Jira (PDB-2842) PDB should grant read-only access to different [read-database] user
Title: Message Title Wyatt Alt commented on PDB-2842 Re: PDB should grant read-only access to different [read-database] user This seems like a postgres configuration issue. I'd expect to see this if your read user did not have read access to the read database, and can reproduce the problem under that scenario. If my read and write users both have access to the database, I have no trouble executing queries despite separate users. Andrey Galkin can the user you're specifying as the read user actually read from the database itself, for instance through psql instead of PuppetDB? PuppetDB does not do any postgres configuration or permission management on behalf of the user, as the application does not have the required privileges. I think some kind of check on startup to ensure the read user has table access seems like a good idea. Add Comment This message was sent by Atlassian JIRA (v6.4.13#64028-sha1:b7939e9) -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com. To post to this group, send email to puppet-bugs@googlegroups.com. Visit this group at https://groups.google.com/group/puppet-bugs. For more options, visit https://groups.google.com/d/optout.
Jira (PDB-2842) PDB should grant read-only access to different [read-database] user
Title: Message Title Andrey Galkin created an issue PuppetDB / PDB-2842 PDB should grant read-only access to different [read-database] user Issue Type: Bug Affects Versions: PDB 4.1.2 Assignee: Unassigned Created: 2016/06/24 2:37 PM Priority: Normal Reporter: Andrey Galkin SITUATION: 1. [read-database] has different PostgreSQL user than in [database] section 2. The read-only user is allowed to connect to DB, but fails to query objects created by read-write user 3. Example output: WARN [o.e.j.s.HttpChannel] /pdb/query/v4/facts?query=[%22extract%22,[%22certname%22,%22name%22,%22value%22],[%22and%22,[%22in%22,%22certname%22,[%22extract%22,%22certname%22,[%22select_resources%22,[%22and%22,[%22=%22,%22type%22,%22Class %22],[%22=%22,%22title%22,%22Cftotalcontrol%22],[%22=%22,%22exported%22,false],[%22or%22,[%22=%22,%22name%22,%22cf_totalcontrol_key%22],[%22=%22,%22name%22,%22cf_totalcontrol_scope_keys%22