I'm writing a rails application that reads data from another (legacy, cause it hasn't got any unit tests...) systems' tables. It does not have any permissions on those tables (eventually, it will embrace and extend...)
I am sharing the same database (postgresql), and the two applications have separate database users. When I load my initial fixtures, I get complaints because rails tries to alter all the tables to enable triggers. Can I turn this off?
PGError: ERROR: must be owner of relation auth_message : ALTER TABLE "auth_message" ENABLE TRIGGER ALL;ALTER TABLE "django_session" ENABLE TRIGGER ALL;ALTER TABLE "django_site" ENABLE TRIGGER ALL;ALTER TABLE "django_admin_log" ENABLE TRIGGER ALL;ALTER TABLE "d开发者_开发知识库jango_content_type"...
The simple solution here is (logging in to pgAdmin or psql:
ALTER TABLE auth_message OWNER TO [your_username];
Then your commands will work. You could also wrap the changes in a stored procedure which could be set SECURITY DEFINER to allow the changes by other users.
This may not be the answer you want to hear but basically you have only three options and this is by far the best. In order to alter a table you must be the owner or be superuser, so....
You can do the above (recommended)
You can make sure both applications use the same username for schema changes (I assume there is a good reason you didn't do this).
You can make your db user a superuser, but that circumvents all other permissions checks.
I think your real solution is to make sure that db alterations are only coming from one app.
EDIT:
Actually I just thought of a better way to do this.
CREATE ROLE auth_message_owner WITH INHERIT NOLOGIN;
ALTER TABLE auth_message OWNER TO auth_message_owner;
GRANT auth_message_owner TO [app_user_1];
GRANT auth_message_owner TO [app_user_2];
This will let two different db users share ownership of the table.
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论