Trying to figure out the best case if a Database exists in a RavenDb 4.0 server but using a Read/Write User certificate.

42 views
Skip to first unread message

Justin A

unread,
May 17, 2018, 8:39:34 AM5/17/18
to RavenDB - 2nd generation document database

Hi :)

Ok, i'm just getting my head around all this new crt/pfx certificate stuff. Up until a week or 2 ago, I've been experimenting with RavenDB but with no security (option 3 in the start up wizard).

Now, I'm trying to connect using a custom made "User" Read/Write certificate which I did in the RavenDb Studio.

Now here's the kicker.

pseduo code, aspnet-core on startup...

Under ConfigureServices...
1. Create a new documentstore using my User pfx read/write cert. 
2. Stick this doc-store in the stock IoC container.

Under Configure (where u do all the UseThis, UseThat, etc...
3. inject the document store into the Configure method (tick!)
4. check if the database "MyDatabase" exists in this RavenDb server.
5. if it doesn't, then create it and seed some fake data (if i have permission) else throw an exception and stop.

Now .. this is the kicked -> step #4.

logger.LogInformation("RavenDb check -> database exist and if any data exists...");
var existingDatabase = documentStore.Maintenance.Server.Send(new GetDatabaseRecordOperation(databaseName));

This fails because I don't have permission. Or more to the point, the current document store (using that "User" Read/Write pfx) doesn't have permission.

So I can use the "Cluster admin" pfx here, which i sorta don't want to -- i'm trying to limit the scope of my security/exposure.

Or ... can I still use the "User" read/write pfx but ... do something else?

If the database doesn't exist in this server, i know I'l need admin rights to create it, so i'm HAPPY to just throw an exception and call it a day if the pfx in use doesn't have those rights. But I still would like this check, though.

So, is there any other options I should do/try?

Cheers!

Oren Eini (Ayende Rahien)

unread,
May 20, 2018, 6:19:04 AM5/20/18
to ravendb
Just do a stats check on the db in question. 

    store.Maintenance.Send(new GetStatisticsOperation());

If the DB exists, you'll get the result.
If not, it will fail, as you want t to



Hibernating Rhinos Ltd  

Oren Eini l CEO Mobile: + 972-52-548-6969

Office: +972-4-622-7811 l Fax: +972-153-4-622-7811

 


--
You received this message because you are subscribed to the Google Groups "RavenDB - 2nd generation document database" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ravendb+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Justin A

unread,
May 21, 2018, 7:13:17 AM5/21/18
to RavenDB - 2nd generation document database
Thanks Oren :)

/me gives it a go ...

Sweet! Works. For those google-searching for an answer, this is what I ended up doing...

logger.LogInformation("RavenDb checks -> database exist and if any data exists...");

DatabaseStatistics existingDatabaseStatistics;
try
{
    existingDatabaseStatistics = documentStore.Maintenance.Send(new GetStatisticsOperation());
}
catch (DatabaseDoesNotExistException)
{
    existingDatabaseStatistics = null;
}

if (existingDatabaseStatistics == null ||
    existingDatabaseStatistics.CountOfDocuments == 0)
    if (env.IsProduction())
    {
        // We shouldn't continue if the Db doesn't exist. Die early, instead of later.
        throw new Exception(
                $" - Database '{databaseName}' doesn't exist when it should. Please manually create this database and restart the application.");
    }
    else
    {
        // ** Not Production (Staging or Localhost, etc) **

        // Create the db if it doesn't exist.
        // This will mainly occur for in memory localhost development.
        logger.LogDebug(" - ** No database tenant found so creating a new database.");
        var databaseRecord = new DatabaseRecord(databaseName);
        var createDbOperation = new CreateDatabaseOperation(databaseRecord);
        documentStore.Maintenance.Server.Send(createDbOperation);

        // Now we create and store fake data.
        logger.LogDebug(" - Seeding fake data ....");
        SeedFakeData(documentStore);
    }
}
else
{
    logger.LogDebug(" - Database exists: no need to create one and seed data.");
}

So if the database doesn't exist (like Oren said) then we catch that exception and either:-
1. create a new DB (if localhost, etc) cause we have permission etc
or
2. it's live and we prolly don't have permission (or shouldn't) so we'll throw an exception now with a helpful message. Sure, the try/catch can be refactored to include an env.IsProduction() check and rethrow (aka. what would YOU do (dear reader) if this was one of HR's coding tests...)

-me-
Reply all
Reply to author
Forward
0 new messages