mgpld

mgpld

How can I configure ecto to use an unprivileged user to connect to postgresql ?

According to page https://hexdocs.pm/ecto/getting-started.html:

NOTE: Your PostgreSQL database may be setup to

  • not require a username and password. If the above configuration doesn’t work, try removing the username and password fields, or setting them both to “postgres”.
  • be running on a non-standard port. The default port is 5432. You can specify your specific port by adding it to the config: e.g. port: 15432.

From my understanding of this part of the documentation, it seems impossible to have an user without ‘create db, create role, superuser’ privileges.

Coming from a security background, I’m confused, from my pov, it’s a huge problem, a simple user must never be able to create or drop database, or even create roles…

What are the best practices regarding database users definitions in phoenix/ecto ?

I do understand that ‘ecto.create’ needs the right to create database, but I do not understand where can I configure another role with no special privileges that will insert or update content in the database…

Is it possible ?

Do I need to put an account in config/config.ex with full privileges and an other in config/prod.ex and config/dev.ex ?

Thanks for your help :slight_smile:

Most Liked

derek-zhou

derek-zhou

In a development environment, i would be hugely inconvenient to be without ‘create db’ privilege. This is what the getting started guide covers. In a production environment, you are not going to run mix ecto.create so you don’t need it.

sbuttgereit

sbuttgereit

The short answer is: yes it’s possible. The little longer answer is that it’s possible but you’re going to get away from what the majority of tutorial level information is available and have to have some understanding of the toolkit.

I’m going to try to give some pointers to get you going in the right direction. Unfortunately, it’s going to be limited as I’m pretty ill right now and don’t have the stamina to get as in-depth as I should; but I don’t want to leave this question waiting for too long either.

First, you could set up multiple repositories: one for privileged access such as running migrations and the like, and another for regular unprivileged access used by the application. This can be done with multiple repo modules/configs such as:

defmodule PrivilgedRepo do
  use Ecto.Repo,
    otp_app: :my_app,
    adapter: Ecto.Adapters.Postgres
end
defmodule AppRepo do
  use Ecto.Repo,
    otp_app: :my_app,
    adapter: Ecto.Adapters.Postgres
end

And a config/*.ex something like:

config :my_app, PrivilegedRepo,
  database: "ecto_simple",
  username: "owner",
  password: "owner",
  hostname: "localhost"

config :my_app, AppRepo,
  database: "ecto_simple",
  username: "application",
  password: "application",
  hostname: "localhost"

And then use the appropriate repository in the appropriate context.

In my application, the application does something similar except that I don’t use config/*.ex for anything Ecto related. I have a privileged database role (CREATEDB as well as group member with admin option for some special groups, but can only create new roles using special SECURITY DEFINER database functions which create specific low privilege roles I need to create at runtime). Then I have (very) low privileged roles with which the Elixir application/Ecto connects for business logic interactions.

In the cases above, I’m starting the Ecto Repos in my code more explicitly by calling Ecto.Repo.start_link/1 (Ecto.Repo — Ecto v3.14.0). The privileged role is transient (generic sense) in that I start my Privileged Repo just before using it and shut it down as soon as whatever task I was using it for is finished. Other low privileged roles are continuously connected, but even then I’m starting them up manually using Ecto.Repo.start_link/1, in part because at compile time I don’t know what low privileged connections are actually going to exist.

I’d suggest reading the Ecto Dynamic Repositories documentation even if you aren’t needing to use dynamic repos… the knowledge for getting dynamic repos running is very helpful in getting a handle on the moving parts of how Ecto connects to repos and can provide insights into the problem you’re describing (Replicas and dynamic repositories — Ecto v3.14.0).

Anyway, hope this helps a bit.

Where Next?

Popular in Questions Top

chokchit
** (DBConnection.ConnectionError) connection not available and request was dropped from queue after 2733ms. You can configure how long re...
New
lastday4you
I wanted to check elixir version in phoenix because i found that my elixir is 1.5 but when i use Enum.chunk_by it said the function is un...
New
marius95
Hello everyone, I try to use an Javascript Event Handler in my root.html.leex file. Therefore I created a function in the app.js file: ...
New
qwerescape
Is there a way to get the call stack or stack trace at any point in the code? Not from exceptions, but an expression that returns how the...
New
myronmarston
The Elixir Typespec docs show the following syntax for keyword lists in typespecs: # ... | [key: type] # keyword lists...
New
jononomo
I am trying to figure out how Mix knows whether the environment is test, dev, or prod – where is this set? Thanks.
New
joeerl
Hello again - after a longish gap I’ve decided I really must dig into Elixir and see what’s been happening here - so I have a few questio...
New
vonH
When I run the Plug and I recompile I wind up having to use Ctrl C to quit iex and start again. Witht the help of rlwrap I can use the cu...
New
srinivasu
How to handle excepions in elixir? Suppose i have A, B, C ,D, E modules. and each module has get() function. A.get() method will call t...
New
vegabook
I’m brand new to Phoenix and I have stripped one of the demo applications to the bone. I just want to get an svg up on the screen. Here i...
New

Other popular topics Top

sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
greenz1
I have a phoenix application from which a user can download multiple(5-6) files of size 1MB. I couldn’t find anything related to sending ...
New
stefanchrobot
What’s the safe way to decode a JSON string into a struct? I want to avoid calling String.to_atom. Jason.decode can give me a map with st...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
nsuchy
Hi. I’ve noticed that Windows Powershell has it’s own IEX command and you cannot access Elixir’s IEX due to the conflict. This isn’t a cr...
New
JakeBecker
TL;DR: I’ve just released an implementation of Microsoft’s IDE-independent Language Server Protocol for Elixir. It adds language support ...
1144 54120 245
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement