dhimmel
commented
5 years ago For the postgres database, currently hosted on my Penn computer, I changed the password for the dj_hetmech admin user from not_secure to something secure.
I created a new read_only_user with:
# https://stackoverflow.com/a/762649/4651668
create user read_only_user with encrypted password 'placeholder_password';
GRANT CONNECT ON DATABASE dj_hetmech TO read_only_user;
GRANT USAGE ON SCHEMA public TO read_only_user;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO read_only_user;You can login with (if you know the password):
psql --dbname=dj_hetmech --host=phr-greene-007.med.upenn.edu --username=read_only_user --port=5432Here are the current roles (via \du):
List of roles
Role name | Attributes | Member of
----------------+------------------------------------------------------------+-----------
dj_hetmech | Superuser, Create role, Create DB, Replication, Bypass RLS | {}
read_only_user | | {}
Previously, we had an insecure public login because we were only allowing local connections. Now since @ben-heil will start rotating, I wanted him to have read-only access for https://github.com/greenelab/hetmech/issues/150.