Mercurial > gemma
comparison schema/std_login_roles.sql @ 330:fd04bccae6ca
Create standard roles as part of the base schema.
We will always need:
1. a gemma service user
2. an initial sys_admin user
so these are now created as part of the base gemma schema.
The install-db script now creates random default passwords for this
accounts.
As the complexity is sufficiently increased by now I also changed the
Quick Start guide to use an configuration file and provided an example
file.
| author | Sascha Wilde <wilde@intevation.de> |
|---|---|
| date | Fri, 03 Aug 2018 13:40:10 +0200 |
| parents | |
| children | 6c09aa214948 |
comparison
equal
deleted
inserted
replaced
| 329:71970f03c9e8 | 330:fd04bccae6ca |
|---|---|
| 1 BEGIN; | |
| 2 | |
| 3 -- | |
| 4 -- Standard users for the GEMMA database | |
| 5 -- | |
| 6 | |
| 7 -- NOTE: Passwords for these roels must be set during initial setup of | |
| 8 -- the database. | |
| 9 | |
| 10 -- | |
| 11 -- Admin User | |
| 12 -- | |
| 13 -- This initial Admin account is used to bootstrap the personalized | |
| 14 -- accounts. | |
| 15 CREATE ROLE sysadmin IN ROLE sys_admin LOGIN; | |
| 16 -- We need an empty dumm country for the default admin, as the user is | |
| 17 -- not supposed to work on data, it should be only used to create | |
| 18 -- personalized accounts. | |
| 19 INSERT INTO countries (country_code) VALUES ('--'); | |
| 20 INSERT INTO users.responsibility_areas (country, area) | |
| 21 VALUES ('--', ST_GeomFromText('MULTIPOLYGON(((0 0, 0 0, 0 0, 0 0)))', 4326)); | |
| 22 -- Add user profile data for sysadminL | |
| 23 INSERT INTO internal.user_profiles | |
| 24 (username, country, email_address, map_extent) | |
| 25 VALUES ('sysadmin','--','', | |
| 26 'BOX(9.52115482500011 46.3786430870001,17.1483378500001 49.0097744750001)'); | |
| 27 | |
| 28 -- | |
| 29 -- Functional Users | |
| 30 -- | |
| 31 | |
| 32 -- Used by the back end (gemma) | |
| 33 CREATE ROLE gemma_service IN ROLE pw_reset LOGIN; | |
| 34 | |
| 35 | |
| 36 -- | |
| 37 -- Remind the caller of his duties | |
| 38 -- | |
| 39 DO language plpgsql $$ | |
| 40 BEGIN | |
| 41 RAISE NOTICE 'Don''t forget to set a password for the user "sysadmin".'; | |
| 42 RAISE NOTICE 'Don''t forget to set a password for the user "gemma_service".'; | |
| 43 END | |
| 44 $$; | |
| 45 | |
| 46 COMMIT; |