From: Patrick Schmitz Date: Fri, 3 Dec 2010 23:06:24 +0000 (+0000) Subject: CSPACE-3226 - Added grants for reader account to mysql db setup. Enables report autho... X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=e203c8ae9f211d71b878bffd3906ed4c3f8fb660;p=tmp%2Fjakarta-migration.git CSPACE-3226 - Added grants for reader account to mysql db setup. Enables report authoring on the local machine. Added examples of two domain access points, for testing, development, and as an example to implementers. --- diff --git a/src/main/resources/db/mysql/init_db.sql b/src/main/resources/db/mysql/init_db.sql index 3e58963ef..03e8875e4 100644 --- a/src/main/resources/db/mysql/init_db.sql +++ b/src/main/resources/db/mysql/init_db.sql @@ -37,5 +37,16 @@ FLUSH PRIVILEGES; GRANT ALL PRIVILEGES ON cspace.* TO 'test'@'localhost' IDENTIFIED BY 'test' WITH GRANT OPTION; FLUSH PRIVILEGES; GRANT ALL PRIVILEGES ON nuxeo.* TO 'test'@'localhost' IDENTIFIED BY 'test' WITH GRANT OPTION; +-- +-- Grant privileges to read-only user on Nuxeo, for reporting. +-- +GRANT SELECT ON nuxeo.* TO 'reader'@'localhost' IDENTIFIED BY 'read'; +-- +-- Grant privileges to remote read-only users on Nuxeo, for reporting. +-- These should be changed to reflect your domain. Avoid specifying +-- 'reader'@'%' (while simple and flexible, this is a potential security hole). +-- +GRANT SELECT ON nuxeo.* TO 'reader'@'%.berkeley.edu' IDENTIFIED BY 'read'; +GRANT SELECT ON nuxeo.* TO 'reader'@'%.movingimage.us' IDENTIFIED BY 'read'; FLUSH PRIVILEGES;