Mercurial > gemma
diff schema/auth.sql @ 307:750a9c9cd965
Use SQL UPDATE to update users
This implies it's not a database error anymore to try to update a
non-existent user. Thus, handle this as a HTTP-404 in the backend,
which is in line with what GET does.
Using UPDATE here will allow to GRANT column-wise privileges. The password
has become part of the view to be updatable as well.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Wed, 01 Aug 2018 15:49:38 +0200 |
parents | 72062ca52746 |
children | 0745b4d336c4 |
line wrap: on
line diff
--- a/schema/auth.sql Wed Aug 01 15:18:26 2018 +0200 +++ b/schema/auth.sql Wed Aug 01 15:49:38 2018 +0200 @@ -25,7 +25,7 @@ -- Extended privileges for sys_admin -- GRANT INSERT, UPDATE, DELETE - ON users.responsibility_areas TO sys_admin; + ON users.list_users, users.responsibility_areas TO sys_admin; GRANT USAGE ON SCHEMA sys_admin TO sys_admin; GRANT SELECT ON ALL TABLES IN SCHEMA sys_admin TO sys_admin; GRANT UPDATE ON sys_admin.system_config TO sys_admin;