Mercurial > gemma
view schema/roles.sql @ 478:3af7ca761f6a
Purge password reset role
The risk of SQL-injections and thus privilege escalation
via the metamorphic user was estimated not high enough to
justify the extra role. Thus, bring database back in line
with rev. ffdb507d5b42 and re-enable password reset.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Thu, 23 Aug 2018 16:41:44 +0200 |
parents | 5611cf72cc92 |
children | 6590208e3ee1 |
line wrap: on
line source
-- -- Primary GEMMA roles -- CREATE ROLE waterway_user; CREATE ROLE waterway_admin IN ROLE waterway_user; CREATE ROLE sys_admin IN ROLE waterway_admin; -- -- Special roles -- -- A role that is intended to be used for backend- or -- GeoServer-connections on which SET ROLE has to be used to -- gain privileges of a specific role CREATE ROLE metamorph NOINHERIT;