From ce424a8186cb22e1e6ad15da8c56a0279248fdd0 Mon Sep 17 00:00:00 2001 From: Ian Murray Date: Fri, 14 Sep 2012 16:23:28 +0100 Subject: [PATCH] [#2733] Allow paster command to work across different postgres installations. The "postgres" user isn't always the superuser. --- ckanext/datastore/commands.py | 35 +++++++++++++++++++++++++++++------ ckanext/datastore/plugin.py | 2 +- 2 files changed, 30 insertions(+), 7 deletions(-) diff --git a/ckanext/datastore/commands.py b/ckanext/datastore/commands.py index caff788ca20..58dc344ee71 100644 --- a/ckanext/datastore/commands.py +++ b/ckanext/datastore/commands.py @@ -39,8 +39,15 @@ class SetupDatastoreCommand(CkanCommand): Usage:: - create-db - create the datastore database - create-read-only-user - create a read-only user for the datastore read url + paster datastore create-db + paster datastore create-read-only-user + + Where: + is the name of a postgres user with sufficient + permissions to create new tables, users, and grant + and revoke new permissions. Typically, this would + be the "postgres" user. + ''' summary = __doc__.split('\n')[0] usage = __doc__ @@ -67,15 +74,25 @@ def command(self): assert self.urlparts_w['db_name'] == self.urlparts_r['db_name'], "write and read db should be the same" if cmd == 'create-db': + if len(self.args) != 2: + print self.usage + return + self.sql_superuser = self.args[1] self.create_db() if self.verbose: print 'Creating DB: SUCCESS' elif cmd == 'create-read-only-user': + if len(self.args) != 2: + print self.usage + return + self.sql_superuser = self.args[1] self.create_read_only_user() if self.verbose: print 'Creating read-only user: SUCCESS' else: + print self.usage log.error('Command "%s" not recognized' % (cmd,)) + return def _get_db_config(self, name): from pylons import config @@ -93,15 +110,19 @@ def _run_cmd(self, command_line): if retcode != 0: raise SystemError('Command exited with errorcode: %i' % retcode) - def _run_sql(self, sql, database='postgres'): + def _run_sql(self, sql, as_sql_user, database='postgres'): if self.verbose: print "Executing: \n#####\n", sql, "\n####\nOn database:", database if not self.simulate: - self._run_cmd("sudo -u postgres psql {database} -c '{sql}'".format(sql=sql, database=database)) + self._run_cmd("psql --username='{username}' --dbname='{database}' -c '{sql}' -W".format( + username=as_sql_user, + database=database, + sql=sql + )) def create_db(self): sql = "create database {0}".format(self.urlparts_w['db_name']) - self._run_sql(sql) + self._run_sql(sql, as_sql_user=self.sql_superuser) def create_read_only_user(self): sql = read_only_user_sql.format( @@ -110,5 +131,7 @@ def create_read_only_user(self): ckanuser=self.urlparts_c['db_user'], readonlyuser=self.urlparts_r['db_user'], writeuser=self.urlparts_w['db_user']) - self._run_sql(sql, self.urlparts_w['db_name']) + self._run_sql(sql, + as_sql_user=self.sql_superuser, + database=self.urlparts_w['db_name']) diff --git a/ckanext/datastore/plugin.py b/ckanext/datastore/plugin.py index 6c0e564aabf..b2aad4cec8e 100644 --- a/ckanext/datastore/plugin.py +++ b/ckanext/datastore/plugin.py @@ -37,7 +37,7 @@ def configure(self, config): # Check whether we are running one of the paster commands which means # that we should ignore the following tests. import sys - if sys.argv[-1] in ['create-db', 'create-read-only-user']: + if sys.argv[0].split('/')[-1] == 'paster': log.warn("Omitting permission checks because you are " "running paster commands.") return