Forum: Ruby on Rails User without ALTER/DROP privs for production?

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Matt H. (Guest)
on 2008-11-25 23:08
Our department has started to develop some web-applications with Rails -
finally breaking free of the java-for-everything approach.  A lot of the
pre-existing policies for deployment procedures will, naturally, need to
be followed when moving to rails. So, I'm trying to figure out how rails
will fit into our current deployment model...

As it stands today, developers are separated from the people in charge
of deployment.  Developers don't have credentials to the production
systems/databases, and when applications get moved to production, the
database user does not have alter/drop privileges.  We've solved the
connection credential problems by using JNDI database pooling (with
jRuby).  I'm not sure, however, about the permission issues for our
production database user.

Assuming we have two database users: super_user and runtime_user - and
we give super_user the ability to add/alter/drop tables, and then run
our migrations on prod as this user - should there be any problems with
using runtime_user for our database pools (without add/alter/drop privs)
for the application as it's running in prod?

Has anyone dealt with this?  If so, has it caused any problems?

Thanks,
M@
This topic is locked and can not be replied to.