[Netarchivesuite-devel] Programmatical updates to the data model

Nicolas Giraud nikokode at gmail.com
Wed Mar 23 10:31:53 CET 2011


Hi,

I would like to get your opinion about the programmatic updates to the data
model tables performed within NAS code (DBUtils#updateTable method called
from DAO classes).

My own opinion is that it is not a good design to have this code embedded in
the applicative code, for security reasons. It turns out that in most
organizations, database administrators are in charge of production databases
and are very stringent about security. For that reason, an applicative user
will never be granted privileges to alter a table or a schema, or create a
table. These operations are generally performed by DBAs themselves, using
administrative accounts with extended privileges. This is the case here at
BnF, and was also the case in most of my previous assignments.

We are currently putting 3.15 in production, and there have been changes to
the datamodel. So rolling out this changes in production is painful, because
the programmatic update code fails (the applicative DB user is not allowed
to alter the DB schema), so I need everytime to manually create a script and
forward it to the DBAs, who are not very happy with this "non-standard"
course of events. So to be pretty honest, datamodel updates are currently a
chore to roll out in production!

I believe that many potential users of NetArchive Suite might have the same
type of organization and also experience these difficulties. So in my
opinion, should we keep a programmatic approach to maintaining the data
model (which is all right in itself), it should be made as a separate
application, so that DBAs might be able to use these tool themselves, or at
least identify a special account with the proper privileges.

What is your opinion about this matter ?

Best regards,

-- 
Nicolas Giraud
---------------------------------------------------------------------------------------------
Développeur Archives du Web - Bibliothèque Nationale de France
Web Archiving Developper - National Library of France
---------------------------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.sbforge.org/pipermail/netarchivesuite-devel/attachments/20110323/8d8fef69/attachment-0002.html>


More information about the Netarchivesuite-devel mailing list