Skip to content

Commit

Permalink
CC-1559: Added support for creating DB/repo specific schemas.
Browse files Browse the repository at this point in the history
  • Loading branch information
remillet committed Jan 28, 2021
1 parent 8c2e14f commit 0ddd9d5
Show file tree
Hide file tree
Showing 3 changed files with 116 additions and 22 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,8 @@ private static void mirrorToStdOut(String str) {
private static final String DROP_OBJECTS_SQL_COMMENT = "-- drop all the objects before dropping roles";
private static final String CSPACE_JEESERVER_HOME = "CSPACE_JEESERVER_HOME";

private static final String CSPACE_UTILS_SCHEMANAME = "utils";

private ServiceMain() {
// Intentionally blank
}
Expand Down Expand Up @@ -770,7 +772,7 @@ public void firePostInitHandlers() throws Exception {
Object o = instantiate(initHandlerClassname, IInitHandler.class);
if (o != null && o instanceof IInitHandler){
IInitHandler handler = (IInitHandler)o;
handler.onRepositoryInitialized(JDBCTools.NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId,
handler.onRepositoryInitialized(JDBCTools.CSADMIN_NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId,
sbt, fields, props);
//The InitHandler may be the default one,
// or specialized classes which still implement this interface and are registered in tenant-bindings.xml.
Expand Down Expand Up @@ -957,7 +959,8 @@ private HashSet<String> createNuxeoDatabases() throws Exception {
JDBCTools.createNewDatabaseUser(JDBCTools.CSADMIN_DATASOURCE_NAME, repositoryName, cspaceInstanceId, dbType, readerUser, readerPW);
}
// Create the database
createDatabaseWithRights(dbType, dbName, nuxeoUser, nuxeoPW, readerUser, readerPW);
createDatabaseWithRights(dbType, dbName, nuxeoUser, nuxeoPW, readerUser);
createUtilsSchemaWithRights(dbType, nuxeoUser, repositoryName, cspaceInstanceId);
initRepositoryDatabaseVersion(JDBCTools.NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId);
}
nuxeoDBsChecked.add(dbName);
Expand All @@ -984,7 +987,7 @@ private HashSet<String> createNuxeoDatabases() throws Exception {
* @throws Exception
*/
private void createDatabaseWithRights(DatabaseProductType dbType, String dbName, String ownerName,
String ownerPW, String readerName, String readerPW) throws Exception {
String ownerPW, String readerName) throws Exception {
Connection conn = null;
Statement stmt = null;

Expand All @@ -1009,30 +1012,56 @@ private void createDatabaseWithRights(DatabaseProductType dbType, String dbName,
}
// Note that select rights for reader must be granted after
// Nuxeo startup.
} else if (dbType == DatabaseProductType.MYSQL) {
sql = "CREATE database " + dbName + " DEFAULT CHARACTER SET utf8";
stmt.executeUpdate(sql);
sql = "GRANT ALL PRIVILEGES ON " + dbName + ".* TO '" + ownerName + "'@'localhost' IDENTIFIED BY '"
+ ownerPW + "' WITH GRANT OPTION";
} else {
throw new UnsupportedOperationException(String.format("", dbType));
}
} catch (Exception e) {
String errMsg = String.format("The following SQL statement failed using credentials from datasource '%s': %s",
JDBCTools.CSADMIN_DATASOURCE_NAME, sql);
logger.error("createDatabaseWithRights failed on exception: " + e.getLocalizedMessage());
if (errMsg != null) {
logger.error(errMsg);
}
throw e; // propagate
} finally { // close resources
try {
if (stmt != null) {
stmt.close();
}
if (conn != null) {
conn.close();
}
} catch (SQLException se) {
se.printStackTrace();
}
}
}

/*
* For a specific repo/db, create a schema for misc SQL functions
*/
private void createUtilsSchemaWithRights(DatabaseProductType dbType, String ownerName,
String repositoryName, String cspaceInstanceId) throws Exception {
Connection conn = null;
Statement stmt = null;

String sql = null;
try {
conn = JDBCTools.getConnection(JDBCTools.CSADMIN_NUXEO_DATASOURCE_NAME, repositoryName, cspaceInstanceId);
stmt = conn.createStatement();
if (dbType == DatabaseProductType.POSTGRESQL) {
sql = "CREATE SCHEMA IF NOT EXISTS " + CSPACE_UTILS_SCHEMANAME + " AUTHORIZATION " + ownerName;
stmt.executeUpdate(sql);
if (logger.isDebugEnabled()) {
logger.debug("Created db: '" + dbName + "' with owner: '" + ownerName + "'");
}
if (readerName != null) {
sql = "GRANT SELECT ON " + dbName + ".* TO '" + readerName + "'@'localhost' IDENTIFIED BY '"
+ readerPW + "' WITH GRANT OPTION";
stmt.executeUpdate(sql);
if (logger.isDebugEnabled()) {
logger.debug(" Granted SELECT rights on: '" + dbName + "' to reader: '" + readerName + "'");
}
logger.debug("Created SCHEMA: '" + CSPACE_UTILS_SCHEMANAME + "' with owner: '" + ownerName + "'");
}
} else {
throw new UnsupportedOperationException("createDatabaseWithRights only supports PSQL - MySQL NYI!");
throw new UnsupportedOperationException("CollectionSpace supports only PostgreSQL database servers.");
}
} catch (Exception e) {
String errMsg = String.format("The following SQL statement failed using credentials from datasource '%s': %s",
JDBCTools.CSADMIN_DATASOURCE_NAME, sql);
logger.error("createDatabaseWithRights failed on exception: " + e.getLocalizedMessage());
JDBCTools.CSADMIN_NUXEO_DATASOURCE_NAME, sql);
logger.error("createUtilsSchemaWithRights() failed with exception: " + e.getLocalizedMessage());
if (errMsg != null) {
logger.error(errMsg);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,8 @@ BEGIN
SELECT *
FROM pg_catalog.pg_group
WHERE groname = 'reporters_pahma') THEN

GRANT SELECT ON ALL TABLES IN SCHEMA public TO GROUP reporters_pahma;
ELSE
CREATE ROLE reporters_pahma with nologin;
END IF;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO GROUP reporters_pahma;
END $$;
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
<?xml version="1.0" encoding="UTF-8"?>
<document name="collectionobjects">
<ns2:collectionobjects_common xmlns:ns2="http://collectionspace.org/services/collectionobject" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<objectNumber>2021NAGPRASAMPLE</objectNumber>
</ns2:collectionobjects_common>
<ns2:collectionobjects_nagpra xmlns:ns2="http://collectionspace.org/services/collectionobject/domain/nagpra" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<graveAssocCodes>
<graveAssocCode>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(pahmaNagpraCodeLegacies):item:name(pahmaNagpraCodeLegacies10)' 10: not reportable'</graveAssocCode>
</graveAssocCodes>
<repatriationNotes>
<repatriationNote>Repat notes for MN 2021NAGPRASAMPLE</repatriationNote>
</repatriationNotes>
<nagpraCategories>
<nagpraCategory>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(nagpraPahmaApplicabilities):item:name(nagpraPahmaApplicabilities01)'affiliated human skeletal remains (HSR)'</nagpraCategory>
</nagpraCategories>
<nagpraReportFiledGroupList>
<nagpraReportFiledGroup>
<nagpraReportFiledWith>urn:cspace:pahma.cspace.berkeley.edu:orgauthorities:name(organization):item:name(NAGPRA1611346562666)'NAGPRA'</nagpraReportFiledWith>
<nagpraReportFiledNote>RH note for PAHMA-NAGPRA Staff</nagpraReportFiledNote>
<nagpraReportFiledDate>
<scalarValuesComputed>true</scalarValuesComputed>
<dateEarliestSingleCertainty/>
<dateEarliestSingleQualifierUnit/>
<dateDisplayDate>1/1/2001</dateDisplayDate>
<dateLatestScalarValue>2001-01-02T00:00:00.000Z</dateLatestScalarValue>
<dateEarliestSingleQualifierValue/>
<datePeriod/>
<dateLatestEra/>
<dateEarliestSingleDay>1</dateEarliestSingleDay>
<dateEarliestSingleQualifier/>
<dateEarliestSingleYear>2001</dateEarliestSingleYear>
<dateLatestCertainty/>
<dateAssociation/>
<dateLatestDay/>
<dateEarliestSingleMonth>1</dateEarliestSingleMonth>
<dateEarliestSingleEra>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(dateera):item:name(ce)'CE'</dateEarliestSingleEra>
<dateLatestYear/>
<dateLatestQualifierUnit/>
<dateNote/>
<dateLatestQualifierValue/>
<dateLatestQualifier/>
<dateEarliestScalarValue>2001-01-01T00:00:00.000Z</dateEarliestScalarValue>
<dateLatestMonth/>
</nagpraReportFiledDate>
<nagpraReportFiled>true</nagpraReportFiled>
<nagpraReportFiledBy>urn:cspace:pahma.cspace.berkeley.edu:orgauthorities:name(organization):item:name(PAHMANAGPRAStaff1611346539517)'PAHMA-NAGPRA Staff'</nagpraReportFiledBy>
</nagpraReportFiledGroup>
</nagpraReportFiledGroupList>
<nagpraCulturalDeterminations>
<nagpraCulturalDetermination>PAHMA cultural determination notes for 2021NAGPRASAMPLE</nagpraCulturalDetermination>
</nagpraCulturalDeterminations>
<nagpraInventoryNames>
<nagpraInventoryName>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(nagpraPahmaInventoryNames):item:name(nagpraPahmaInventoryNames01)'AK-Alaska'</nagpraInventoryName>
</nagpraInventoryNames>
<nagpraDetermGroupList>
<nagpraDetermGroup>
<nagpraDetermType>urn:cspace:pahma.cspace.berkeley.edu:vocabularies:name(nagpradetermtype):item:name(unknown1)'unknown1'</nagpraDetermType>
<nagpraDetermBy>urn:cspace:pahma.cspace.berkeley.edu:personauthorities:name(person):item:name(NatashaJohnson1611346486489)'Natasha Johnson'</nagpraDetermBy>
<nagpraDetermNote>CD note for 2021NAGPRASAMPLE</nagpraDetermNote>
<nagpraDetermCulture>urn:cspace:pahma.cspace.berkeley.edu:orgauthorities:name(organization):item:name(KaagwaantaanClanofKlukwan1611346415910)'Kaagwaantaan Clan of Klukwan'</nagpraDetermCulture>
</nagpraDetermGroup>
</nagpraDetermGroupList>
</ns2:collectionobjects_nagpra>
</document>

0 comments on commit 0ddd9d5

Please sign in to comment.