Mercurial > gemma
view schema/manage_users.sql @ 210:a0e2c6bb3cb3
Remove obsolete GRANT on user_profiles
Even sys_admin should write in this table only via
user management functions.
author | Tom Gottfried <tom@intevation.de> |
---|---|
date | Mon, 23 Jul 2018 16:40:21 +0200 |
parents | 88d21c29cf04 |
children | 229f385448fa |
line wrap: on
line source
-- -- Functions encapsulating user management functionality and -- exposing it to privileged users -- CREATE OR REPLACE FUNCTION sys_admin.create_user( userrole varchar, username users.user_profiles.username%TYPE, pw varchar, country users.user_profiles.country%TYPE, map_extent users.user_profiles.map_extent%TYPE, email_adress users.user_profiles.email_adress%TYPE ) RETURNS void AS $$ BEGIN INSERT INTO users.user_profiles VALUES ( username, country, map_extent, email_adress); EXECUTE format( 'CREATE ROLE %I IN ROLE %I LOGIN PASSWORD %L', username, userrole, pw); END; $$ LANGUAGE plpgsql SECURITY DEFINER;