modify code to not require postgres user to be superuser

allan-simon / sentence-aligner-rust

rest service + frontend to align sentences , in rust

13 stars 1 forks source link

modify code to not require postgres user to be superuser #31

Open allan-simon opened 6 years ago

allan-simon commented 6 years ago

currently due to the fact we create the extension uuid, we need to grant the db user, superuser privilege, which is not optimal in term of security

need to check if we can avoid this with a "create extension if not exist"

jean553 commented 6 years ago

Hmmm... not sure I get it. I think you're talking about the final environment (not the dev vagrant one). So I guess this line connection.execute("CREATE EXTENSION IF NOT EXISTS \"uuid-ossp\"", &[]).unwrap(); throws an error during the execution. Right ?

allan-simon commented 6 years ago

you're right.

In vagrant's one it works because our dev environment actually does not reflect a real environment (which is bad) , in which you will not grant superuser privilege to the db user used by the application code.