wojciech.kapcia@tigase.net opened 5 years ago
|
|
I would say that if you pass credentials for an account (database account) which is the owner of the database (not superuser), then it should already work. Then the only thing would be to "notify" users about it. |
|
I am kind of hesitant to complicate logic on the Tigase just for this. I would rather have 2 options:
|
|
@kobit It wouldn't complicate the logic that much (not more than it already is). Benefit would be purely PR - "look, we care about security and privacy" et al. As @andrzej.wojcik correctly pointed out, this should work just fine right now (passing user credential as root credential) so the work would be:
This could possibly make updating ( |
|
ok |
|
in #helpdeskpr-572 and #helpdeskpr-585 and interesting issue was risen: we don't pass all configured parameters from the configuration file to the SchemaUpgrade. It should be relatively straightforward to handle this in |
|
Feature implemented. Please merge https://github.com/tigase/tigase-server/pull/110 and https://github.com/tigase/tigase-http-api/pull/7 Note: There is a Note: |
|
Yes, this is OK and was part of the task. I reviewed the changes and tested them. There was an issue with installing |
|
Small addendum - it seems that the limitations to install uuid extension were changed in recent versions of the postgresql. After reviving our TTS-NG postgresql build failed with "Failure: ERROR: permission denied to create extension "uuid-ossp"" (https://tc.tigase.net/buildConfiguration/TigaseTtsNgTests_PostgreSQL/94409?showLog=94409_1142_81.1184). I bumped postgresql version from 11 to 13 and it works. Minimal postgresql version will have to be updated in the documentation. |
|
Documentation updated, minimum recommended version set to 13, added note that older version requires manual installation of of uuid extension. |
Type |
Task
|
Priority |
Normal
|
Assignee | |
Version |
tigase-server-8.2.0
|
Spent time |
4h 45m
|
Subsystem |
Database
|
-
tigase-private/Tigase Private#485 You are not authorized to access this issue
-
helpdesk/helpdesk-priv#572 You are not authorized to access this issue
-
helpdesk/helpdesk-priv#585 You are not authorized to access this issue
It seems it would be sensible to allow schema installation/preparation without root credentials. In that case it would be assumed that username/password/database already exist and we would only load required schema / SPs.
@kobit @andrzej.wojcik @bmalkow - comments?
(issue created as result of recent external comments)
in #helpdeskpr-572 and #helpdeskpr-585 and interesting issue was risen: we don't pass all configured parameters from the configuration file to the SchemaUpgrade. It should be relatively straightforward to handle this in tigase.db.util.DBSchemaLoader.Parameters#parseUri and additional map with all unknown properties.