Closed smurthys closed 7 years ago
The fix seems rather straightforward: remove the following statement and one other similar statement in addUserMgmt.sql
:
GRANT EXECUTE ON FUNCTION classdb.createUser(userName VARCHAR(63), initialPwd VARCHAR(128))
TO ClassDB_Instructor, ClassDB_DBManager;
I agree that these functions should not be executed by any user other than ClassDB itself.
However, provided that this is addressed, there is no use whatsoever for the dropUser()
function since it is not called by any other function. Previously, it remained defined in case an unregistered user had been created by manually calling createUser()
. We may want to open a separate issue for this.
I can remove that function as part of #114.
The discussion in #107 convinces me that ClassDB functions should not be used to create/drop general users. ClassDB should work with and be responsible only for users in roles relevant to its purpose.