blob: 34cc1acf3c59cb5244016c85ba01039ba6eec62c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
CREATE FUNCTION api.update_password(
current_password TEXT,
new_password TEXT
)
RETURNS void
LANGUAGE plpgsql VOLATILE
AS $BODY$
DECLARE
_user_id INTEGER;
_real_password TEXT;
BEGIN
_user_id = _api.get_user_id();
PERFORM _api.validate_text(
_text => new_password,
_column => 'password',
_min => 1,
_max => 256
);
SELECT password
INTO _real_password
FROM admin.user
WHERE id = _user_id;
IF _real_password <> current_password THEN
PERFORM _api.raise(
_msg => 'api_invalid_password'
);
END IF;
UPDATE
admin.user
SET
"password" = new_password
WHERE
id = _user_id;
END
$BODY$;
GRANT EXECUTE ON FUNCTION api.update_password(TEXT, TEXT)
TO rest_user;
GRANT SELECT, UPDATE ON TABLE admin.user
TO rest_user;
|
