Mercurial > gemma
diff schema/gemma.sql @ 4755:dfd990a4ac64
Hide sys_admin accounts to waterway admins
Since imports and import configurations are authorized based on
the visibility of the user that created the import, that way waterway
admins are no longer allowed to see imports and import configurations
created by sys_admins.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Fri, 18 Oct 2019 17:55:12 +0200 |
parents | fd9f171b87e4 |
children | c69e35ec6adf |
line wrap: on
line diff
--- a/schema/gemma.sql Fri Oct 18 17:32:02 2019 +0200 +++ b/schema/gemma.sql Fri Oct 18 17:55:12 2019 +0200 @@ -441,7 +441,7 @@ CREATE TRIGGER templates_date_info BEFORE UPDATE ON templates FOR EACH ROW EXECUTE PROCEDURE update_date_info() - CREATE VIEW users.list_users WITH (security_barrier) AS + CREATE VIEW list_users WITH (security_barrier) AS SELECT r.rolname, p.username, @@ -458,6 +458,7 @@ AND p.country = ( SELECT country FROM internal.user_profiles WHERE username = current_user) + AND r.rolname <> 'sys_admin' OR pg_has_role('sys_admin', 'MEMBER') ;