Skip to content
This repository has been archived by the owner on Nov 9, 2022. It is now read-only.

bootstrapping app-level authentication with limited user breaks deploy of REST apps #194

Closed
grtjn opened this issue Apr 3, 2014 · 3 comments
Closed

bootstrapping app-level authentication with limited user breaks deploy of REST apps #194

grtjn opened this issue Apr 3, 2014 · 3 comments
Assignees
@grtjn
Labels
deployer documentation
Milestone
v1.7.6

Comments

@grtjn
Copy link
Contributor

grtjn commented Apr 3, 2014

If bootstrapping with application-level authentication with a default user that only had rest-reader role (and not rest-writer), then deploy won't work.

Doing bootstrap twice to switch default user is a workaround, but cumbersome. It may be necessary to allow deployment of rest apps through xcc..
@grtjn grtjn mentioned this issue Apr 3, 2014
Closed
@grtjn
Copy link
Contributor Author

grtjn commented Apr 14, 2014

Workaround:

class ServerConfig
  alias_method :original_deploy_modules, :deploy_modules
  def deploy_modules()
    r = execute_query(%Q{
        xquery version "1.0-ml";

        import module namespace admin="http://marklogic.com/xdmp/admin" 
           at "/MarkLogic/admin.xqy";

        let $config := admin:get-configuration()
        let $config :=
          admin:appserver-set-default-user($config, xdmp:server("#{@properties["ml.app-name"]}"), xdmp:user("#{@properties["ml.user"]}"))
        return
          admin:save-configuration-without-restart($config)
      },
      :app_name => @properties["ml.app-name"]
    )

    original_deploy_modules

    r = execute_query(%Q{
        xquery version "1.0-ml";

        import module namespace admin="http://marklogic.com/xdmp/admin" 
           at "/MarkLogic/admin.xqy";

        let $config := admin:get-configuration()
        let $config :=
          admin:appserver-set-default-user($config, xdmp:server("#{@properties["ml.app-name"]}"), xdmp:user("#{@properties["ml.default-user"]}"))
        return
          admin:save-configuration-without-restart($config)
      },
      :app_name => @properties["ml.app-name"]
    )
  end
end

@grtjn
Copy link
Contributor Author

grtjn commented Apr 15, 2014

An alternative solution is probably to bypass the REST api web interface to get the extensions installed, but if the rest-api XQuery modules aren't designed to be used as internal module, then that creates an undesirable dependency..

@ghost ghost mentioned this issue May 31, 2016
Open
@grtjn grtjn mentioned this issue Jun 8, 2017
Closed
@grtjn
Copy link
Contributor Author

grtjn commented Jun 8, 2017

I think this was discussed in sufficient length in #668 already. I also added this wiki page to grab some example code from to solve this: https://github.com/marklogic/roxy/wiki/Switching-app-level-auth-during-deployment

@grtjn grtjn closed this as completed Jun 8, 2017
@grtjn grtjn self-assigned this Jun 8, 2017
@grtjn grtjn added this to the May 2017 milestone Jun 8, 2017
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@grtjn grtjn

Labels
deployer documentation
Projects
None yet
Milestone
v1.7.6
Development

No branches or pull requests
1 participant
@grtjn