Hi Dmitry, Please see my comments inline.
On Wed, Oct 1, 2014 at 9:49 PM, Dmitry Sotnikov <dmi...@wso2.com> wrote: > Amalka, > > Thanks! For your #1, what will happen when you get to the limit? Will > database creation fail? Or is there code to handle it gracefully? How? > > For #2, default@Development sounds pretty meaningless. Is that > all-powerful all-permission templates? Why not call it admin@Development? > Other than that, if this prevents all these multiple identical permission > templates from being created with each database - this would be a good > thing! > > Ideally, in the future we also delete the temporary user accounts when > databases are deleted or find another way to prevent the current > proliferation of the temp accounts... > Proliferation of user accounts - This is not possible due to a limitation in SS API. There is no way to identify whether a user is attached to more than one database, hence we cannot delete them upon database deletion. I have already created a JIRA for SS guys. thanks, dimuthu > Dmitry > > On Wed, Oct 1, 2014 at 7:09 AM, Amalka Subasinghe <ama...@wso2.com> wrote: > >> Hi All, >> >> *I fixed the add new database function as follows: (Issue 1)* >> >> 1. add new database first time 'db001' >> System will create database: 'db001_wso2_com', dbuser: 'db001_xxxxx'. >> >> 2. drop the database 'db001' >> System will drop only the database; dbuser will be remain in the system >> >> 3. add new database with the same name 'db001' >> System will get the number of users who has the name starting with >> 'db001'; this time ..it's 1. So system will create the new user as >> 'db0011_xxxxx'. (appending 1 at the end of the database name) >> >> like wise every time when we create the new database with the same name >> (after dropping) it will append the number of users (name staring with >> 'db001') exist in the system, for the dbuser name. >> Please note, storage server allows only 7 characters for database and >> dbuser names. So I had to limit the character length of database and dbuser >> to 5. Remaining 2 characters are for appending the number. >> >> >> *Planning to fix the Issue 2 as follows* >> >> When we create new database each time it creates a new template. My idea >> is to keep one default template 'default@Development' with all the >> permission and attach that to the each database. >> >> - When user creates a new database, if the 'default@Development' >> template exist; it will assign to the database, else system creates default >> template 'default@Development' and assign. >> - If user want to give a different permission list, he/she has to create >> a custom template and assign to the database >> >> Please share your thoughts on this >> >> Thanks >> Amalka >> >> On Tue, Sep 30, 2014 at 11:54 PM, Dmitry Sotnikov <dmi...@wso2.com> >> wrote: >> >>> Thanks Amalka! >>> >>> You have reproduced the issue correctly. >>> >>> Here's what I think would work: >>> >>> * This default mode that automatically associates a user account should >>> always do so. Product behavior needs to be consistent. >>> >>> As far as I understand, the current behavior happens because of the >>> account name clash and we have some sort of code that tries to generate the >>> account, gets the clash and then neither generates the account nor >>> associates the existing one (what does it do with the password? just >>> ignores the new password?) >>> >>> Quick and easy fix, if you do not have time for more changes: >>> 1. Fix this particular handling code, and in the event of name clash, >>> add a number to the name to make it unique - so behavior is consistent. >>> >>> Suggested other/better/longer-term possible changes to make the behavior >>> more intuitive (comments from everyone are welcome): >>> 2. If I am deleting a database and it is the only one using a user >>> account and permission template, delete the account and template as well >>> (probably have the corresponding checkboxes on the confirmation window). >>> >>> Are you sure you want to permanently delete database TestDB65765 in >>> Development? >>> [X] Also, delete user account TestDB65765 associated with this database >>> and its permission template >>> >>> [Cancel] [Delete] >>> >>> 3. Create a set of DB permission templates (e.g. Admin, View-Only) and >>> have them available for user accounts: >>> 3.a. By default assign Admin, >>> 3.b. Give in the corresponding advanced screens ability to create custom >>> permission templates - this needs to be explicit choice though, >>> 3.c. Admin and View-Only templates cannot be edited. When user tries to >>> edit it, he/she is asked to provide a new custom name. >>> >>> What do you all think? >>> >>> Dmitry >>> >>> On Tue, Sep 30, 2014 at 9:38 AM, Amalka Subasinghe <ama...@wso2.com> >>> wrote: >>> >>>> Hi, >>>> >>>> Currently I'm working on the Jira [1]. Here we have two issues: >>>> >>>> *Issue 1:* >>>> 1. create a database name "db001" -> this will create database, dbuser >>>> and template >>>> 2. click on the database and see database configuration -> under the >>>> 'attached user' section shows dbuser >>>> 3. delete the database >>>> 4. again create the database with the same name "db001" >>>> 5. click on the database and see database configuration >>>> >>>> Actual result : >>>> a. No database user under 'attached user' section, >>>> b. 'Attach new user' -> 'User name' drop down shows the user which >>>> created previously. >>>> c. 'Attach new user' -> 'Permission template drop down' section shows >>>> the 2 templates with the same name 'db001@Development' >>>> >>>> What should be the expected result here? >>>> 1. Are we allowing user to create the database with the same name >>>> again? if so shall we attached the already exist dbuser and the template to >>>> the database? >>>> 2. I think we need to stop creating second template with the same name >>>> 'db001@Development'. right? >>>> >>>> >>>> *Issue 2:* >>>> In the Jira, it has asked to change the template names as "Admin" or >>>> "Read-only" instead of 'db001@Development'. >>>> Here, my concern is, when we create the database, template will be >>>> automatically created with all the permission (So we can call it as 'Admin' >>>> template), but if the user change the permissions later, then calling the >>>> template as 'Admin' will not be matching. So, current template name is fine >>>> for me. WDYT? >>>> >>>> >>>> [1] https://wso2.org/jira/browse/APPFAC-2521 >>>> >>>> Thanks >>>> Amalka >>>> >>>> >>> >>> >>> -- >>> Dmitry Sotnikov >>> VP of Cloud; WSO2, Inc.; http://wso2.com/ >>> email: dmi...@wso2.com; cell: +1.949.303.9653; Skype: DSotnikov >>> Lean . Enterprise . Middleware >>> >>> <http://wso2.com/events/> >>> >> >> >> >> -- >> >> Amalka Subasinghe >> >> WSO2 Inc. >> Mobile: +94 77 9401267 >> > > > > -- > Dmitry Sotnikov > VP of Cloud; WSO2, Inc.; http://wso2.com/ > email: dmi...@wso2.com; cell: +1.949.303.9653; Skype: DSotnikov > Lean . Enterprise . Middleware > > <http://wso2.com/events/> > -- Dimuthu Leelarathne Architect & Product Lead of App Factory WSO2, Inc. (http://wso2.com) email: dimut...@wso2.com Mobile : 0773661935 Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev