Mercurial > gemma

view schema/std_login_roles.sql @ 467:73c7b2d6246e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Used hex-encoded usernames and a stored procedure to decode them to impersonate with the metamorph user.
author Sascha L. Teichmann <sascha.teichmann@intevation.de>
date Wed, 22 Aug 2018 17:43:30 +0200
parents 5611cf72cc92
children 638371a0e557
line wrap: on
line source

BEGIN;

--
-- Standard users for the GEMMA database
--

-- NOTE: Passwords for these roles must be set during initial setup of
--       the database.

--
-- Admin User
--
-- This initial Admin account is used to bootstrap the personalized
-- accounts.
CREATE ROLE sysadmin IN ROLE sys_admin LOGIN;
-- We need an empty dummy country for the default admin, as the user is
-- not supposed to work on data, it should be only used to create
-- personalized accounts.
INSERT INTO countries (country_code) VALUES ('--');
INSERT INTO users.responsibility_areas (country, area)
  VALUES ('--', ST_GeomFromText('MULTIPOLYGON(((0 0, 0 0, 0 0, 0 0)))', 4326));
-- Add user profile data for sysadmin
INSERT INTO internal.user_profiles
            (username, country, email_address, map_extent)
  VALUES ('sysadmin','--','',
          'BOX(9.52115482500011 46.3786430870001,17.1483378500001 49.0097744750001)');

--
-- Functional Users
--

-- Used by the back end (gemma)
CREATE ROLE gemma_service IN ROLE pw_reset LOGIN;

-- Used by GeoServer and backend
CREATE ROLE meta_login IN ROLE metamorph LOGIN;

--
-- Remind the caller of his duties
--
DO language plpgsql $$
BEGIN
  RAISE NOTICE 'Don''t forget to set a password for the user "sysadmin".';
  RAISE NOTICE 'Don''t forget to set a password for the user "gemma_service".';
  RAISE NOTICE 'Don''t forget to set a password for the user "meta_login".';
END
$$;

COMMIT;