nik/davical
1
0
Fork 0
mirror of https://gitlab.com/davical-project/davical.git synced 2026-05-31 03:34:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Allow this utility to change the owner of the tables.

Browse Source
This commit is contained in:
Andrew McMillan 2008-04-13 00:16:05 +12:00
parent 75620d8567
commit c9568f6a40
1 changed files with 29 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
dba/update-rscds-database
View File

@ -10,8 +10,6 @@ use DBI;
use POSIX qw(floor); use POSIX qw(floor);
use Getopt::Long qw(:config permute); # allow mixed args. use Getopt::Long qw(:config permute); # allow mixed args.
use YAML qw( LoadFile );
# Options variables # Options variables
my $debug = 0; my $debug = 0;
my $dbname = "rscds"; my $dbname = "rscds";
@ -23,6 +21,7 @@ my $appuser = "general";
my $helpmeplease = 0; my $helpmeplease = 0;
my $apply_patches = 1; my $apply_patches = 1;
my $revoke_list = ""; my $revoke_list = "";
my $force_owner = "";
my $config_file = "config/administration.yml"; my $config_file = "config/administration.yml";
my $dbadir = $0; my $dbadir = $0;
@ -41,6 +40,8 @@ if ( ! -f $config_file ) {
$config_file = "/etc/davical/administration.yml"; $config_file = "/etc/davical/administration.yml";
} }
if ( -f $config_file ) { if ( -f $config_file ) {
use YAML qw( LoadFile );
my ($ycfg) = LoadFile($config_file); my ($ycfg) = LoadFile($config_file);
$dbuser = $ycfg->{'admin_db_user'} if ( defined($ycfg->{'admin_db_user'})); $dbuser = $ycfg->{'admin_db_user'} if ( defined($ycfg->{'admin_db_user'}));
$dbpass = $ycfg->{'admin_db_pass'} if ( defined($ycfg->{'admin_db_pass'})); $dbpass = $ycfg->{'admin_db_pass'} if ( defined($ycfg->{'admin_db_pass'}));
@ -58,6 +59,7 @@ GetOptions ('debug!' => \$debug,
'dbhost=s' => \$dbhost, 'dbhost=s' => \$dbhost,
'appuser=s' => \$appuser, 'appuser=s' => \$appuser,
'patch!' => \$apply_patches, 'patch!' => \$apply_patches,
'owner=s' => \$force_owner,
'revoke=s' => \$revoke_list, 'revoke=s' => \$revoke_list,
'help' => \$helpmeplease ); 'help' => \$helpmeplease );
@ -288,15 +290,30 @@ sub apply_permissions {
/^\s*ON\s+(\S.*)\s*$/i && do { /^\s*ON\s+(\S.*)\s*$/i && do {
defined($current_grant) or die "No GRANT before ON in $permsfile\n"; defined($current_grant) or die "No GRANT before ON in $permsfile\n";
my $doohickeys = $1; my $doohickey = $1;
$sql = sprintf( "REVOKE ALL ON %s FROM %s %s", $doohickeys, $appuser, $revoke_list ); if ( $revoke_list ne "" ) {
# TODO: we should really loop through the revoke_list so that a single non-existent
# user doesn't cause this whole statement to fail.
$sql = sprintf( "REVOKE ALL ON %s FROM %s %s", $doohickey, $appuser, $revoke_list );
print $sql, "\n" if ( $debug );
$dbh->do($sql);
}
$sql = sprintf( "GRANT %s on %s to %s", $current_grant, $doohickey, $appuser );
print $sql, "\n" if ( $debug ); print $sql, "\n" if ( $debug );
$dbh->do($sql); $dbh->do($sql);
$sql = sprintf( "GRANT %s on %s to %s", $current_grant, $doohickeys, $appuser ); if ( $force_owner ne "" ) {
print $sql, "\n" if ( $debug ); if ( $doohickey =~ /_seq$/ ) {
$dbh->do($sql); $sql = sprintf( "GRANT ALL on %s to %s", $current_grant, $doohickey, $force_owner );
}
else {
$sql = sprintf( "ALTER TABLE %s OWNER to %s", $doohickey, $force_owner );
}
print $sql, "\n" if ( $debug );
$dbh->do($sql);
}
}; };
} }
@ -320,8 +337,11 @@ Options are:
--dbuser name Connect to the database as this user. --dbuser name Connect to the database as this user.
--dbport 5432 Connect to the database on this port. --dbport 5432 Connect to the database on this port.
--dbhost name Connect to the database on this host. --dbhost name Connect to the database on this host.
--appuser name The username which the application uses for it's database --appuser name The database username which the application uses for it's
connection. database connection.
--owner name The database username which is used for administrative
access to the database. This option forces the tables
to be owned by this user (default: not present).
--nopatch Don't try and apply any patches --nopatch Don't try and apply any patches
--revoke name Revoke permissions from this user --revoke name Revoke permissions from this user