Description of problem: Check & stop upgrade in case there are objects in DB not owned by engine user. This routine should prevent from failing upgrade in later stage. This could currently happened in case user perform materialized views (& other changes) by different user (eg: postgres). Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. login as user postgres 2. replace view - eg: creatematerializedviewas('vm_device_view',10); 3. Actual results: upgrade will fail & rollback will run Expected results: put permissions check at very start of upgrade script among other checks Additional info:
We must first create our objects in our own schema for that and not in 'public'
this is what had been concluded with Barak until BZ 951923 will be implemented in 3.3 we will have a temporary utility for this that will check only Materialized Views definitions for proper ownership by user 'engine'
Proposed solution : 1) Setup will validate objects owner and exit with a message listing all objects that are not owned by engine 2) The MV SPs that creates database objects will use PG current_user to verify that the user creating the MVs is engine
(In reply to Eli Mesika from comment #4) > Proposed solution : > > 1) Setup will validate objects owner and exit with a message listing all > objects that are not owned by engine In other words: if object were created with user other than the engine user, these must be manually fixed before installation can proceed. Please ACK.
(In reply to Alon Bar-Lev from comment #5) > (In reply to Eli Mesika from comment #4) > > Proposed solution : > > > > 1) Setup will validate objects owner and exit with a message listing all > > objects that are not owned by engine > > In other words: if object were created with user other than the engine user, > these must be manually fixed before installation can proceed. > > Please ACK. ACK
(In reply to Eli Mesika from comment #4) > Proposed solution : > > 1) Setup will validate objects owner and exit with a message listing all > objects that are not owned by engine > > 2) The MV SPs that creates database objects will use PG current_user to > verify that the user creating the MVs is engine Patch addresses issue 2) 1) should be done by the installer
fixed in commit : af7e115
Please provide verification steps. Thank you.
(In reply to Jiri Belka from comment #9) > Please provide verification steps. Thank you. 1) create an empty database from root account run su - postgres -c "psql -d template1 -c \"create database engine_960063 owner engine;\"" 2) from dbscripts dir run ./create_schema.sh -u engine -d engine_960063 3) run psql -U postgres -c "select * from CreateMaterializedView('v_vds', 'vds', 30, false, 60);" engine_960063 you should get: ERROR: Materialized view v_vds should be created with user 'engine'.
ok, is20.1
Closing - RHEV 3.3 Released