[gold-users] Re: column "g_admin" does not exist

Scott Jackson scott at clusterresources.com
Tue Nov 21 09:52:46 MST 2006


It's great to hear that Alessandro. I'm sorry for all the trouble. I had
thought the Proxy.pm attachment I sent you in September had fixed the
issue.

Let me know if you run into any other problems.

Scott

On Tue, 2006-11-21 at 10:49 +0100, Alessandro Federico wrote:
> Scott,
> 
> thank you very much, it's ok with the new version.
> 
> Regards,
> Ale
> 
> Scott Jackson wrote:
> > Ale,
> > 
> > Would you mind trying the version I just pointed you at? I tried this on
> > 2.1.0.1 and it worked.
> > 
> > [gold at kahuna ~]$ goldsh RoleUser Query Role==ProjectAdmin
> > Role         Name
> > ------------ ----
> > ProjectAdmin ANY
> > 
> > [gold at kahuna gold]$ goldsh RoleAction Query Role==ProjectAdmin
> > Role         Object      Name Instance
> > ------------ ----------- ---- --------
> > ProjectAdmin Project     ANY  ADMIN
> > ProjectAdmin ProjectUser ANY  ADMIN
> > 
> > [gold at kahuna gold]$ goldsh ProjectUser Query Admin==True
> > Project   Name    Active Admin
> > --------- ------- ------ -----
> > chemistry scottmo True   True
> > 
> > [scottmo at kahuna gold]$ gchproject -d blablabla1 chemistry
> > Successfully modified 1 Projects
> > 
> > [jacksond at kahuna ~]$ gchproject -d blablabla2 chemistry
> > jacksond is not authorized to perform this function (Project Modify)
> > 
> > Thanks,
> > 
> > Scott
> > 
> > On Mon, 2006-11-20 at 18:07 +0100, Alessandro Federico wrote:
> >> Scott,
> >>
> >> with gold 2.1.0 I have tried the patches you descibed below
> >> but the problem still remain...
> >>
> >> Regards,
> >> Ale
> >>
> >> Scott Jackson wrote:
> >>> Alessandro,
> >>>
> >>> This is due to a bug in Cache.pm in the associationLookup routine.
> >>>
> >>> Here is the relevant diff:
> >>>
> >>> 525c527
> >>> <       return $objectNode->getAttribute("Name");
> >>> ---
> >>>>       return $objectNode->nodeName();
> >>> Let me know if this does not work for you.
> >>>
> >>> After making this change, you will find that the admin still cannot
> >>> successfully use an admin role to add users to his project.
> >>>
> >>> This has been correct by a fix to Proxy.pm in the authorize routine. I
> >>> think your best bet is to use the attached file, but I will include the
> >>> diff if you want to do it manually.
> >>>
> >>> 1104,1121c1104,1105
> >>> <           # This is an association
> >>> <           if ($association)
> >>> <           {
> >>> <             # Check if there is a ${parent}User assoc for which $actor
> >>> is member
> >>> <             my  $membership = Gold::Cache->associationLookup($parent,
> >>> "User");<     $log->debug("Membership = $membership");
> >>> <
> >>> <             if (defined $membership)
> >>> <             {
> >>> <               my $results = $self->{_database}->select(object =>
> >>> $membership, selections => [ new Gold::Selection(name => "Admin") ],
> >>> conditions => [ new Gold::Condition(name => $parent, value =>
> >>> $instanceCond), new Gold::Condition(name => "Name", value => $actor) ],
> >>> chunkNum => 0);
> >>> <               if (defined ${$results->{data}}[0]->[0] &&
> >>> ${$results->{data}}[0]->[0] eq "True")
> >>> <               {
> >>> <                 next OBJECT;
> >>> <               }
> >>> <             }
> >>> <           }
> >>> <           # This is not an association
> >>> <           else
> >>> ---
> >>>>           my $membership = Gold::Cache->associationLookup($name,
> >>> "User");
> >>>>           if (defined $membership)
> >>> 1123,1125c1107,1108
> >>> <             # Check if there is a ${name}User assoc for which $actor
> >>> is member<             my $membership =
> >>> Gold::Cache->associationLookup($name, "User");
> >>> <             if (defined $membership)
> >>> ---
> >>>>             my $results = $self->{_database}->select(object =>
> >>> $membership, selections => [ new Gold::Selection(name => "Admin") ],
> >>> conditions => [ new Gold::Condition(name => $name, value =>
> >>> $instanceCond), new Gold::Condition(name => "Name", value => $actor) ],
> >>> chunkNum => 0);
> >>>>             if (defined ${$results->{data}}[0]->[0] &&
> >>> ${$results->{data}}[0]->[0] eq "True")
> >>> 1127,1131c1110
> >>> <               my $results = $self->{_database}->select(object =>
> >>> $membership, selections => [ new Gold::Selection(name => "Admin") ],
> >>> conditions => [ new Gold::Condition(name => $name, value =>
> >>> $instanceCond), new Gold::Condition(name => "Name", value => $actor) ],
> >>> chunkNum => 0);
> >>> <               if (defined ${$results->{data}}[0]->[0] &&
> >>> ${$results->{data}}[0]->[0] eq "True")
> >>> <               {
> >>> <                 next OBJECT;
> >>> <               }
> >>> ---
> >>>>               next OBJECT;
> >>> That should get it to work for the use case cited above with the proper
> >>> Role, RoleUser and RoleAction lines in place. As you have noticed, the
> >>> ADMIN Role Instance type has not been exercized much and is not well
> >>> developed, however, I think it is likely that between the two of us, we
> >>> can get it working for some simple cases like allowing project admins to
> >>> add and delete users, etc (Hopefully these two changes will enable that
> >>> much).
> >>>
> >>> I'm sorry about your problems and I apologize for losing track of your
> >>> email. I happened to find it in a search on bounced emails. If you are
> >>> inclined to do so, please subscribe to the gold-users mailing list so
> >>> your posts don't get bounced.
> >>> http://www.supercluster.org/mailman/subscribe/gold-users
> >>>
> >>> I hope this helps. Email me directly if you want to continue with this
> >>> problem if any issues arise.
> >>>
> >>> Thanks,
> >>>
> >>> Scott
> >>>
> >>>
> >>> p.s. I can also generate you an updated gold tarball if you would rather
> >>> just do a full upgrade.
> >>>
> >>> On Tue, 2006-05-30 at 18:27 +0200, Alessandro Federico wrote:
> >>>> hi!
> >>>>
> >>>> with gold-2.0.0.7 i have the following configuration:
> >>>>
> >>>> gold at cmslab03:~> goldsh RoleUser Query Role==ProjectAdmin
> >>>> Role         Name
> >>>> ------------ --------
> >>>> ProjectAdmin afederic
> >>>>
> >>>> gold at cmslab03:~> goldsh ProjectUser Query Admin==True
> >>>> Project Name     Active Admin
> >>>> ------- -------- ------ -----
> >>>> biology afederic True   True
> >>>>
> >>>> when I try to make a change to the biology project
> >>>> as user afederic, i get the folowing error:
> >>>>
> >>>> [afederic at cmslab03 ~]# gchproject -d blablabla biology
> >>>> DBD::Pg::st execute failed: ERROR:  column "g_admin" does not exist
> >>>>
> >>>> Looking at the server log file I have found that the wrong
> >>>> query is:
> >>>>
> >>>> SELECT g_admin FROM g_object WHERE ( g_project='biology' AND
> >>>> g_name='afederic' ) AND g_deleted!='True';
> >>>>
> >>>> For some mistake this SELECT is done on the g_object table
> >>>> instead of the g_project_user table.
> >>>>
> >>>> Does anybody know how to correct this bug?
> >>>>
> >>>> thanks
> >>>>
> >>>> ale
> >>>>
> > 
> 



More information about the gold-users mailing list