Eli Mesika has uploaded a new change for review.

Change subject: core: preserve custom db users permissions on...
......................................................................

core: preserve custom db users permissions on...

preserve custom db users permissions on upgrade

Up to this patch if custom users were added and assign privileges on DB
objects those privileges were removed when the db was updated or
refreshed.

This patch backups the privileges assigned to custom users and apply
them after the database was upgraded or refreshed.

Change-Id: If4ac85dc943fcb6a8f656a8ebeb172023e71c1ec
Bug-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1073471
Signed-off-by: Eli Mesika <[email protected]>
---
M packaging/dbscripts/dbfunc-common.sh
1 file changed, 23 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/52/25552/1

diff --git a/packaging/dbscripts/dbfunc-common.sh 
b/packaging/dbscripts/dbfunc-common.sh
index 5e64e36..e687c08 100644
--- a/packaging/dbscripts/dbfunc-common.sh
+++ b/packaging/dbscripts/dbfunc-common.sh
@@ -66,8 +66,10 @@
 }
 
 dbfunc_common_schema_refresh() {
+       _dbfunc_common_save_custom_user_permissions
        _dbfunc_common_schema_refresh_drop
        _dbfunc_common_schema_refresh_create
+       _dbfunc_common_restore_custom_user_permissions
 }
 
 # gets the configuration value of the given option name and version.
@@ -272,7 +274,26 @@
        dbfunc_psql_die --file="${DBFUNC_COMMON_DBSCRIPTS_DIR}/common_sp.sql" > 
/dev/null
 }
 
+_dbfunc_common_save_custom_user_permissions() {
+       local 
permissions_file="${DBFUNC_COMMON_DBSCRIPTS_DIR}/__temp_user_custom_permissions.sql"
+       echo "Saving custom users permissions on database objects..."
+       # Looking for permissions not related to postgres, engine or public 
(custom user permissions)
+       pg_dump -U "${DBFUNC_DB_USER}" -h "${DBFUNC_DB_HOST}" -p 
"${DBFUNC_DB_PORT}" -s -w "${DBFUNC_DB_DATABASE}" |grep -v -i postgres |grep -v 
-i engine | grep -v -i public | grep -E "^GRANT" > "${permissions_file}"
+}
+
+_dbfunc_common_restore_custom_user_permissions() {
+       local 
permissions_file="${DBFUNC_COMMON_DBSCRIPTS_DIR}/__temp_user_custom_permissions.sql"
+       echo "Restoring custom users permissions on database objects..."
+       if [ -f "${permissions_file}" ]; then
+               dbfunc_psql_die 
--file="${DBFUNC_COMMON_DBSCRIPTS_DIR}/__temp_user_custom_permissions.sql" > 
/dev/null
+               rm -f "${permissions_file}"
+       fi
+}
+
+
 _dbfunc_common_run_pre_upgrade() {
+       # save any specific permissions given to custom users
+       _dbfunc_common_save_custom_user_permissions
        #Dropping all views & sps
        _dbfunc_common_schema_refresh_drop
        # common stored procedures are executed first (for new added functions 
to be valid)
@@ -304,6 +325,8 @@
                fi
        fi
        dbfunc_common_hook_materialized_viewsrefresh_
+       # restore any specific permissions given to custom users
+       _dbfunc_common_restore_custom_user_permissions
 }
 
 # Runs all the SQL scripts in directory upgrade/$1/


-- 
To view, visit http://gerrit.ovirt.org/25552
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: If4ac85dc943fcb6a8f656a8ebeb172023e71c1ec
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-engine
Gerrit-Branch: master
Gerrit-Owner: Eli Mesika <[email protected]>
_______________________________________________
Engine-patches mailing list
[email protected]
http://lists.ovirt.org/mailman/listinfo/engine-patches

Reply via email to