public/postgresql_passchanger_function
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
11 Commits 1 Branch 0 Tags
c1db5741db6562d5ed6f078faf491c25494229a0
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE

README.md

PostgreSQL expiration date management functions

Description

This project tries to find a way to allow users the management of the VALID UNTIL expiration clause by themself. All without granting super permissions and having a histoc of changes on a pseudo-audit table

Instructions

First deploy

Deploy passchanger.sql on the desired cluster/database.

It will:

  • create a dba schema
  • create a dba role
  • create the pwdhistory table for audit purpouses
  • Grant the minimum permissions for this new role so the whole thing works
  • Create the 2 needed functions and grant permissions on them to dba

Allowing users to use that functions

Take the file grants_to_grant.sql and modify the username dodger so it match the username that should have the permissions. Execute the grants on the cluster/database you have deployed passchanger.sql

Changing password & extending expiration date

The user should just execute:

select dba.change_my_password('YOUR_NEW_GENERATED_PASSWORD_NOT_THIS_ONE') ;
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 118 KiB
Languages
PLpgSQL 72.9%
Shell 27.1%