[midPoint] PostgreSQL permissions for cross-database/audit queries
João Paulo Ribeiro
joparibeiro at gmail.com
Wed May 21 21:52:36 CEST 2025
Hello!
I have a midPoint installation where I've separated the main and audit
databases, as recommended by the documentation. However, when I try to run
an advanced query like the following in the Log Viewer, I'm getting a
PostgreSQL exception:
targetRef/@/name contains "michelangelo"
ERROR
(com.evolveum.midpoint.gui.impl.component.data.provider.SelectableBeanContainerDataProvider):
Couldn't count objects.
com.evolveum.midpoint.util.exception.SystemException: Caught PSQLException
for select count(*)
from ma_audit_event aer
left join m_object o
on aer.targetOid = o.oid
where o.nameNorm like ? and o.nameOrig like ?
at
com.evolveum.midpoint.repo.sqale.SqaleServiceBase.handledGeneralException(SqaleServiceBase.java:110)
at
com.evolveum.midpoint.repo.sqale.audit.SqaleAuditService.countObjects(SqaleAuditService.java:524)
at
com.evolveum.midpoint.init.AuditServiceProxy.countObjects(AuditServiceProxy.java:260)
at
com.evolveum.midpoint.model.impl.controller.AuditController.countObjects(AuditController.java:102)
[...]
Caused by: com.querydsl.core.QueryException: Caught PSQLException for
select count(*)
from ma_audit_event aer
left join m_object o
on aer.targetOid = o.oid
where o.nameNorm like ? and o.nameOrig like ?
at
com.querydsl.sql.DefaultSQLExceptionTranslator.translate(DefaultSQLExceptionTranslator.java:50)
at com.querydsl.sql.Configuration.translate(Configuration.java:507)
at com.querydsl.sql.AbstractSQLQuery.unsafeCount(AbstractSQLQuery.java:614)
at com.querydsl.sql.AbstractSQLQuery.fetchCount(AbstractSQLQuery.java:130)
at
com.evolveum.midpoint.repo.sqlbase.SqlQueryContext.executeCount(SqlQueryContext.java:411)
at
com.evolveum.midpoint.repo.sqlbase.SqlQueryExecutor.count(SqlQueryExecutor.java:49)
at
com.evolveum.midpoint.repo.sqale.audit.SqaleAuditService.executeCountObjects(SqaleAuditService.java:539)
at
com.evolveum.midpoint.repo.sqale.audit.SqaleAuditService.countObjects(SqaleAuditService.java:522)
... 167 common frames omitted
Caused by: org.postgresql.util.PSQLException: ERROR: relation "m_object"
does not exist
Position: 51
at
org.postgresql.core.v3.QueryExecutorImpl.receiveErrorResponse(QueryExecutorImpl.java:2733)
at
org.postgresql.core.v3.QueryExecutorImpl.processResults(QueryExecutorImpl.java:2420)
at
org.postgresql.core.v3.QueryExecutorImpl.execute(QueryExecutorImpl.java:372)
at org.postgresql.jdbc.PgStatement.executeInternal(PgStatement.java:517)
at org.postgresql.jdbc.PgStatement.execute(PgStatement.java:434)
at
org.postgresql.jdbc.PgPreparedStatement.executeWithFlags(PgPreparedStatement.java:194)
at
org.postgresql.jdbc.PgPreparedStatement.executeQuery(PgPreparedStatement.java:137)
at
com.zaxxer.hikari.pool.ProxyPreparedStatement.executeQuery(ProxyPreparedStatement.java:52)
at
com.zaxxer.hikari.pool.HikariProxyPreparedStatement.executeQuery(HikariProxyPreparedStatement.java)
at com.querydsl.sql.AbstractSQLQuery.unsafeCount(AbstractSQLQuery.java:603)
... 172 common frames omitted
This apparently seems to be a lack of permissions for cross-reference
queries. I could simply include the necessary permissions in my PostgreSQL,
but before doing so, I'd like to know if there's a standard script for
this. I haven't found any script among the SQL scripts available in the
midpoint/doc/config/sql/native directory that grants these permissions.
Thanks in advance,
João Paulo Ribeiro.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20250521/b483f016/attachment.htm>
More information about the midPoint
mailing list