2

I have a django project that uses a postgres db with a number of UDFs. The UDFs are written in plpythonu. Since plpyhtonu is an untrusted language, only database super users can use it to to create UDFs. This poses a serious problem in that I have no way of programmatically creating them within the test suite. Right now I see two options:

  1. Modify django.db.backends.creation._create_test_db to create the test db from a template, which has my UDFs already loaded. This seems hacky and laborious to maintain.
  2. Create a super user with MD5 authentication and load the UDFs in the test suite with psycopg2. This seems unsecure.

Are there less terrible ways I can do this?

Thanks.

Kevin
  • 3,391
  • 5
  • 30
  • 40

2 Answers2

1

I don't know the PG UDF model, only the MySQL and SQLite ones. A few other work-arounds might be:

  1. Create a PG instance which you use just for testing, isolated so that potential security problems won't be a concern. Databases are cheap after all.
  2. If the UDFs are simple (or the test data size makes them simple) then recreate them in SQLite and use that database for testing. This assumes that you don't need to test the plpython functionality as part of the project.
  3. If the UDF functionality is much more stable than the rest of the project, then split the UDF code into its own subproject, and for the rest of the code assume the UDFs will be present. At the very least this will make it so most of the code can be automated, and only the UDF code needs manual intervention to specify the password.
Andrew Dalke
  • 14,889
  • 4
  • 39
  • 54
0

I went with #1. It's not ideal but it works ok.

Kevin
  • 3,391
  • 5
  • 30
  • 40