserid integer, varchar_username character varying, varchar_password character varying, bool_enabled boolean, int_classificationid integer) FROM public;
REVOKE ALL ON FUNCTION fn_userroles       ( int_userid integer, int_userroleid integer) FROM public;
REVOKE ALL ON FUNCTION fn_users           ( int_userid integer, int_edituserid integer) FROM public;

-------------------

GRANT EXECUTE ON FUNCTION fn_addfiletag      ( int_userid integer, int_fileid integer, varchar_tagname character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_addfiletypetag  ( int_userid integer, int_filetypeid integer, varchar_tagname character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_adduserrole     ( int_userid integer, int_edituserid integer, int_roleid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_browsedates     ( int_userid integer, int_year integer, int_month integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_browsefiles     ( int_userid integer, var_how character varying, int_year integer, int_month integer, int_day integer, var_filetypename character varying, var_tagname character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_changeuserclass ( int_userid integer, int_edituserid integer, int_newclassid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_checkfiletype   ( character varying, integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_checklogin      ( character varying, character varying, character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_checkscanoption ( integer, integer, character varying, boolean) TO scanner;
GRANT EXECUTE ON FUNCTION fn_checktag        ( character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_delfiletag      ( int_userid integer, int_fileid integer, int_filetagid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_delfiletypetag  ( int_userid integer, int_filetypeid integer, int_filetypetagid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_deltag          ( int_userid integer, int_tagid integer, int_mergetagid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_deluserrole     ( int_userid integer, int_userroleid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_file            ( int_userid integer, int_fileid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_filetags        ( int_userid integer, int_fileid integer, int_filetagid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_filetype        ( int_userid integer, int_filetypeid integer, var_filetypename character varying, var_filetypedesc character varying, int_classificationid integer, int_retentionid integer, int_scanoptionid integer, bool_ocr boolean) TO scanner;
GRANT EXECUTE ON FUNCTION fn_filetypes       ( int_userid integer, int_filetypeid integer, int_classificationid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_filetypetags    ( int_userid integer, int_filetypeid integer, int_filetypetagid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_insertfile      ( integer, character varying, date, integer, character varying, character varying, character varying, character varying, character varying, boolean, character varying, character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_insertview      ( int_userid integer, int_fileid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_int2ltree       ( integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_hasrole         ( int_userid integer, varchar_rolename varchar) TO scanner;
GRANT EXECUTE ON FUNCTION fn_persistsession  ( var_sessionid character varying, var_sessiondata character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_scanoptions     ( var_filetypename character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_searchresults   ( arr_tags anyarray, arr_keywords anyarray, arr_filetypes anyarray) TO scanner;
GRANT EXECUTE ON FUNCTION fn_updatefilename  ( int_userid integer, var_filename character varying, var_newfilename character varying) TO scanner;
GRANT EXECUTE ON FUNCTION fn_user            ( int_userid integer, int_edituserid integer, varchar_username character varying, varchar_password character varying, bool_enabled boolean, int_classificationid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_userroles       ( int_userid integer, int_userroleid integer) TO scanner;
GRANT EXECUTE ON FUNCTION fn_users           ( int_userid integer, int_edituserid integer) TO scanner;

REVOKE ALL ON vw_expireduser        FROM scanner;
REVOKE ALL ON vw_file               FROM scanner;
REVOKE ALL ON vw_filetag            FROM scanner;
REVOKE ALL ON vw_filetype           FROM scanner;
REVOKE ALL ON vw_filetypetag        FROM scanner;
REVOKE ALL ON vw_fileuser           FROM scanner;
REVOKE ALL ON vw_lockout            FROM scanner;
REVOKE ALL ON vw_user               FROM scanner;
REVOKE ALL ON vw_userclassification FROM scanner;
REVOKE ALL ON vw_userrole           FROM scanner;
REVOKE ALL ON vw_workflowpending    FROM scanner;

GRANT USAGE ON SEQUENCE filetiebreaker_seq TO scanner;