Rails - mongodb - new root user - ruby-on-rails

I'd like to create new root user in mongodb who has access to any database, any collection and perform all actions as root.
Below is my mongoid.yml file
development:
clients:
default:
database: mydb_development
hosts:
- localhost:27017
options:
user: rootuser
password: 12345
options:
raise_not_found_error: false
I read the documentation and I've created new rootuser
use admin
db.createUser({user: 'rootuser', pwd: '12345', roles: ['root']});
It created the user successfully but with access to admin database only instead of to any database.
Mongo::Auth::Unauthorized (User rootuser is not authorized to access mydb_development.):
On the other hand when I'd like to add new root user being in mydb_developmentmyrootuser
use mydb_development
db.createUser({user: 'rootuser', pwd: '12345', roles: ['root']});
I can't create new user and I get error:
Error: couldn't add user: No role named root#mydb_development :
So the question is : How to add new user with root privileges and be able to use it through mongoid.yml ?
MongoDB shell version: 3.2.10

You probably solved this by using the dbOwner role instead of root. The root role can only be used when you are on the admin db.
use admin;
db.createUser({user: 'rootuser', pwd: '12345', roles: ['root']});

Related

Rails 4: CASino integration to several folder in AD using LDAP

I successfully connect the CASino gems to Active Directory by using LDAP. But the problem is, I need to gather the data in AD that located in several folders. How can I do this?
In my cas.yml code I write like this
development:
<<: *defaults
frontend:
sso_name: AUTHENTICATION CENTER
authenticators:
my_company_ldap:
authenticator: LDAP
options:
host: LDAP_HOST
port: 389
base: OU=Users,OU=UserFolder1,OU=Root,DC=company,DC=com
username_attribute: sAMAccountName
encryption: false
admin_user: ADMIN
admin_password: admin
extra_attributes:
email: mail
fullname: displayname
How I can connect to several folders in AD? I tried to write another base: inside it but it only read the newest base, I also tried to customized the value of cas.yml inside the controller, but I need to restart the server to apply the changes. Can I make the base: to read several folders not only UserFolder1?
I found it by myself.
The answer simply just adding a new configuration below that. That makes the config to access several folders in AD.
Here's the example of the implementations
development:
<<: *defaults
frontend:
sso_name: AUTHENTICATION CENTER
authenticators:
my_company_ldap1:
authenticator: LDAP
options:
host: LDAP_HOST
port: 389
base: OU=Users,OU=UserFolder1,OU=Root,DC=company,DC=com
username_attribute: sAMAccountName
encryption: false
admin_user: ADMIN
admin_password: admin
extra_attributes:
email: mail
fullname: displayname
my_company_ldap2:
authenticator: LDAP
options:
host: LDAP_HOST
port: 389
base: OU=Users,OU=UserFolder2,OU=Root,DC=company,DC=com
username_attribute: sAMAccountName
encryption: false
admin_user: ADMIN
admin_password: admin
extra_attributes:
email: mail
fullname: displayname

Postgresql won't accept password

I just created a new app and installed the 'pg' gem, created a psql user and database, and created a database.yml file. However, the server won't accept my password, even though it's the correct one.
Here are the commands I ran to create my user and database:
Project$ sudo -i -u postgres
postgres#user-F243:~$ psql
postgres=# CREATE USER Project WITH PASSWORD 'Project' CREATEDB;
postgres=# CREATE DATABASE Project OWNER Project;
which all went through with no errors. Then I created the following database.yml file:
development:
adapter: postgresql
database: Project
username: Project
password: Project
host: localhost
pool: 5
timeout: 5000
test:
adapter: postgresql
database: Project
username: Project
pool: 5
timeout: 5000
production:
adapter: postgresql
database: Project
username: Project
pool: 5
timeout: 5000
But when I start my rails server and try to load a page, I get this error:
PG::ConnectionBad
FATAL: password authentication failed for user "Project" FATAL: password authentication failed for user "Project"
Extracted source (around line #56):
#54 ### Convenience alias for PG::Connection.new.
#55 def self::connect( *args )
#56 return PG::Connection.new( *args ) #line 56
#57 end
I have tried multiple different passwords and user/database names, and I tried making the user a superuser, but I always get the same result. I've done all this a million times and it's always worked. What's going on??
postgres=# CREATE USER Project WITH PASSWORD 'Project' CREATEDB;
This code creates user 'project' instead of 'Project'. If you really want to use uppercase in user names, you have to double quote them:
postgres=# CREATE USER "Project" WITH PASSWORD 'Project' CREATEDB;
The same goes with table and column names - both creating and querying them.
Try removing host: localhost from the development: group. I've had similar problems in the past and this fixed them for me.

Mongoid Authentication issue in Ruby on rails

I am creating an application using ruby and mongoid. But when I try to create or find a document in any collection using mongoid, i am getting this error
Mongo::Error::OperationFailure (not authorized on employee_production to execute command { find: "devices", filter: { token: null } } (13))
I have enabled authentication in /etc/mongod.conf and added username and password to mongoid.yml to authenticate mongodb connection.
development:
clients:
default:
database: employee
hosts:
- localhost:27017
options:
user: 'grapewine'
password: '#)90GTWqks*'
roles:
- 'dbOwner'
auth_mech: :scram
auth_source: admin
connect: :direct

Error connecting external DB to Rails 4 App

I am attempting to add a Postgresql Redshift Database to my Rails 4 app, for use locally and in production. I am testing in Development first.
I have altered my database.yml file to look like this:
development:
adapter: postgresql
encoding: unicode
database: new_db
pool: 5
username: test
password: password
host: test_db.us-east-1.redshift.amazonaws.com
port: 5439
Now, when I hit localhost:3000 I get this error:
permission denied to set parameter "client_min_messages" to "warning"
: SET client_min_messages TO 'warning'
I can't seem to find out what is causing this - It seems like maybe my new DB isn't allow the SET command? I'm not really sure, but any help is appreciated.
Just answered this somewhere else, but I had the same issues today, here's what I did and it's working now:
#app/models/data_warehouse.rb
class DataWarehouse < ActiveRecord::Base
establish_connection "redshift_staging"
#or, if you want to have a db per environment
#establish_connection "redshift_#{Rails.env}"
end
Note that we are connecting on 5439, not the default 5432 so I specify the port
Also, I specify a schema, beta, which is what we use for our unstable aggregates, you could either have a different db per environment as mentioned above, or use various schemas and include them in the search path for ActiveRecord
#config/database.yml
redshift_staging:
adapter: postgresql
encoding: utf8
database: db03
port: 5439
pool: 5
schema_search_path: 'beta'
username: admin
password: supersecretpassword
host: db03.myremotehost.us #your remote host here, might be an aws url from Redshift admin console
###OPTION 2, a direct PG Connection
class DataWarehouse < ActiveRecord::Base
attr_accessor :conn
def initialize
#conn = PG.connect(
database: 'db03',
port: 5439,
pool: 5,
schema_search_path: 'beta',
username: 'admin',
password: 'supersecretpassword',
host: 'db03.myremotehost.us'
)
end
end
[DEV] main:0> redshift = DataWarehouse
E, [2014-07-17T11:09:17.758957 #44535] ERROR -- : PG::InsufficientPrivilege: ERROR: permission denied to set parameter "client_min_messages" to "notice" : SET client_min_messages TO 'notice'
(pry) output error: #<ActiveRecord::StatementInvalid: PG::InsufficientPrivilege: ERROR: permission denied to set parameter "client_min_messages" to "notice" : SET client_min_messages TO 'notice'>
UPDATE:
I ended up going with option 1, but using this adapter for now for multiple reasons:
https://github.com/fiksu/activerecord-redshift-adapter
Reason 1: ActiveRecord postgresql adapter sets client_min_messages
Reason 2: adapter also attempts to set Time Zone, which redshift doesn't allow (http://docs.aws.amazon.com/redshift/latest/dg/c_redshift-and-postgres-sql.html)
Reason 3: Even if you change the code in ActiveRecord for the first two errors, you run into additional errors that complain that Redshift is using Postgresql 8.0, at that point I moved on to the adapter, will revisit and update if I find something better later.
I renamed my table to base_aggregate_redshift_tests (notice plural) so ActiveRecord was easily able to connect, if you can't change your table names in redshift use the set_table method I have commented out below
#Gemfile:
gem 'activerecord4-redshift-adapter', github: 'aamine/activerecord4-redshift-adapter'
Option 1
#config/database.yml
redshift_staging:
adapter: redshift
encoding: utf8
database: db03
port: 5439
pool: 5
username: admin
password: supersecretpassword
host: db03.myremotehost.us
timeout: 5000
#app/models/base_aggregates_redshift_test.rb
#Model named to match my tables in Redshift, if you want you can set_table like I have commented out below
class BaseAggregatesRedshiftTest < ActiveRecord::Base
establish_connection "redshift_staging"
self.table_name = "beta.base_aggregates_v2"
end
in console using self.table_name -- notice it queries the right table, so you can name your models whatever you want
[DEV] main:0> redshift = BaseAggregatesRedshiftTest.first
D, [2014-07-17T15:31:58.678103 #43776] DEBUG -- : BaseAggregatesRedshiftTest Load (45.6ms) SELECT "beta"."base_aggregates_v2".* FROM "beta"."base_aggregates_v2" LIMIT 1
Option 2
#app/models/base_aggregates_redshift_test.rb
class BaseAggregatesRedshiftTest < ActiveRecord::Base
set_table "beta.base_aggregates_v2"
ActiveRecord::Base.establish_connection(
adapter: 'redshift',
encoding: 'utf8',
database: 'staging',
port: '5439',
pool: '5',
username: 'admin',
password: 'supersecretpassword',
search_schema: 'beta',
host: 'db03.myremotehost.us',
timeout: '5000'
)
end
#in console, abbreviated example of first record, now it's using the new name for my redshift table, just assuming I've got the record at base_aggregates_redshift_tests because I didn't set the table_name
[DEV] main:0> redshift = BaseAggregatesRedshiftTest.first
D, [2014-07-17T15:09:39.388918 #11537] DEBUG -- : BaseAggregatesRedshiftTest Load (45.3ms) SELECT "base_aggregates_redshift_tests".* FROM "base_aggregates_redshift_tests" LIMIT 1
#<BaseAggregatesRedshiftTest:0x007fd8c4a12580> {
:truncated_month => Thu, 31 Jan 2013 19:00:00 EST -05:00,
:dma => "Cityville",
:group_id => 9712338,
:dma_id => 9999
}
Good luck!
What's your postgresql version? or middle ware version? it's not a original postgresql version?
you can use \set VERBOSITY verbose
and then do it again, find which function#code raise the error.
and then analyze why you cann't set client_min_messages.
I use postgresql 9.3.3 no this problem.
super and normal user can set client_min_messages correct.
digoal=# \c digoal digoal
You are now connected to database "digoal" as user "digoal".
digoal=> set client_min_messages=debug;
SET
digoal=> set client_min_messages=warning;
SET
digoal=> SET client_min_messages TO 'warning';
SET
digoal=> \c postgres digoal
You are now connected to database "postgres" as user "digoal".
postgres=> SET client_min_messages TO 'warning';
SET
I was able to solve the issue by opening up the postgresql adapter for Activerecord and commenting out all of the SET commands.
However, this is not a best practice at all. At the end of editing the postgresql adapter I was faced with errors due to an outdated postgres version (80002).
The right answer is just updating postgres, which unfortunately isn't possible amongst my shared Redshift DB that lives at Amazon.

Unable to perform queries on mongodb started with --auth switch in rails 3 with mongoid.

Simplified case:
I create a new rails 3.2 project, without active record. I add mongoid 3.0.0.rc to the Gemfile and then rails g mongoid:config. I edit my mongoid.yml to look like the one I have posted below (except that hosts is now set to localhost:27068).
I have added an admin user to mongodb:
$ mongo localhost/admin
> db.addUser(myadmin,adminpass)
Also I have added a regular user to my database:
use mydb
> db.addUser(myuser, mypassword)
I confirm that I can connect to my database:
$ mongo localhost/mydb -u myuser -pmypassword
MongoDB shell version: 2.0.4
connecting to: localhost/mydb
> _
After that, I start mongod with --auth switch to force authentication:
$ mongod --auth --dbpath /my/db/path
Now that everything seems to be OK, I create some random scaffold like:
$ rails g scaffold User name email
and try to run the project in the browser: localhost:3000/users. BOOM! I'm hit with the error message posted below.
Is this a bug in mongoid? Or am I missing something?
Original Question
I'm unable to do anything on my MongoHQ hosted database in a Rails 3.2 project with mongoid 3 rc. A simple query for login action gives me something like this error message:
The operation: #<Moped::Protocol::Query
#length=83
#request_id=3
#response_to=0
#op_code=2004
#flags=[]
#full_collection_name="mydb.users"
#skip=0
#limit=-1
#selector={"name"=>"Abbas"}
#fields=nil>
failed with error 10057: "unauthorized db:mydb lock type:-1 client [some ip]"
Here's what my mongoid.yml looks like:
development:
sessions:
default:
database: mydb
user: myuser
password: mypassword
hosts:
- flame.mongohq.com:27068
options:
consistency: :strong
options:
include_type_for_serialization: true
So I'm doing it the wrong way. The db user is not marked as "Read-only" in MongoHQ panel. And I'm NOT deploying to Heroku; just testing on my localhost.
Any help is appreciated.

Resources