From: Richard Millet Date: Thu, 6 Mar 2014 15:52:30 +0000 (-0800) Subject: CSPACE-6168: Refactoring hard-coded cspace and nuxeo database names to be configurable. X-Git-Url: https://git.aero2k.de/?a=commitdiff_plain;h=edc5c510d6839c33594677bff89f5ce41e8f66c8;p=tmp%2Fjakarta-migration.git CSPACE-6168: Refactoring hard-coded cspace and nuxeo database names to be configurable. --- diff --git a/3rdparty/nuxeo/build.xml b/3rdparty/nuxeo/build.xml index 9cbec3722..d96505b20 100644 --- a/3rdparty/nuxeo/build.xml +++ b/3rdparty/nuxeo/build.xml @@ -122,7 +122,8 @@ - + + diff --git a/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/default-repo-config.xml b/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/default-repo-config.xml index 58f420c59..dcf0b8f11 100644 --- a/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/default-repo-config.xml +++ b/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/default-repo-config.xml @@ -13,7 +13,7 @@ @XA_DATASOURCE@ @DB_URL@ @DB_SERVER_HOSTNAME@ - nuxeo + @DB_NUXEO_NAME@ @NUXEO_USER@ @NUXEO_PW@ diff --git a/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/lifesci_domain-repo-config.xml b/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/lifesci_domain-repo-config.xml index 1e09a526f..592f48478 100644 --- a/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/lifesci_domain-repo-config.xml +++ b/3rdparty/nuxeo/nuxeo-server/5.5-HF07/config/lifesci_domain-repo-config.xml @@ -416,6 +416,6 @@ The lifesci_domain repository - + diff --git a/build.properties b/build.properties index 40c368b31..ca2e57d5b 100644 --- a/build.properties +++ b/build.properties @@ -1,6 +1,6 @@ host=127.0.0.1 #cspace -cspace.instance.id=T1650 +cspace.instance.id=_trs80 release.version=4.1 cspace.release=${release.version}-SNAPSHOT cspace.services.release=cspace-services-${cspace.release} @@ -115,17 +115,27 @@ hibernate.dialect=${db.dialect} #database common settings db.script.dir=${jee.server.cspace}/cspace/services/db/${db} -db.user=${env.DB_USER} -db.user.password=${env.DB_PASSWORD} -db.nuxeo.user=nuxeo -db.nuxeo.user.password=${env.DB_PASSWORD_NUXEO} -db.cspace.user=cspace -db.cspace.user.password=${env.DB_PASSWORD_CSPACE} + +db.csadmin.name=postgres +db.csadmin.user=csadmin +db.csadmin.user.password=${env.DB_CSADMIN_PASSWORD} + +db.nuxeo.name=nuxeo${cspace.instance.id} +db.nuxeo.user=${db.nuxeo.name} +db.nuxeo.user.password=${env.DB_NUXEO_PASSWORD} + +db.cspace.name=cspace${cspace.instance.id} +db.cspace.user=${db.cspace.name} +db.cspace.user.password=${env.DB_CSPACE_PASSWORD} + +db.reader.user=reader${cspace.instance.id} +db.reader.user.password=${env.DB_READER_PASSWORD} + db.host=localhost db.jdbc.baseurl=jdbc:${db}://${db.host}:${db.port} # # JDBC URL's. The csadmin URL is needed to authenticate with the PostGreSQL server because an existing database must be supplied during authentication. # -db.jdbc.csadmin.url=${db.jdbc.baseurl}/postgres -db.jdbc.cspace.url=${db.jdbc.baseurl}/cspace +db.jdbc.csadmin.url=${db.jdbc.baseurl}/${db.csadmin.name} +db.jdbc.cspace.url=${db.jdbc.baseurl}/${db.cspace.name} diff --git a/build.xml b/build.xml index 915ed94c9..6408aab2a 100644 --- a/build.xml +++ b/build.xml @@ -215,8 +215,8 @@ description="create nuxeo database"> @@ -231,8 +231,8 @@ description="create cspace database"> @@ -261,24 +261,35 @@ - - - + + + + - + + + + + + + + - - - + + + + + diff --git a/installer/build.xml b/installer/build.xml index b04c1c49d..87efe6251 100644 --- a/installer/build.xml +++ b/installer/build.xml @@ -1,4 +1,3 @@ - collectionspace services @@ -61,8 +60,8 @@ description="create nuxeo database"> @@ -77,8 +76,8 @@ description="create cspace database"> diff --git a/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml b/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml index f53667570..4edec1614 100644 --- a/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml +++ b/services/JaxRsServiceProvider/src/main/resources/META-INF/persistence.xml @@ -22,9 +22,9 @@ - - - + + + diff --git a/services/JaxRsServiceProvider/src/main/webapp/META-INF/context.xml b/services/JaxRsServiceProvider/src/main/webapp/META-INF/context.xml index 1755aaf48..60608988b 100644 --- a/services/JaxRsServiceProvider/src/main/webapp/META-INF/context.xml +++ b/services/JaxRsServiceProvider/src/main/webapp/META-INF/context.xml @@ -66,8 +66,8 @@ - collectionspace account service @@ -23,7 +22,6 @@ - @@ -109,15 +107,14 @@ - - + - - + + diff --git a/services/account/client/src/test/resources/hibernate.cfg.xml b/services/account/client/src/test/resources/hibernate.cfg.xml index 8296399cf..eb577d228 100644 --- a/services/account/client/src/test/resources/hibernate.cfg.xml +++ b/services/account/client/src/test/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/services/account/pstore/build.xml b/services/account/pstore/build.xml index 869f3107a..01288538f 100644 --- a/services/account/pstore/build.xml +++ b/services/account/pstore/build.xml @@ -1,4 +1,3 @@ - collectionspace account service @@ -114,10 +113,10 @@ - + - - + + @@ -172,17 +171,6 @@ - - + + diff --git a/services/authentication/client/src/test/resources/hibernate.cfg.xml b/services/authentication/client/src/test/resources/hibernate.cfg.xml index 8296399cf..eb577d228 100644 --- a/services/authentication/client/src/test/resources/hibernate.cfg.xml +++ b/services/authentication/client/src/test/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/services/authentication/jaxb/src/test/resources/hibernate.cfg.xml b/services/authentication/jaxb/src/test/resources/hibernate.cfg.xml index 422b7a607..d416bb08a 100644 --- a/services/authentication/jaxb/src/test/resources/hibernate.cfg.xml +++ b/services/authentication/jaxb/src/test/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/services/authentication/pstore/build.xml b/services/authentication/pstore/build.xml index 96ffb6a81..13a5ff5f5 100644 --- a/services/authentication/pstore/build.xml +++ b/services/authentication/pstore/build.xml @@ -1,4 +1,3 @@ - collectionspace authentication service @@ -23,7 +22,6 @@ - @@ -113,10 +111,10 @@ - + - - + + diff --git a/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql b/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql deleted file mode 100644 index 558f1f36e..000000000 --- a/services/authentication/pstore/src/main/resources/db/mysql/authentication.sql +++ /dev/null @@ -1,2 +0,0 @@ -drop table if exists users; -create table users (username varchar(128) not null, created_at datetime not null, passwd varchar(128) not null, updated_at datetime, primary key (username)); diff --git a/services/authentication/pstore/src/main/resources/db/mysql/authentication_index.sql b/services/authentication/pstore/src/main/resources/db/mysql/authentication_index.sql deleted file mode 100644 index be7089011..000000000 --- a/services/authentication/pstore/src/main/resources/db/mysql/authentication_index.sql +++ /dev/null @@ -1,8 +0,0 @@ --- --- Copyright 20010 University of California at Berkeley --- Licensed under the Educational Community License (ECL), Version 2.0. --- You may not use this file except in compliance with this License. --- -use cspace; - - diff --git a/services/authentication/pstore/src/main/resources/db/mysql/test_authentication.sql b/services/authentication/pstore/src/main/resources/db/mysql/test_authentication.sql deleted file mode 100644 index 8814ef331..000000000 --- a/services/authentication/pstore/src/main/resources/db/mysql/test_authentication.sql +++ /dev/null @@ -1,9 +0,0 @@ --- --- Copyright 2009 University of California at Berkeley --- Licensed under the Educational Community License (ECL), Version 2.0. --- You may not use this file except in compliance with this License. --- -use cspace; - --- default bootstrap user required to run ImportAuthZ (to bootstrap Spring) -- --- insert into `users` (`username`,`passwd`, `created_at`) VALUES ('SPRING_ADMIN','MzwE3RUaKmgxwDnLmmUd8pGYvooE4WzoYdS2o0oRyVQ=', now()); diff --git a/services/authentication/pstore/src/test/resources/hibernate.cfg.xml b/services/authentication/pstore/src/test/resources/hibernate.cfg.xml index 8296399cf..eb577d228 100644 --- a/services/authentication/pstore/src/test/resources/hibernate.cfg.xml +++ b/services/authentication/pstore/src/test/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/services/authorization-mgt/import/build.xml b/services/authorization-mgt/import/build.xml index d342d8ec3..3acf32ec0 100644 --- a/services/authorization-mgt/import/build.xml +++ b/services/authorization-mgt/import/build.xml @@ -22,7 +22,6 @@ - @@ -132,7 +131,6 @@ - @@ -140,10 +138,10 @@ - + - - + + diff --git a/services/authorization-mgt/import/src/main/resources/META-INF/persistence.xml b/services/authorization-mgt/import/src/main/resources/META-INF/persistence.xml index 52fe747e8..b694ab855 100644 --- a/services/authorization-mgt/import/src/main/resources/META-INF/persistence.xml +++ b/services/authorization-mgt/import/src/main/resources/META-INF/persistence.xml @@ -9,13 +9,6 @@ org.collectionspace.services.authorization.AccountRoleRel - - diff --git a/services/authorization-mgt/import/src/main/resources/applicationContext-authorization-test.xml b/services/authorization-mgt/import/src/main/resources/applicationContext-authorization-test.xml index 50b63fc88..dad3b3b0f 100644 --- a/services/authorization-mgt/import/src/main/resources/applicationContext-authorization-test.xml +++ b/services/authorization-mgt/import/src/main/resources/applicationContext-authorization-test.xml @@ -37,9 +37,9 @@ - - - + + + @@ -80,7 +80,6 @@ - @@ -91,6 +90,6 @@ - + diff --git a/services/authorization-mgt/import/src/main/resources/hibernate.cfg.xml b/services/authorization-mgt/import/src/main/resources/hibernate.cfg.xml index cb1f64509..0d9143787 100644 --- a/services/authorization-mgt/import/src/main/resources/hibernate.cfg.xml +++ b/services/authorization-mgt/import/src/main/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/services/authorization/pstore/build.xml b/services/authorization/pstore/build.xml index e9f47d52a..7be651fc9 100644 --- a/services/authorization/pstore/build.xml +++ b/services/authorization/pstore/build.xml @@ -1,4 +1,3 @@ - collectionspace authorization service @@ -113,10 +112,10 @@ - + - - + + diff --git a/services/authorization/pstore/src/main/resources/db/mysql/acl.sql b/services/authorization/pstore/src/main/resources/db/mysql/acl.sql deleted file mode 100644 index c84810e79..000000000 --- a/services/authorization/pstore/src/main/resources/db/mysql/acl.sql +++ /dev/null @@ -1,106 +0,0 @@ --- --- Copyright 2010 University of California at Berkeley --- Licensed under the Educational Community License (ECL), Version 2.0. --- You may not use this file except in compliance with this License. --- - --- use cspace; -drop table if exists `acl_entry`; -drop table if exists `acl_object_identity`; -drop table if exists `acl_sid`; -drop table if exists `acl_class`; - --- --- Table structure for table `acl_class` --- - -CREATE TABLE `acl_class` ( - `id` bigint(20) NOT NULL auto_increment, - `class` varchar(100) NOT NULL, - PRIMARY KEY (`id`), - UNIQUE KEY `unique_uk_2` (`class`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; - --- --- Dumping data for table `acl_class` --- - - --- --- Table structure for table `acl_sid` --- - -CREATE TABLE `acl_sid` ( - `id` bigint(20) NOT NULL auto_increment, - `principal` tinyint(1) NOT NULL, - `sid` varchar(100) NOT NULL, - PRIMARY KEY (`id`), - UNIQUE KEY `unique_uk_1` (`principal`,`sid`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8; - --- --- Dumping data for table `acl_sid` --- - --- --- Table structure for table `acl_entry` --- - -CREATE TABLE `acl_entry` ( - `id` bigint(20) NOT NULL auto_increment, - `acl_object_identity` bigint(20) NOT NULL, - `ace_order` int(11) NOT NULL, - `sid` bigint(20) NOT NULL, - `mask` int(11) NOT NULL, - `granting` tinyint(1) NOT NULL, - `audit_success` tinyint(1) NOT NULL, - `audit_failure` tinyint(1) NOT NULL, - PRIMARY KEY (`id`), - UNIQUE KEY `unique_uk_4` (`acl_object_identity`,`ace_order`), - KEY `sid` (`sid`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; - - - --- --- Dumping data for table `acl_entry` --- - - --- --- Table structure for table `acl_object_identity` --- - -CREATE TABLE `acl_object_identity` ( - `id` bigint(20) NOT NULL auto_increment, - `object_id_class` bigint(20) NOT NULL, - `object_id_identity` bigint(20) NOT NULL, - `parent_object` bigint(20) default NULL, - `owner_sid` bigint(20) default NULL, - `entries_inheriting` tinyint(1) NOT NULL, - PRIMARY KEY (`id`), - UNIQUE KEY `unique_uk_3` (`object_id_class`,`object_id_identity`), - KEY `owner_sid` (`owner_sid`), - KEY `parent_object` (`parent_object`) -) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; - - --- --- Dumping data for table `acl_object_identity` --- - --- --- Constraints for table `acl_entry` --- -ALTER TABLE `acl_entry` - ADD CONSTRAINT `acl_entry_ibfk_1` FOREIGN KEY (`sid`) REFERENCES `acl_sid` (`id`), - ADD CONSTRAINT `acl_entry_ibfk_2` FOREIGN KEY (`acl_object_identity`) REFERENCES `acl_object_identity` (`id`); - - --- --- Constraints for table `acl_object_identity` --- -ALTER TABLE `acl_object_identity` - ADD CONSTRAINT `acl_object_identity_ibfk_1` FOREIGN KEY (`owner_sid`) REFERENCES `acl_sid` (`id`), - ADD CONSTRAINT `acl_object_identity_ibfk_2` FOREIGN KEY (`object_id_class`) REFERENCES `acl_class` (`id`), - ADD CONSTRAINT `acl_object_identity_ibfk_3` FOREIGN KEY (`parent_object`) REFERENCES `acl_object_identity` (`id`); diff --git a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql b/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql deleted file mode 100644 index f887892c5..000000000 --- a/services/authorization/pstore/src/main/resources/db/mysql/authorization.sql +++ /dev/null @@ -1,12 +0,0 @@ -alter table permissions_actions drop foreign key FK85F82042E2DC84FD; -drop table if exists accounts_roles; -drop table if exists permissions; -drop table if exists permissions_actions; -drop table if exists permissions_roles; -drop table if exists roles; -create table accounts_roles (HJID bigint not null auto_increment, account_id varchar(128) not null, created_at datetime not null, role_id varchar(128) not null, role_name varchar(255), screen_name varchar(255), user_id varchar(128) not null, primary key (HJID), unique (account_id, role_id)); -create table permissions (csid varchar(128) not null, action_group varchar(128), attribute_name varchar(128), created_at datetime not null, description varchar(255), effect varchar(32) not null, resource_name varchar(128) not null, tenant_id varchar(128) not null, updated_at datetime, primary key (csid)); -create table permissions_actions (HJID bigint not null auto_increment, name varchar(128) not null, objectIdentity varchar(128) not null, objectIdentityResource varchar(128) not null, ACTION__PERMISSION_CSID varchar(128), primary key (HJID)); -create table permissions_roles (HJID bigint not null auto_increment, actionGroup varchar(255), created_at datetime not null, permission_id varchar(128) not null, permission_resource varchar(255), role_id varchar(128) not null, role_name varchar(255), primary key (HJID), unique (permission_id, role_id)); -create table roles (csid varchar(128) not null, created_at datetime not null, description varchar(255), displayname varchar(200) not null, rolegroup varchar(255), rolename varchar(200) not null, tenant_id varchar(128) not null, metadata_protection varchar(255), perms_protection varchar(255), updated_at datetime, primary key (csid), unique (rolename, tenant_id), unique (displayname, tenant_id)); -alter table permissions_actions add index FK85F82042E2DC84FD (ACTION__PERMISSION_CSID), add constraint FK85F82042E2DC84FD foreign key (ACTION__PERMISSION_CSID) references permissions (csid); diff --git a/services/authorization/pstore/src/main/resources/db/mysql/authorization_index.sql b/services/authorization/pstore/src/main/resources/db/mysql/authorization_index.sql deleted file mode 100644 index 3c05b7dec..000000000 --- a/services/authorization/pstore/src/main/resources/db/mysql/authorization_index.sql +++ /dev/null @@ -1,17 +0,0 @@ --- --- Copyright 2010 University of California at Berkeley --- Licensed under the Educational Community License (ECL), Version 2.0. --- You may not use this file except in compliance with this License. --- --- use cspace; -CREATE INDEX index_rolename ON roles (rolename); -CREATE INDEX index_rolegroup ON roles (rolegroup); -CREATE INDEX index_tenant_id ON roles (tenant_id); - -CREATE INDEX index_user_id ON accounts_roles (user_id); -CREATE INDEX index_account_id ON accounts_roles (account_id); -CREATE INDEX index_role_id ON accounts_roles (role_id); - -CREATE INDEX index_permission_id ON permissions_roles (permission_id); -CREATE INDEX index_role_id ON permissions_roles (role_id); - diff --git a/services/authorization/pstore/src/main/resources/db/mysql/test_authorization.sql b/services/authorization/pstore/src/main/resources/db/mysql/test_authorization.sql deleted file mode 100644 index 4ac057be0..000000000 --- a/services/authorization/pstore/src/main/resources/db/mysql/test_authorization.sql +++ /dev/null @@ -1,14 +0,0 @@ --- --- Copyright 2009 University of California at Berkeley --- Licensed under the Educational Community License (ECL), Version 2.0. --- You may not use this file except in compliance with this License. --- -use cspace; - --- insert into `roles` (`csid`, `rolename`, `displayName`, `rolegroup`, `created_at`, `tenant_id`) values ('-1', 'ROLE_SPRING_ADMIN', 'SPRING_ADMIN', 'Spring Security Administrator', now(), '0'); --- insert into `roles` (`csid`, `rolename`, `displayName`, `rolegroup`, `created_at`, `tenant_id`) values ('0', 'ROLE_ADMINISTRATOR', 'ADMINISTRATOR', 'CollectionSpace Administrator', now(), '0'); - --- for default bootstrap user required to run ImportAuthZ (to bootstrap Spring) -- --- insert into `accounts_roles`(`account_id`, `user_id`, `role_id`, `role_name`, `created_at`) values ('Bootstrapping-Account-DO-NOT-DELETE', 'test', '-1', 'ROLE_SPRING_ADMIN', now()); --- insert into `accounts_roles`(`account_id`, `user_id`, `role_id`, `role_name`, `created_at`) values ('Bootstrapping-Account-DO-NOT-DELETE', 'test', '0', 'ROLE_ADMINISTRATOR', now()); - diff --git a/services/authorization/pstore/src/test/resources/hibernate.cfg.xml b/services/authorization/pstore/src/test/resources/hibernate.cfg.xml index 8296399cf..eb577d228 100644 --- a/services/authorization/pstore/src/test/resources/hibernate.cfg.xml +++ b/services/authorization/pstore/src/test/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/services/authorization/service/src/main/resources/applicationContext-authorization.xml b/services/authorization/service/src/main/resources/applicationContext-authorization.xml index a88d2d5d4..866d555cc 100644 --- a/services/authorization/service/src/main/resources/applicationContext-authorization.xml +++ b/services/authorization/service/src/main/resources/applicationContext-authorization.xml @@ -43,9 +43,9 @@ - - - + + + diff --git a/services/collectionobject/service/pom.xml b/services/collectionobject/service/pom.xml index 3972789aa..c91c8c637 100644 --- a/services/collectionobject/service/pom.xml +++ b/services/collectionobject/service/pom.xml @@ -135,7 +135,33 @@ collectionspace-services-collectionobject + + com.qmino + miredot-maven-plugin + 1.3.1 + + + + restdoc + + + + + + UHJvamVjdHxvcmcuY29sbGVjdGlvbnNwYWNlLnNlcnZpY2VzLm9yZy5jb2xsZWN0aW9uc3BhY2Uuc2VydmljZXMuY29sbGVjdGlvbm9iamVjdC5zZXJ2aWNlfDIwMTktMDItMjh8dHJ1ZSNNQ3dDRkdHK29EM2hWTVRyckIveDVaWExNcWRBNWhyL0FoUXo2bkVKV1k1NjdabnFBelh6UFdiOW1iRnVIdz09 + + + + + + + miredot + MireDot Releases + http://nexus.qmino.com/content/repositories/miredot + + + diff --git a/services/common/build.xml b/services/common/build.xml index ab68debec..826de10ba 100644 --- a/services/common/build.xml +++ b/services/common/build.xml @@ -142,9 +142,14 @@ description="deploy tenant configuration"> + + + + + + - diff --git a/services/common/src/main/cspace/config/services/resources/db/mysql/.gitignore b/services/common/src/main/cspace/config/services/resources/db/mysql/.gitignore deleted file mode 100644 index e69de29bb..000000000 diff --git a/services/common/src/main/cspace/config/services/service-config.xml b/services/common/src/main/cspace/config/services/service-config.xml index dd9bb6ed8..871817417 100644 --- a/services/common/src/main/cspace/config/services/service-config.xml +++ b/services/common/src/main/cspace/config/services/service-config.xml @@ -14,7 +14,12 @@ xmlns:types='http://collectionspace.org/services/config/types' xsi:schemaLocation='http://collectionspace.org/services/config ../resources/common.xsd'> + @CSPACE_INSTANCE_ID@ + @DB_CSADMIN_NAME@ + @DB_NUXEO_NAME@ + @DB_CSPACE_NAME@ true + @@ -31,5 +36,4 @@ - diff --git a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java index cd0ec5bd6..bc965f27c 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java +++ b/services/common/src/main/java/org/collectionspace/services/common/ServiceMain.java @@ -6,8 +6,6 @@ package org.collectionspace.services.common; import java.io.File; import java.io.FileInputStream; import java.io.FileNotFoundException; -import java.io.FileOutputStream; -import java.io.IOException; import java.io.InputStream; import java.sql.Connection; import java.sql.PreparedStatement; @@ -16,12 +14,10 @@ import java.sql.SQLException; import java.sql.Statement; import java.util.*; -import javax.naming.NamingException; import javax.servlet.ServletContext; import javax.sql.DataSource; import org.collectionspace.authentication.AuthN; - import org.collectionspace.services.common.authorization_mgt.AuthorizationCommon; import org.collectionspace.services.common.config.ConfigReader; import org.collectionspace.services.common.config.ConfigUtils; @@ -42,9 +38,7 @@ import org.collectionspace.services.config.types.PropertyType; import org.collectionspace.services.nuxeo.client.java.NuxeoConnectorEmbedded; import org.collectionspace.services.nuxeo.client.java.TenantRepository; import org.jboss.resteasy.spi.ResteasyProviderFactory; - import org.apache.tomcat.dbcp.dbcp.BasicDataSource; - import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -61,27 +55,27 @@ public class ServiceMain { */ private static volatile ServiceMain instance = null; private static volatile boolean initFailed = false; + + private static final String SERVER_HOME_PROPERTY = "catalina.home"; + private static final boolean USE_APP_GENERATED_CONFIG = true; + + private static ServletContext servletContext = null; - private NuxeoConnectorEmbedded nuxeoConnector; - private static ServletContext servletContext = null; + private NuxeoConnectorEmbedded nuxeoConnector; private String serverRootDir = null; private ServicesConfigReaderImpl servicesConfigReader; private TenantBindingConfigReaderImpl tenantBindingConfigReader; private UriTemplateRegistry uriTemplateRegistry = new UriTemplateRegistry(); - private static final String SERVER_HOME_PROPERTY = "catalina.home"; - private static final boolean USE_APP_GENERATED_CONFIG = true; private ServiceMain() { //empty } /* - * FIXME: REM - This method is no longer necessary and can should be removed. * * Set this singletons ServletContext without any call to initialize */ - @Deprecated private static void setServletContext(ServletContext servletContext) { if (servletContext != null) { synchronized (ServiceMain.class) { @@ -89,13 +83,17 @@ public class ServiceMain { } } } - + + public String getCspaceDatabaseName() { + return getServiceConfig().getDbCspaceName(); + } + public boolean inServletContext() { return ServiceMain.servletContext != null; } public static ServiceMain getInstance(ServletContext servletContext) { - ServiceMain.servletContext = servletContext; + setServletContext(servletContext); return ServiceMain.getInstance(); } @@ -108,11 +106,11 @@ public class ServiceMain { if (instance == null && initFailed == false) { synchronized (ServiceMain.class) { if (instance == null && initFailed == false) { - ServiceMain temp = new ServiceMain(); + ServiceMain newInstance = new ServiceMain(); try { //assume the worse initFailed = true; - temp.initialize(); + newInstance.initialize(); //celebrate success initFailed = false; } catch (Exception e) { @@ -123,7 +121,7 @@ public class ServiceMain { throw new RuntimeException(e); } } - instance = temp; + instance = newInstance; } } } @@ -136,28 +134,23 @@ public class ServiceMain { } private void initialize() throws Exception { - if (logger.isTraceEnabled() == true) { - System.out.print("About to initialize ServiceMain singleton - Pausing 5 seconds for you to attached the debugger"); - long startTime, currentTime; - currentTime = startTime = System.currentTimeMillis(); - long stopTime = startTime + 5 * 1000; //5 seconds - do { - if (currentTime % 1000 == 0) { - System.out.print("."); - } - currentTime = System.currentTimeMillis(); - } while (currentTime < stopTime); - - System.out.println(); - System.out.println("Resuming cspace services initialization."); - } - + // set our root directory setServerRootDir(); - readConfig(); - setDataSources(); + + // read in and set our Services config + readAndSetServicesConfig(); + + // Set our AuthN's datasource to for the cspaceDataSource + AuthN.setDataSource(JDBCTools.getDataSource(JDBCTools.CSPACE_DATASOURCE_NAME)); + + // Please document this step propagateConfiguredProperties(); + + // Create each tenant's Nuxeo database + createNuxeoDatabases(); + // - // Start up and initialize our embedded Nuxeo server instance + // Start up and initialize our embedded Nuxeo instance. // if (getClientType().equals(ClientType.JAVA)) { nuxeoConnector = NuxeoConnectorEmbedded.getInstance(); @@ -174,12 +167,17 @@ public class ServiceMain { // // Create all the default user accounts and permissions // - try { - AuthorizationCommon.createDefaultWorkflowPermissions(tenantBindingConfigReader); - AuthorizationCommon.createDefaultAccounts(tenantBindingConfigReader); - } catch(Throwable e) { - logger.error("Default accounts and permissions setup failed with exception(s): " + e.getLocalizedMessage(), e); - } + try { + AuthorizationCommon.createDefaultWorkflowPermissions(tenantBindingConfigReader); + String cspaceDatabaseName = getCspaceDatabaseName(); + DatabaseProductType databaseProductType = JDBCTools.getDatabaseProductType(JDBCTools.CSPACE_DATASOURCE_NAME, cspaceDatabaseName); + AuthorizationCommon.createDefaultAccounts(tenantBindingConfigReader, databaseProductType, + cspaceDatabaseName); + } catch (Exception e) { + logger.error("Default accounts and permissions setup failed with exception(s): " + + e.getLocalizedMessage(), e); + throw e; + } /* * This might be useful for something, but the reader grants are better handled in the ReportPostInitHandler. @@ -207,7 +205,7 @@ public class ServiceMain { } } - private void readConfig() throws Exception { + private void readAndSetServicesConfig() throws Exception { //read service config servicesConfigReader = new ServicesConfigReaderImpl(getServerRootDir()); servicesConfigReader.read(USE_APP_GENERATED_CONFIG); @@ -377,59 +375,52 @@ public class ServiceMain { public InputStream getResourceAsStream(String resourceName) throws FileNotFoundException { InputStream result = new FileInputStream(new File(getServerResourcesPath() + resourceName)); + return result; + } + + public String getCspaceInstanceId() { + String result = getServiceConfig().getCspaceInstanceId(); + + if (result == null || result.trim().isEmpty()) { + result = ""; //empty string + } + return result; } - /* - * Save a copy of the DataSource instances that exist in our initial JNDI context. For some reason, after starting up - * our instance of embedded Nuxeo, we can find our datasources. Therefore, we need to preserve the datasources in these - * static members. + * Look through the tenant bindings and create the required Nuxeo databases -each tenant can declare + * their own Nuxeo repository/database. + * Get the NuxeoDS info and create the necessary databases. + * Consider the tenant bindings to find and get the data sources for each tenant. + * There may be only one, one per tenant, or something in between. + * */ - private void setDataSources() throws NamingException, Exception { + private void createNuxeoDatabases() throws Exception { final String DB_EXISTS_QUERY_PSQL = "SELECT 1 AS result FROM pg_database WHERE datname=?"; final String DB_EXISTS_QUERY_MYSQL = "SELECT 1 AS result FROM INFORMATION_SCHEMA.SCHEMATA WHERE SCHEMA_NAME=?"; - // - // As a side-effect of calling JDBCTools.getDataSource(...), the DataSource instance will be - // cached in a static hash map of the JDBCTools class. This will speed up lookups as well as protect our - // code from JNDI lookup problems -for example, if the JNDI context gets stepped on or corrupted. - // - DataSource cspaceDataSource = JDBCTools.getDataSource(JDBCTools.CSPACE_DATASOURCE_NAME); + DataSource nuxeoDataSource = JDBCTools.getDataSource(JDBCTools.NUXEO_DATASOURCE_NAME); - DataSource nuxeoMgrDataSource = JDBCTools.getDataSource(JDBCTools.NUXEO_MANAGER_DATASOURCE_NAME); - DataSource nuxeoReaderDataSource = JDBCTools.getDataSource(JDBCTools.NUXEO_READER_DATASOURCE_NAME); - - // We need to fetch the user name and password from the nuxeoDataSource, to do grants below - org.apache.tomcat.dbcp.dbcp.BasicDataSource tomcatDataSource = - (org.apache.tomcat.dbcp.dbcp.BasicDataSource)nuxeoDataSource; - // Get the template URL value from the JNDI datasource and substitute the databaseName + BasicDataSource tomcatDataSource = (BasicDataSource)nuxeoDataSource; String nuxeoUser = tomcatDataSource.getUsername(); String nuxeoPW = tomcatDataSource.getPassword(); + // Get reader data source, if any + DataSource nuxeoReaderDataSource = JDBCTools.getDataSource(JDBCTools.NUXEO_READER_DATASOURCE_NAME); String readerUser = null; String readerPW = null; - if(nuxeoReaderDataSource!= null) { - tomcatDataSource = - (org.apache.tomcat.dbcp.dbcp.BasicDataSource)nuxeoReaderDataSource; + if (nuxeoReaderDataSource!= null) { + tomcatDataSource = (BasicDataSource)nuxeoReaderDataSource; // Get the template URL value from the JNDI datasource and substitute the databaseName readerUser = tomcatDataSource.getUsername(); readerPW = tomcatDataSource.getPassword(); } - // - // Set our AuthN's datasource to be the cspaceDataSource - // - AuthN.setDataSource(cspaceDataSource); - - // Get the NuxeoDS info and create the necessary databases. - // Consider the tenant bindings to find and get the data sources for each tenant. - // There may be only one, one per tenant, or something in between. - DatabaseProductType dbType = JDBCTools.getDatabaseProductType( - JDBCTools.CSPACE_DATASOURCE_NAME, - JDBCTools.DEFAULT_CSPACE_DATABASE_NAME); // only returns PG or MYSQL - String dbExistsQuery = (dbType==DatabaseProductType.POSTGRESQL)? - DB_EXISTS_QUERY_PSQL : DB_EXISTS_QUERY_MYSQL; + DatabaseProductType dbType = JDBCTools.getDatabaseProductType(JDBCTools.CSADMIN_DATASOURCE_NAME, + getServiceConfig().getDbCsadminName()); + String dbExistsQuery = (dbType == DatabaseProductType.POSTGRESQL) ? DB_EXISTS_QUERY_PSQL : + DB_EXISTS_QUERY_MYSQL; Hashtable tenantBindings = tenantBindingConfigReader.getTenantBindings(); @@ -437,185 +428,182 @@ public class ServiceMain { PreparedStatement pstmt = null; Statement stmt = null; Connection conn = null; - - try { - conn = nuxeoMgrDataSource.getConnection(); - // First check and create the roles as needed. (nuxeo and reader) - - - pstmt = conn.prepareStatement(dbExistsQuery); // create a statement + + try { + DataSource csadminDataSource = JDBCTools.getDataSource(JDBCTools.CSADMIN_DATASOURCE_NAME); + conn = csadminDataSource.getConnection(); + pstmt = conn.prepareStatement(dbExistsQuery); // create a statement stmt = conn.createStatement(); - - for (TenantBindingType tenantBinding : tenantBindings.values()) { - String tId = tenantBinding.getId(); - String tName = tenantBinding.getName(); - List repoDomainList = tenantBinding.getRepositoryDomain(); - for (RepositoryDomainType repoDomain : repoDomainList) { - String repoDomainName = repoDomain.getName(); - String dbName = JDBCTools.getDatabaseName(repoDomain.getRepositoryName()); - if(nuxeoDBsChecked.contains(dbName)) { - if (logger.isDebugEnabled()) { - logger.debug("Another user of db: "+dbName+": Repo: "+repoDomainName+" and tenant: " - +tName+" (id:"+tId+")"); - } - } else { - if (logger.isDebugEnabled()) { - logger.debug("Need to prepare db: "+dbName+" for Repo: "+repoDomainName+" and tenant: " - +tName+" (id:"+tId+")"); - } - - pstmt.setString(1, dbName); // set dbName param - ResultSet rs = pstmt.executeQuery(); - // extract data from the ResultSet - boolean dbExists = rs.next(); - rs.close(); - if(dbExists) { - if (logger.isDebugEnabled()) { - logger.debug("Database: "+dbName+" already exists."); - } - } else { - // Create the user as needed - createUserIfNotExists(conn, dbType, nuxeoUser, nuxeoPW); - if(readerUser!=null) { - createUserIfNotExists(conn, dbType, readerUser, readerPW); - } - // Create the database - createDatabaseWithRights(conn, dbType, dbName, nuxeoUser, nuxeoPW, readerUser, readerPW); - } - nuxeoDBsChecked.add(dbName); - } - } // Loop on repos for tenant - } // Loop on tenants - } catch(SQLException se) { - //Handle errors for JDBC - se.printStackTrace(); - } catch(Exception e) { - //Handle errors for Class.forName - e.printStackTrace(); - } finally { //close resources + + // First check and create the roles as needed. (nuxeo and reader) + for (TenantBindingType tenantBinding : tenantBindings.values()) { + String tId = tenantBinding.getId(); + String tName = tenantBinding.getName(); + List repoDomainList = tenantBinding.getRepositoryDomain(); + for (RepositoryDomainType repoDomain : repoDomainList) { + String repoDomainName = repoDomain.getName(); + String dbName = JDBCTools.getDatabaseName(repoDomain.getRepositoryName(), getCspaceInstanceId()); + if (nuxeoDBsChecked.contains(dbName)) { + if (logger.isDebugEnabled()) { + logger.debug("Another user of db: " + dbName + ": Repo: " + repoDomainName + + " and tenant: " + tName + " (id:" + tId + ")"); + } + } else { + if (logger.isDebugEnabled()) { + logger.debug("Need to prepare db: " + dbName + " for Repo: " + repoDomainName + + " and tenant: " + tName + " (id:" + tId + ")"); + } + + pstmt.setString(1, dbName); // set dbName param + ResultSet rs = pstmt.executeQuery(); + // extract data from the ResultSet + boolean dbExists = rs.next(); + rs.close(); + if (dbExists) { + if (logger.isDebugEnabled()) { + logger.debug("Database: " + dbName + " already exists."); + } + } else { + // Create the user as needed + createUserIfNotExists(conn, dbType, nuxeoUser, nuxeoPW); + if (readerUser != null) { + createUserIfNotExists(conn, dbType, readerUser, readerPW); + } + // Create the database + createDatabaseWithRights(conn, dbType, dbName, nuxeoUser, nuxeoPW, readerUser, readerPW); + } + nuxeoDBsChecked.add(dbName); + } + } // Loop on repos for tenant + } // Loop on tenants + } finally { //close resources try { - if(stmt!=null) { + if (stmt != null) { stmt.close(); } - } catch(SQLException se2) { - // nothing we can do - } - try{ - if(conn!=null) { + if (conn != null) { conn.close(); } - }catch(SQLException se){ + } catch(SQLException se) { se.printStackTrace(); } } + } - private void createUserIfNotExists(Connection conn, DatabaseProductType dbType, - String username, String userPW) throws Exception { - PreparedStatement pstmt = null; - Statement stmt = null; - final String USER_EXISTS_QUERY_PSQL = - "SELECT 1 AS result FROM pg_roles WHERE rolname=?"; - String userExistsQuery; - if(dbType==DatabaseProductType.POSTGRESQL) { - userExistsQuery = USER_EXISTS_QUERY_PSQL; - } else { - throw new UnsupportedOperationException("CreateUserIfNotExists only supports PSQL - MySQL NYI!"); - } - try { - pstmt = conn.prepareStatement(userExistsQuery); // create a statement - pstmt.setString(1, username); // set dbName param - ResultSet rs = pstmt.executeQuery(); - // extract data from the ResultSet - boolean userExists = rs.next(); - rs.close(); - if(userExists) { - if (logger.isDebugEnabled()) { - logger.debug("User: "+username+" already exists."); - } - } else { - stmt = conn.createStatement(); - String sql = "CREATE ROLE "+username+" WITH PASSWORD '"+userPW+"' LOGIN"; - stmt.executeUpdate(sql); - // Really should do the grants as well. - if (logger.isDebugEnabled()) { - logger.debug("Created Users: '"+username+"' and 'reader'"); - } - } - } catch(Exception e) { - logger.error("createUserIfNotExists failed on exception: " + e.getLocalizedMessage()); - throw e; // propagate - } finally { //close resources - try { - if(pstmt!=null) { - pstmt.close(); - } - if(stmt!=null) { - stmt.close(); - } - } catch(SQLException se) { - // nothing we can do - } - } - } + private void createUserIfNotExists(Connection conn, DatabaseProductType dbType, String username, String userPW) + throws Exception { + PreparedStatement pstmt = null; + Statement stmt = null; + final String USER_EXISTS_QUERY_PSQL = "SELECT 1 AS result FROM pg_roles WHERE rolname=?"; + String userExistsQuery; + + if (dbType == DatabaseProductType.POSTGRESQL) { + userExistsQuery = USER_EXISTS_QUERY_PSQL; + } else { + throw new UnsupportedOperationException("CreateUserIfNotExists only supports PSQL - MySQL NYI!"); + } + + try { + pstmt = conn.prepareStatement(userExistsQuery); // create a + // statement + pstmt.setString(1, username); // set dbName param + ResultSet rs = pstmt.executeQuery(); + // extract data from the ResultSet + boolean userExists = rs.next(); + rs.close(); + if (userExists) { + if (logger.isDebugEnabled()) { + logger.debug("User: " + username + " already exists."); + } + } else { + stmt = conn.createStatement(); + String sql = "CREATE ROLE " + username + " WITH PASSWORD '" + userPW + "' LOGIN"; + stmt.executeUpdate(sql); + // Really should do the grants as well. + if (logger.isDebugEnabled()) { + logger.debug("Created Users: '" + username + "' and 'reader'"); + } + } + } catch (Exception e) { + logger.error("createUserIfNotExists failed on exception: " + e.getLocalizedMessage()); + throw e; // propagate + } finally { // close resources + try { + if (pstmt != null) { + pstmt.close(); + } + if (stmt != null) { + stmt.close(); + } + } catch (SQLException se) { + // nothing we can do + } + } + } - private void createDatabaseWithRights(Connection conn, DatabaseProductType dbType, String dbName, - String ownerName, String ownerPW, String readerName, String readerPW) throws Exception { - Statement stmt = null; - try { + private void createDatabaseWithRights(Connection conn, DatabaseProductType dbType, String dbName, String ownerName, + String ownerPW, String readerName, String readerPW) throws Exception { + Statement stmt = null; + try { stmt = conn.createStatement(); - if(dbType==DatabaseProductType.POSTGRESQL) { - // Postgres does not need passwords. - String sql = "CREATE DATABASE "+dbName+" ENCODING 'UTF8' OWNER "+ownerName; - stmt.executeUpdate(sql); - if (logger.isDebugEnabled()) { - logger.debug("Created db: '"+dbName+"' with owner: '"+ownerName+"'"); - } - if(readerName!= null) { - sql = "GRANT CONNECT ON DATABASE "+dbName+" TO "+readerName; - stmt.executeUpdate(sql); - if (logger.isDebugEnabled()) { - logger.debug(" Granted connect rights on: '"+dbName+"' to reader: '"+readerName+"'"); - } - } - // Note that select rights for reader must be granted after Nuxeo startup. - } else if(dbType==DatabaseProductType.MYSQL) { - String sql = "CREATE database "+dbName+" DEFAULT CHARACTER SET utf8"; - stmt.executeUpdate(sql); - sql = "GRANT ALL PRIVILEGES ON "+dbName+".* TO '"+ownerName+"'@'localhost' IDENTIFIED BY '" - +ownerPW+"' WITH GRANT OPTION"; - stmt.executeUpdate(sql); - if (logger.isDebugEnabled()) { - logger.debug("Created db: '"+dbName+"' with owner: '"+ownerName+"'"); - } - if(readerName!= null) { - sql = "GRANT SELECT ON "+dbName+".* TO '"+readerName+"'@'localhost' IDENTIFIED BY '" - +readerPW+"' WITH GRANT OPTION"; - stmt.executeUpdate(sql); - if (logger.isDebugEnabled()) { - logger.debug(" Granted SELECT rights on: '"+dbName+"' to reader: '"+readerName+"'"); - } - } - } else { - throw new UnsupportedOperationException("createDatabaseWithRights only supports PSQL - MySQL NYI!"); - } - } catch(Exception e) { - logger.error("createDatabaseWithRights failed on exception: " + e.getLocalizedMessage()); - throw e; // propagate - } finally { //close resources - try { - if(stmt!=null) { - stmt.close(); - } - } catch(SQLException se) { - // nothing we can do - } - } + if (dbType == DatabaseProductType.POSTGRESQL) { + // Postgres does not need passwords. + String sql = "CREATE DATABASE " + dbName + " ENCODING 'UTF8' OWNER " + ownerName; + stmt.executeUpdate(sql); + if (logger.isDebugEnabled()) { + logger.debug("Created db: '" + dbName + "' with owner: '" + ownerName + "'"); + } + if (readerName != null) { + sql = "GRANT CONNECT ON DATABASE " + dbName + " TO " + readerName; + stmt.executeUpdate(sql); + if (logger.isDebugEnabled()) { + logger.debug(" Granted connect rights on: '" + dbName + "' to reader: '" + readerName + "'"); + } + } + // Note that select rights for reader must be granted after + // Nuxeo startup. + } else if (dbType == DatabaseProductType.MYSQL) { + String sql = "CREATE database " + dbName + " DEFAULT CHARACTER SET utf8"; + stmt.executeUpdate(sql); + sql = "GRANT ALL PRIVILEGES ON " + dbName + ".* TO '" + ownerName + "'@'localhost' IDENTIFIED BY '" + + ownerPW + "' WITH GRANT OPTION"; + stmt.executeUpdate(sql); + if (logger.isDebugEnabled()) { + logger.debug("Created db: '" + dbName + "' with owner: '" + ownerName + "'"); + } + if (readerName != null) { + sql = "GRANT SELECT ON " + dbName + ".* TO '" + readerName + "'@'localhost' IDENTIFIED BY '" + + readerPW + "' WITH GRANT OPTION"; + stmt.executeUpdate(sql); + if (logger.isDebugEnabled()) { + logger.debug(" Granted SELECT rights on: '" + dbName + "' to reader: '" + readerName + "'"); + } + } + } else { + throw new UnsupportedOperationException("createDatabaseWithRights only supports PSQL - MySQL NYI!"); + } + } catch (Exception e) { + logger.error("createDatabaseWithRights failed on exception: " + e.getLocalizedMessage()); + throw e; // propagate + } finally { // close resources + try { + if (stmt != null) { + stmt.close(); + } + } catch (SQLException se) { + se.printStackTrace(); + } + } - } + } /* * This might be useful for something, but the reader grants are better handled in the ReportPostInitHandler. + * + * + */ +/* private void handlePostNuxeoInitDBTasks() throws Exception { Statement stmt = null; Connection conn = null; @@ -662,16 +650,15 @@ public class ServiceMain { } } - */ +*/ private void setServerRootDir() { serverRootDir = System.getProperty(SERVER_HOME_PROPERTY); if (serverRootDir == null) { serverRootDir = "."; //assume server is started from server root, e.g. server/cspace - logger.warn("System property '" + - SERVER_HOME_PROPERTY + "' was not set. Using \"" + - serverRootDir + - "\" instead."); + String msg = String.format("System property '%s' was not set. Using '%s' instead.", + SERVER_HOME_PROPERTY, serverRootDir); + logger.warn(msg); } } @@ -735,6 +722,4 @@ public class ServiceMain { } return uriTemplateRegistry; } - - } diff --git a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java index 2905214a7..26518fb08 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java +++ b/services/common/src/main/java/org/collectionspace/services/common/authorization_mgt/AuthorizationCommon.java @@ -231,9 +231,9 @@ public class AuthorizationCommon { } } - private static Connection getConnection() throws NamingException, SQLException { + private static Connection getConnection(String databaseName) throws NamingException, SQLException { return JDBCTools.getConnection(JDBCTools.CSPACE_DATASOURCE_NAME, - JDBCTools.DEFAULT_CSPACE_DATABASE_NAME); + databaseName); } /* @@ -915,11 +915,15 @@ public class AuthorizationCommon { } } - public static void createDefaultAccounts(TenantBindingConfigReaderImpl tenantBindingConfigReader) { + public static void createDefaultAccounts( + TenantBindingConfigReaderImpl tenantBindingConfigReader, + DatabaseProductType databaseProductType, + String cspaceDatabaseName) throws Exception { if (logger.isDebugEnabled()) { logger.debug("ServiceMain.createDefaultAccounts starting..."); } + String cspaceDbName = tenantBindingConfigReader.getRepositoryDomain(null).getStorageName(); Hashtable tenantInfo = getTenantNamesFromConfig(tenantBindingConfigReader); Connection conn = null; @@ -930,9 +934,7 @@ public class AuthorizationCommon { // and we're not touching that, so we could safely toss the // accounts, users, account-tenants, account-roles, and start over. try { - DatabaseProductType databaseProductType = JDBCTools.getDatabaseProductType(JDBCTools.CSPACE_DATASOURCE_NAME, - JDBCTools.DEFAULT_CSPACE_DATABASE_NAME); - conn = getConnection(); + conn = getConnection(cspaceDatabaseName); ArrayList existingTenants = compileExistingTenants(conn, tenantInfo); // Note that this only creates tenants not marked as "createDisabled" @@ -967,42 +969,19 @@ public class AuthorizationCommon { TENANT_MANAGER_USER, AuthN.TENANT_MANAGER_ACCT_ID, tenantManagerRoleCSID, ROLE_ALL_TENANTS_MANAGER); } - } catch (RuntimeException rte) { - if (logger.isDebugEnabled()) { - logger.debug("Exception in createDefaultAccounts: "+ - rte.getLocalizedMessage()); - logger.debug(rte.getStackTrace().toString()); - } - throw rte; - } catch (SQLException sqle) { - // SQLExceptions can be chained. We have at least one exception, so - // set up a loop to make sure we let the user know about all of them - // if there happens to be more than one. - if (logger.isDebugEnabled()) { - SQLException tempException = sqle; - while (null != tempException) { - logger.debug("SQL Exception: " + sqle.getLocalizedMessage()); - tempException = tempException.getNextException(); - } - logger.debug(sqle.getStackTrace().toString()); - } - throw new RuntimeException("SQL problem in createDefaultAccounts: ", sqle); } catch (Exception e) { - if (logger.isDebugEnabled()) { - logger.debug("Exception in createDefaultAccounts: "+ - e.getLocalizedMessage()); - } - } finally { - try { - if(conn!=null) - conn.close(); - } catch (SQLException sqle) { - if (logger.isDebugEnabled()) { - logger.debug("SQL Exception closing statement/connection: " - + sqle.getLocalizedMessage()); - } - } - } + logger.debug("Exception in createDefaultAccounts: " + e.getLocalizedMessage()); + throw e; + } finally { + try { + if (conn != null) + conn.close(); + } catch (SQLException sqle) { + if (logger.isDebugEnabled()) { + logger.debug("SQL Exception closing statement/connection: " + sqle.getLocalizedMessage()); + } + } + } } private static String getDefaultAdminRole(String tenantId) { diff --git a/services/common/src/main/java/org/collectionspace/services/common/storage/JDBCTools.java b/services/common/src/main/java/org/collectionspace/services/common/storage/JDBCTools.java index c9c6f89e4..5470435f7 100644 --- a/services/common/src/main/java/org/collectionspace/services/common/storage/JDBCTools.java +++ b/services/common/src/main/java/org/collectionspace/services/common/storage/JDBCTools.java @@ -17,9 +17,9 @@ */ package org.collectionspace.services.common.storage; +import org.collectionspace.services.common.ServiceMain; import org.collectionspace.services.common.api.Tools; import org.collectionspace.services.common.config.ConfigUtils; -import org.collectionspace.services.config.tenant.TenantBindingType; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -27,6 +27,7 @@ import javax.naming.Context; import javax.naming.InitialContext; import javax.naming.NamingException; import javax.sql.DataSource; + import java.sql.DatabaseMetaData; import java.sql.Connection; import java.sql.DriverManager; @@ -38,10 +39,13 @@ import java.sql.Statement; import java.util.ArrayList; import java.util.HashMap; import java.util.List; + import javax.sql.rowset.CachedRowSet; import javax.sql.rowset.RowSetFactory; import javax.sql.rowset.RowSetProvider; +import org.apache.tomcat.dbcp.dbcp.BasicDataSource; + /** * User: laramie * $LastChangedRevision: $ @@ -52,10 +56,10 @@ public class JDBCTools { public static String CSPACE_DATASOURCE_NAME = "CspaceDS"; public static String NUXEO_DATASOURCE_NAME = "NuxeoDS"; // Default database names - public static String DEFAULT_CSPACE_DATABASE_NAME = ConfigUtils.DEFAULT_CSPACE_DATABASE_NAME; +// public static String DEFAULT_CSPACE_DATABASE_NAME = ConfigUtils.DEFAULT_CSPACE_DATABASE_NAME; public static String DEFAULT_NUXEO_REPOSITORY_NAME = ConfigUtils.DEFAULT_NUXEO_REPOSITORY_NAME; public static String DEFAULT_NUXEO_DATABASE_NAME = ConfigUtils.DEFAULT_NUXEO_DATABASE_NAME; - public static String NUXEO_MANAGER_DATASOURCE_NAME = "NuxeoMgrDS"; + public static String CSADMIN_DATASOURCE_NAME = "CsadminDS"; public static String NUXEO_READER_DATASOURCE_NAME = "NuxeoReaderDS"; public static String NUXEO_USER_NAME = "nuxeo"; public static String SQL_WILDCARD = "%"; @@ -70,6 +74,11 @@ public class JDBCTools { private static final CharSequence URL_DATABASE_NAME = "${DatabaseName}"; private static String JDBC_URL_DATABASE_SEPARATOR = "\\/"; + // + // As a side-effect of calling JDBCTools.getDataSource(...), the DataSource instance will be + // cached in a static hash map of the JDBCTools class. This will speed up lookups as well as protect our + // code from JNDI lookup problems -for example, if the JNDI context gets stepped on or corrupted. + // public static DataSource getDataSource(String dataSourceName) throws NamingException { DataSource result = null; @@ -142,8 +151,7 @@ public class JDBCTools { */ Connection conn = null; synchronized (JDBCTools.class) { - org.apache.tomcat.dbcp.dbcp.BasicDataSource dataSource = - (org.apache.tomcat.dbcp.dbcp.BasicDataSource)getDataSource(dataSourceName); + BasicDataSource dataSource = (BasicDataSource)getDataSource(dataSourceName); // Get the template URL value from the JNDI datasource and substitute the databaseName String urlTemplate = dataSource.getUrl(); String databaseName = getDatabaseName(repositoryName); @@ -412,20 +420,31 @@ public class JDBCTools { return result; } - /* - * By convention, the repository name and database name are the same. However, this - * call encapulates that convention and allows overrides. - */ - public static String getDatabaseName(String repoName) { + public static String getDatabaseName(String repoName, String cspaceInstanceId) { String result = repoName; - if (result.equalsIgnoreCase(DEFAULT_NUXEO_REPOSITORY_NAME) == true) { + // + // Insert code here if you want to map the repo name to a database name -otherwise + // we'll assume they are the same thing. + // + if (repoName.equalsIgnoreCase(DEFAULT_NUXEO_REPOSITORY_NAME)) { result = DEFAULT_NUXEO_DATABASE_NAME; } + result = result + cspaceInstanceId; + return result; } + /* + * By convention, the repository name and database name are the same. However, this + * call encapulates that convention and allows overrides. + */ + public static String getDatabaseName(String repoName) { + String cspaceInstanceId = ServiceMain.getInstance().getCspaceInstanceId(); + return getDatabaseName(repoName, cspaceInstanceId); + } + /** * Returns the catalog/database name for an open JDBC connection. * diff --git a/services/common/src/main/resources/db/mysql/create_id_generators_table.sql b/services/common/src/main/resources/db/mysql/create_id_generators_table.sql deleted file mode 100644 index 2273e2f3e..000000000 --- a/services/common/src/main/resources/db/mysql/create_id_generators_table.sql +++ /dev/null @@ -1,44 +0,0 @@ -/* - * This document is a part of the source code and related artifacts - * for CollectionSpace, an open source collections management system - * for museums and related institutions: - * - * http://www.collectionspace.org - * http://wiki.collectionspace.org - * - * Copyright © 2009 Regents of the University of California - * - * Licensed under the Educational Community License (ECL), Version 2.0. - * You may not use this file except in compliance with this License. - * - * You may obtain a copy of the ECL 2.0 License at - * https://source.collectionspace.org/collection-space/LICENSE.txt - */ - -/* - * create_id_generators_table.sql - * - * Creates the "id_generators" table, used by the ID Service, - * and sets the access permissions of that table. - * - * $LastChangedRevision$ - * $LastChangedDate$ - */ - --- DROP TABLE IF EXISTS `id_generators`; - -CREATE TABLE IF NOT EXISTS `id_generators` ( - `csid` varchar(80) PRIMARY KEY, - `displayname` varchar(80), - `description` varchar(500), - `priority` smallint(1) DEFAULT 9 NOT NULL, - `id_generator_state` varchar(8000) NOT NULL, - `last_generated_id` varchar(255), - `modified` timestamp NOT NULL - default CURRENT_TIMESTAMP - on update CURRENT_TIMESTAMP, - INDEX `csid_index` (`csid`) -) ENGINE=InnoDB; - - -SHOW WARNINGS; diff --git a/services/common/src/main/resources/db/mysql/load_id_generators.sql b/services/common/src/main/resources/db/mysql/load_id_generators.sql deleted file mode 100644 index 0a7bc83fe..000000000 --- a/services/common/src/main/resources/db/mysql/load_id_generators.sql +++ /dev/null @@ -1,640 +0,0 @@ -/* - * This document is a part of the source code and related artifacts - * for CollectionSpace, an open source collections management system - * for museums and related institutions: - * - * http://www.collectionspace.org - * http://wiki.collectionspace.org - * - * Copyright © 2009 Regents of the University of California - * - * Licensed under the Educational Community License (ECL), Version 2.0. - * You may not use this file except in compliance with this License. - * - * You may obtain a copy of the ECL 2.0 License at - * https://source.collectionspace.org/collection-space/LICENSE.txt - */ - -/* - * load_id_generators_table.sql - * - * Loads a default set of data into the "id_generators" table, - * used by the ID Service. - * - * $LastChangedRevision$ - * $LastChangedDate$ - */ - -/* - * Note: in the priority column, values range from '1' (highest) - * to '9' (lowest). - */ - -/* - * NOTE: In the id_generator_state column, for numeric sequence parts - * whose first generated value should start at the initial value - * (such as '1'), enter '-1' for the - * - * Otherwise, the first generated value will be the next value - * in the sequence after the initial value (e.g. '2', if the - * initial value is '1'). - */ - --- ACCESSION_LOT_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('1a67470b-19b1-4ae3-88d4-2a0aa936270e', - 'Accession Activity Number', - 'Identifies accession activities, in which a lot of -one or more collection objects is acquired by the institution.', - '9', - '', -' - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- ACCESSION_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('9dd92952-c384-44dc-a736-95e435c1759c', - 'Accession Number', - 'Identifies individual collection objects formally -acquired by the institution. Used for collection objects -without parts.', - '9', - '', -' - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- ARCHIVES_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('70586d30-9dca-4a07-a3a2-1976fe898028', - 'Archives Number', - 'Identifies archives-related accession activities, -in which a lot of one or more collection objects is formally -acquired for the archives.', - '9', - '', -' - - - AR - AR - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- EVALUATION_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('d2d80822-25c7-4c7c-a105-fc40cdb0c50f', - 'Evaluation Number', - 'Identifies evaluation-related intake activities, -in which a lot of one or more collection objects is formally -acquired for evaluation.', - '9', - '', -' - - - EV - EV - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- INTAKE_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('8088cfa5-c743-4824-bb4d-fb11b12847f7', - 'Intake Number', - 'Identifies intake activities, in which a lot of one -or more collection objects enters the institution.', - '9', - '', -' - - - IN - IN - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- INTAKE_OBJECT_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('a91db555-5c53-4996-9918-6712351397a0', - 'Intake Object Number', - 'Identifies individual collection objects that enter -the institution through intake activities, before they are -either returned to their owner or formally acquired.', - '9', - '', -' - - - IN - IN - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- INVENTORY_NUMBER - -INSERT IGNORE INTO id_generators - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('6d472be6-2534-47f3-a3f1-3f160e7a9303', - 'Inventory Number', - 'Unambiguously identifies a location associated with an inventory event.', - '9', - '', -' - - - INV - INV - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- LIBRARY_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('80fedaf6-1647-4f30-9f53-a75a3cac2ffd', - 'Library Number', - 'Identifies library-related accession activities, -in which a lot of one or more collection objects is -formally acquired for the library.', - '9', - '', -' - - - LIB - LIB - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- LOANS_IN_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('ed87e7c6-0678-4f42-9d33-f671835586ef', - 'Loan In Number', - 'Identifies activities in which collection objects are -received on loan.', - '9', - '', -' - - - LI - LI - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- LOANS_OUT_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('4b984865-f93d-4481-b874-3dba863ec589', - 'Loan Out Number', - 'Identifies activities in which collection objects are -loaned out of the institution.', - '9', - '', -' - - - LO - LO - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- LOCATION_NUMBER - -INSERT IGNORE INTO id_generators - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('1fc5e383-0786-4126-9a3c-ec7df4517ee3', - 'Location Number', - 'Unambiguously identifies a general location, not associated with an -inventory or movement event.', - '9', - '', -' - - - LOC - LOC - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- MEDIA_RESOURCE_IDENTIFICATION_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('cd91d8b8-f346-4925-a425-93e02bd1c5c9', - 'Media Resource Identification Number', - 'Unambiguously identifies a media resource within a given context. -Recommended best practice is to identify the resource by means of a string -conforming to a formal identification system.', - '9', - '', -' - - - MR - MR - - - - - - . - . - - - 6 - 1 - -1 - - - . - . - - - 6 - 1 - -1 - - -'); - --- MOVEMENT_REFERENCE_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('49ca9d8d-7136-47ff-a70e-4a47b9038b70', - 'Movement Reference Number', - 'Identifies a movement of a collection object or a group of collection objects.', - '9', - '', -' - - - MV - MV - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- OBJECT_EXIT_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('d4eea707-d473-4367-853a-728fbcd9be17', - 'Object Exit Number', - 'Identifies an exit from the museum of collection objects, via -transfer or destruction, and the deaccessioning of those objects -from the museum\'s collections.', - '9', - '', -' - - - EX - EX - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- STUDY_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('0518132e-dd8c-4773-8fa9-07c9af4444ee', - 'Study Number', - 'Identifies study-related intake activities, -in which a lot of one or more collection objects is -formally acquired for study.', - '9', - '', -' - - - ST - ST - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- TRANSFER_OF_TITLE_NUMBER - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('c597a209-5954-4fa6-bf3f-f83c1a0ad586', - 'Transfer of Title Number', - 'Identifies the transfer of title for one or more collection objects -to a receiving institution.', - '9', - '', -' - - - TT - TT - - - - - - . - . - - - 6 - 1 - -1 - - -'); - --- UUID - -/* - * Note: these are Type 4 UUIDs, whose generation is based on - * random and pseudo-random parts. - */ - -INSERT IGNORE INTO `id_generators` - (csid, displayname, description, priority, last_generated_id, id_generator_state) - VALUES - ('1fa40353-05b8-4ae6-82a6-44a18b4f3c12', - 'UUID', - 'Universally unique identifiers (UUIDs), which may be -used for CollectionSpace IDs (CSIDs) and any other relevant -purposes.', - '9', - '', -' - - - - -'); - -SHOW WARNINGS; diff --git a/services/config/src/main/java/org/collectionspace/services/common/config/ConfigUtils.java b/services/config/src/main/java/org/collectionspace/services/common/config/ConfigUtils.java index 64fe13655..00f142a9a 100644 --- a/services/config/src/main/java/org/collectionspace/services/common/config/ConfigUtils.java +++ b/services/config/src/main/java/org/collectionspace/services/common/config/ConfigUtils.java @@ -12,7 +12,7 @@ public class ConfigUtils { final static Logger logger = LoggerFactory.getLogger(ConfigUtils.class); // Default database names - public static String DEFAULT_CSPACE_DATABASE_NAME = "cspace"; +// public static String DEFAULT_CSPACE_DATABASE_NAME = "cspace"; public static String DEFAULT_NUXEO_REPOSITORY_NAME = "default"; public static String DEFAULT_NUXEO_DATABASE_NAME = "nuxeo"; diff --git a/services/config/src/main/resources/service-config.xsd b/services/config/src/main/resources/service-config.xsd index cda398ffb..0f57a48c5 100644 --- a/services/config/src/main/resources/service-config.xsd +++ b/services/config/src/main/resources/service-config.xsd @@ -24,6 +24,10 @@ + + + + diff --git a/services/security/client/build.xml b/services/security/client/build.xml index 39e35812a..45a73990d 100644 --- a/services/security/client/build.xml +++ b/services/security/client/build.xml @@ -1,4 +1,3 @@ - collectionspace security service @@ -113,10 +112,10 @@ - + - - + + diff --git a/services/security/client/src/test/resources/hibernate.cfg.xml b/services/security/client/src/test/resources/hibernate.cfg.xml index 8296399cf..eb577d228 100644 --- a/services/security/client/src/test/resources/hibernate.cfg.xml +++ b/services/security/client/src/test/resources/hibernate.cfg.xml @@ -12,10 +12,10 @@ "http://hibernate.sourceforge.net/hibernate-configuration-3.0.dtd"> - @DB_URL@ + @DB_CSPACE_URL@ @DB_DRIVER_CLASS@ - @DB_USER@ - @DB_PASSWORD@ + @DB_CSPACE_USER@ + @DB_CSPACE_PASSWORD@ @DB_DIALECT@ org.hibernate.transaction.JDBCTransactionFactory thread diff --git a/src/main/resources/db/mysql/init_cspace_db.sql b/src/main/resources/db/mysql/init_cspace_db.sql deleted file mode 100644 index 7d4cb29d6..000000000 --- a/src/main/resources/db/mysql/init_cspace_db.sql +++ /dev/null @@ -1,24 +0,0 @@ --- --- delete all users --- --- DELETE FROM mysql.user WHERE NOT (host="localhost" and user="root"); --- FLUSH PRIVILEGES; - --- --- delete anonymous access --- -DELETE FROM mysql.user WHERE User = ''; -FLUSH PRIVILEGES; - --- --- recreate cspace database --- -DROP database IF EXISTS cspace; -CREATE database cspace DEFAULT CHARACTER SET utf8; - --- --- grant privileges to users on cspace database --- -GRANT ALL PRIVILEGES ON cspace.* TO '@DB_CSPACE_USER@'@'localhost' IDENTIFIED BY '@DB_CSPACE_PASSWORD@' WITH GRANT OPTION; -FLUSH PRIVILEGES; - diff --git a/src/main/resources/db/mysql/init_nuxeo_db.sql b/src/main/resources/db/mysql/init_nuxeo_db.sql deleted file mode 100644 index 9e36793c1..000000000 --- a/src/main/resources/db/mysql/init_nuxeo_db.sql +++ /dev/null @@ -1,29 +0,0 @@ --- --- recreate nuxeo database --- -DROP database IF EXISTS nuxeo; - --- All the rest of what is commented out below is now handled at startup --- by the services web-app - --- CREATE database nuxeo DEFAULT CHARACTER SET utf8; - - --- --- grant privileges to users on nuxeo database --- --- GRANT ALL PRIVILEGES ON nuxeo.* TO '@DB_NUXEO_USER@'@'localhost' IDENTIFIED BY '@DB_NUXEO_PASSWORD@' WITH GRANT OPTION; --- --- Grant privileges to read-only user on Nuxeo, for reporting. --- --- GRANT SELECT ON nuxeo.* TO 'reader'@'localhost' IDENTIFIED BY 'read'; --- --- Grant privileges to remote read-only users on Nuxeo, for reporting. --- These should be changed to reflect your domain. Avoid specifying --- 'reader'@'%' (while simple and flexible, this is a potential security hole). --- --- GRANT SELECT ON nuxeo.* TO 'reader'@'%.berkeley.edu' IDENTIFIED BY 'read'; --- GRANT SELECT ON nuxeo.* TO 'reader'@'%.movingimage.us' IDENTIFIED BY 'read'; - -FLUSH PRIVILEGES; - diff --git a/src/main/resources/db/postgresql/init_cspace_db.sql b/src/main/resources/db/postgresql/init_cspace_db.sql index 2bd020948..41df9d11b 100644 --- a/src/main/resources/db/postgresql/init_cspace_db.sql +++ b/src/main/resources/db/postgresql/init_cspace_db.sql @@ -1,11 +1,11 @@ -- drop all the objects before dropping roles -DROP database IF EXISTS cspace; +DROP database IF EXISTS @DB_CSPACE_NAME@; -DROP USER IF EXISTS cspace; +DROP USER IF EXISTS @DB_CSPACE_USER@; CREATE ROLE @DB_CSPACE_USER@ WITH PASSWORD '@DB_CSPACE_PASSWORD@' LOGIN; -- -- recreate cspace database -- -CREATE DATABASE cspace ENCODING 'UTF8' OWNER @DB_CSPACE_USER@; +CREATE DATABASE @DB_CSPACE_NAME@ ENCODING 'UTF8' OWNER @DB_CSPACE_USER@; diff --git a/src/main/resources/db/postgresql/init_nuxeo_db.sql b/src/main/resources/db/postgresql/init_nuxeo_db.sql index 7120ad23b..21eddbdbb 100644 --- a/src/main/resources/db/postgresql/init_nuxeo_db.sql +++ b/src/main/resources/db/postgresql/init_nuxeo_db.sql @@ -1,9 +1,9 @@ -- drop all the objects before dropping roles -DROP database IF EXISTS nuxeo; +DROP database IF EXISTS @DB_NUXEO_NAME@; DROP database IF EXISTS lifesci_domain; -DROP USER IF EXISTS nuxeo; -DROP USER IF EXISTS reader; +DROP USER IF EXISTS @DB_NUXEO_USER@; +DROP USER IF EXISTS @DB_READER_USER@; -- All the rest of what is commented out below is now handled at startup -- by the services web-app