Mercurial > gemma
comparison schema/install-db.sh @ 470:638371a0e557
Do not touch existing roles on database setup
install-db.sh used to change passwords of standard login roles
if they already existed, e.g. when running run_tests.sh, thus
breaking everything relying on the previously set passwords.
Further, the messages stating the users had been created were
misleading in such cases.
It is an error now to run std_login_roles.sql without giving
passwords as variables to be interpolated.
Simple SELECT statements are used now to emit messages, because
variable interpolation is not possible within plpgsql code.
| author | Tom Gottfried <tom@intevation.de> |
|---|---|
| date | Wed, 22 Aug 2018 18:46:30 +0200 |
| parents | ab07eb290fa3 |
| children | 3af7ca761f6a |
comparison
equal
deleted
inserted
replaced
| 469:788c87b99bae | 470:638371a0e557 |
|---|---|
| 109 psql -qtv ON_ERROR_STOP= -p "$port" -d "$db" \ | 109 psql -qtv ON_ERROR_STOP= -p "$port" -d "$db" \ |
| 110 -c "SET client_min_messages TO WARNING;" \ | 110 -c "SET client_min_messages TO WARNING;" \ |
| 111 -f "$BASEDIR/gemma.sql" \ | 111 -f "$BASEDIR/gemma.sql" \ |
| 112 -f "$BASEDIR/manage_users.sql" \ | 112 -f "$BASEDIR/manage_users.sql" \ |
| 113 -f "$BASEDIR/auth.sql" | 113 -f "$BASEDIR/auth.sql" |
| 114 | |
| 115 # setup initial login roles with given passwords: | |
| 114 psql -qt -p "$port" -d "$db" \ | 116 psql -qt -p "$port" -d "$db" \ |
| 117 -v adminpw="$adminpw" -v servicepw="$servicepw" -v metapw="$metapw" \ | |
| 115 -f "$BASEDIR/std_login_roles.sql" | 118 -f "$BASEDIR/std_login_roles.sql" |
| 116 | 119 |
| 117 if [[ $demo -eq 1 ]] ; then | 120 if [[ $demo -eq 1 ]] ; then |
| 118 psql -qv ON_ERROR_STOP= -p "$port" \ | 121 psql -qv ON_ERROR_STOP= -p "$port" \ |
| 119 -f "$BASEDIR/demo-data/responsibility_areas.sql" \ | 122 -f "$BASEDIR/demo-data/responsibility_areas.sql" \ |
| 120 -f "$BASEDIR/demo-data/users.sql" -d "$db" | 123 -f "$BASEDIR/demo-data/users.sql" -d "$db" |
| 121 psql -q -p "$port" -f "$BASEDIR/demo-data/roles.sql" \ | 124 psql -q -p "$port" -f "$BASEDIR/demo-data/roles.sql" \ |
| 122 -d "$db" | 125 -d "$db" |
| 123 | 126 |
| 124 fi | 127 fi |
| 125 # set passwords: | 128 |
| 126 psql -qt -p "$port" -d "$db" \ | |
| 127 -c "ALTER ROLE sysadmin PASSWORD '$adminpw'" | |
| 128 psql -qt -p "$port" -d "$db" \ | |
| 129 -c "ALTER ROLE gemma_service PASSWORD '$servicepw'" | |
| 130 psql -qt -p "$port" -d "$db" \ | |
| 131 -c "ALTER ROLE meta_login PASSWORD '$metapw'" | |
| 132 echo "Default admin user 'sysadmin' created with password '$adminpw'." | |
| 133 echo "Back end user 'gemma_service' created with password '$servicepw'." | |
| 134 echo "Back end user 'meta_login' created with password '$metapw'." | |
| 135 else | 129 else |
| 136 # Evil mode: drop everything gemma | 130 # Evil mode: drop everything gemma |
| 137 echo "Really drop database '$db' and all gemma roles? [type 'yes']: " | 131 echo "Really drop database '$db' and all gemma roles? [type 'yes']: " |
| 138 read a | 132 read a |
| 139 if [[ $a == "yes" ]] ; then | 133 if [[ $a == "yes" ]] ; then |