Eli Mesika has uploaded a new change for review. Change subject: core: preserve custom db users permissions on... ......................................................................
core: preserve custom db users permissions on... preserve custom db users permissions on upgrade Up to this patch if custom users were added and assign privileges on DB objects those privileges were removed when the db was updated or refreshed. This patch backups the privileges assigned to custom users and apply them after the database was upgraded or refreshed. Change-Id: If4ac85dc943fcb6a8f656a8ebeb172023e71c1ec Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1078129 Signed-off-by: Eli Mesika <[email protected]> --- M packaging/dbscripts/dbfunctions.sh M packaging/dbscripts/refreshStoredProcedures.sh 2 files changed, 16 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/81/25881/1 diff --git a/packaging/dbscripts/dbfunctions.sh b/packaging/dbscripts/dbfunctions.sh index b4c1da9..8de2638 100755 --- a/packaging/dbscripts/dbfunctions.sh +++ b/packaging/dbscripts/dbfunctions.sh @@ -144,6 +144,11 @@ execute_file "delete_async_tasks_and_compensation_data.sql" ${DATABASE} ${SERVERNAME} ${PORT}> /dev/null } +get_custom_user_permissions() { + pg_dump -w -s --host="${SERVVERNAME}" --port="${PORT}" --username="${USERNAME}" "${DATABASE}" | \ + sed -n -e '/^grant/Ip' | sed -e "/to \(public\|postgres\)\|${USERNAME};/Id" +} + run_pre_upgrade() { #Dropping all views & sps drop_views @@ -308,6 +313,7 @@ state="FAILED" comment="" updated=0 + permissions="" validate_version_uniqueness if [ "${NOMD5}" = "false" ]; then is_view_or_sp_changed @@ -316,6 +322,8 @@ # Checks if a view or sp file has been changed if [[ $? -ne 0 || "${NOMD5}" = "true" ]]; then echo "upgrade script detected a change in Config, View or Stored Procedure..." + echo "Saving custom users permissions on database objects..." + permissions="$(get_custom_user_permissions)" run_pre_upgrade updated=1 fi @@ -362,6 +370,8 @@ # force pre upgrade to run in case no md5 change was # found but we still upgrade, like in db restore. if [ $updated -eq 0 ]; then + echo "Saving custom users permissions on database objects..." + permissions="$(get_custom_user_permissions)" run_pre_upgrade updated=1 fi @@ -389,6 +399,8 @@ # restore views & SPs if dropped if [ $updated -eq 1 ]; then run_post_upgrade + echo "Applying custom users permissions on database objects..." + execute_command "${permissions}" ${DATABASE} ${SERVERNAME} ${PORT} > /dev/null else echo "database is up to date." fi diff --git a/packaging/dbscripts/refreshStoredProcedures.sh b/packaging/dbscripts/refreshStoredProcedures.sh index bbde403..a78c136 100755 --- a/packaging/dbscripts/refreshStoredProcedures.sh +++ b/packaging/dbscripts/refreshStoredProcedures.sh @@ -40,12 +40,16 @@ done #Dropping all views & sps +echo "Saving custom users permissions on database objects..." +permissions="$(get_custom_user_permissions)" drop_views drop_sps #Refreshing all views & sps refresh_views refresh_sps +echo "Applying custom users permissions on database objects..." +execute_command "${permissions}" ${DATABASE} ${SERVERNAME} ${PORT} > /dev/null printf "Done.\n" popd>/dev/null -- To view, visit http://gerrit.ovirt.org/25881 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: If4ac85dc943fcb6a8f656a8ebeb172023e71c1ec Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: ovirt-engine-3.3 Gerrit-Owner: Eli Mesika <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
