Mercurial > gemma

diff schema/gemma.sql @ 478:3af7ca761f6a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Purge password reset role The risk of SQL-injections and thus privilege escalation via the metamorphic user was estimated not high enough to justify the extra role. Thus, bring database back in line with rev. ffdb507d5b42 and re-enable password reset.
author Tom Gottfried <tom@intevation.de>
date Thu, 23 Aug 2018 16:41:44 +0200
parents 62ffb6c8a42e
children f3452ce5c056
line wrap: on
line diff
--- a/schema/gemma.sql	Thu Aug 23 16:18:07 2018 +0200
+++ b/schema/gemma.sql	Thu Aug 23 16:41:44 2018 +0200
@@ -56,6 +56,14 @@
         config_val varchar
     )
 
+    CREATE TABLE password_reset_requests (
+        hash varchar(32) PRIMARY KEY,
+        issued timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
+        username varchar NOT NULL
+            REFERENCES internal.user_profiles(username)
+                ON DELETE CASCADE ON UPDATE CASCADE
+    )
+
     CREATE TABLE external_services (
         local_name varchar PRIMARY KEY,
         remote_url varchar NOT NULL,
@@ -182,18 +190,6 @@
     country char(2) NOT NULL REFERENCES users.responsibility_areas;
 
 
--- Namespace intended to be the only one that pw_reset can access
-CREATE SCHEMA pw_reset
-    CREATE TABLE password_reset_requests (
-        hash varchar(32) PRIMARY KEY,
-        issued timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
-        username varchar NOT NULL
-            REFERENCES internal.user_profiles(username)
-                ON DELETE CASCADE ON UPDATE CASCADE
-    )
-;
-
-
 -- Namespace for waterway data that can change in a running system
 CREATE SCHEMA waterway