Skip to content
This repository was archived by the owner on Nov 24, 2025. It is now read-only.
This repository was archived by the owner on Nov 24, 2025. It is now read-only.

TO extension user changed role in 2.1 and keeps To...Checks from working #1419

Closed
Closed
TO extension user changed role in 2.1 and keeps To...Checks from working#1419
Labels
Traffic Opsrelated to Traffic Opsbugsomething isn't working as intended
@hbeatty

Description

@hbeatty
hbeatty
opened on Oct 16, 2017

This only affects an install from scratch.

In 1.8 the 'operations' role 'id' was 3.

mysql> SELECT * FROM role;
+----+----------------+------------------------------------------+------------+
| id | name           | description                              | priv_level |
+----+----------------+------------------------------------------+------------+
|  1 | disallowed     | Block all access                         |          0 |
|  2 | read-only user | Block all access                         |         10 |
|  3 | operations     | Block all access                         |         20 |
|  4 | admin          | super-user                               |         30 |
|  5 | portal         | Portal User                              |          2 |
|  6 | migrations     | database migrations user - DO NOT REMOVE |         20 |
|  7 | federation     | Role for Secondary CZF                   |         15 |
|  8 | steering       | Role for Steering Delivery Services      |         15 |
|  9 | deploy         | Deployment role                          |         15 |
+----+----------------+------------------------------------------+------------+

Which matched the 'extension' user that the To...Checks use to be able to make updates.

traffic_ops=> SELECT id, username, role, token FROM tm_user;
 id | username  | role |                token                 
----+-----------+------+--------------------------------------
  1 | extension |    3 | 91504CE6-8E4A-46B2-9F9F-FE7C15228498
  2 | admin     |    1 |

In 2.1 the operations role has moved to id 2.

traffic_ops=> SELECT * FROM role;
 id |    name    |             description             | priv_level 
----+------------+-------------------------------------+------------
  1 | admin      | super-user                          |         30
  2 | operations | Operations user                     |         20
  3 | federation | Role for Secondary CZF              |         15
  4 | steering   | Role for Steering Delivery Services |         15
  5 | ort        | ORT User                            |         11
  6 | read-only  | Read-Only user                      |         10
  7 | portal     | Portal User                         |          2
  8 | disallowed | Block all access                    |          0
(8 rows)

The extension user is added in the seeds.sql file

-- users
insert into tm_user (username, role, full_name, token) values ('extension', 3, 'Extension User, DO NOT DELETE', '91504CE6-8E4A-46B2-9F9F-FE7C15228498') ON CONFLICT DO NOTHING;

A quick fix for this is to update the extension user role in the DB. Updating via the UI requires setting a pw for the extension user.

traffic_ops=> UPDATE tm_user SET role=2 WHERE id=1;
UPDATE 1
traffic_ops=> SELECT id, username, role, token FROM tm_user;
 id | username  | role |                token                 
----+-----------+------+--------------------------------------
  2 | admin     |    1 | 
  1 | extension |    2 | 91504CE6-8E4A-46B2-9F9F-FE7C15228498

Metadata

Metadata

Assignees

No one assigned

    Labels

    Traffic Opsrelated to Traffic Opsbugsomething isn't working as intended

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions