gemma: schema/gemma.sql comparison

comparison schema/gemma.sql @ 478:3af7ca761f6a

Purge password reset role The risk of SQL-injections and thus privilege escalation via the metamorphic user was estimated not high enough to justify the extra role. Thus, bring database back in line with rev. ffdb507d5b42 and re-enable password reset.

author	Tom Gottfried <tom@intevation.de>
date	Thu, 23 Aug 2018 16:41:44 +0200
parents	62ffb6c8a42e
children	f3452ce5c056

comparison

equal deleted inserted replaced

-:00b52d653039
+:3af7ca761f6a
 CREATE TABLE system_config (
 config_key varchar PRIMARY KEY,
 config_val varchar
 )
+CREATE TABLE password_reset_requests (
+hash varchar(32) PRIMARY KEY,
+issued timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+username varchar NOT NULL
+REFERENCES internal.user_profiles(username)
+ON DELETE CASCADE ON UPDATE CASCADE
+)
 CREATE TABLE external_services (
 local_name varchar PRIMARY KEY,
 remote_url varchar NOT NULL,
 is_wfs     boolean NOT NULL DEFAULT TRUE
 )
 PRIMARY KEY (username, template_name)
 )
 ;
 ALTER TABLE internal.user_profiles ADD
 country char(2) NOT NULL REFERENCES users.responsibility_areas;
--- Namespace intended to be the only one that pw_reset can access
-CREATE SCHEMA pw_reset
-CREATE TABLE password_reset_requests (
-hash varchar(32) PRIMARY KEY,
-issued timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-username varchar NOT NULL
-REFERENCES internal.user_profiles(username)
-ON DELETE CASCADE ON UPDATE CASCADE
-)
-;
 -- Namespace for waterway data that can change in a running system
 CREATE SCHEMA waterway

Mercurial > gemma

comparison schema/gemma.sql @ 478:3af7ca761f6a