105 lines
2.4 KiB
PL/PgSQL
105 lines
2.4 KiB
PL/PgSQL
|
|
-- Criar função para admins alterarem senhas de usuários
|
|
CREATE OR REPLACE FUNCTION public.admin_change_user_password(
|
|
user_id_param uuid,
|
|
new_password text
|
|
)
|
|
RETURNS boolean
|
|
LANGUAGE plpgsql
|
|
SECURITY DEFINER
|
|
AS $$
|
|
BEGIN
|
|
-- Verificar se o usuário atual é admin
|
|
IF NOT public.has_role(auth.uid(), 'admin'::app_role) THEN
|
|
RAISE EXCEPTION 'Apenas administradores podem alterar senhas de usuários';
|
|
END IF;
|
|
|
|
-- Atualizar a senha do usuário na tabela auth.users
|
|
UPDATE auth.users
|
|
SET
|
|
encrypted_password = crypt(new_password, gen_salt('bf')),
|
|
updated_at = now()
|
|
WHERE id = user_id_param;
|
|
|
|
IF NOT FOUND THEN
|
|
RAISE EXCEPTION 'Usuário não encontrado';
|
|
END IF;
|
|
|
|
RETURN true;
|
|
END;
|
|
$$;
|
|
|
|
-- Atualizar função de criação de usuário para usar senha padrão "usuario"
|
|
CREATE OR REPLACE FUNCTION public.admin_create_user(
|
|
user_email text,
|
|
user_full_name text DEFAULT NULL::text,
|
|
user_function_id uuid DEFAULT NULL::uuid,
|
|
user_privilege_id uuid DEFAULT NULL::uuid
|
|
)
|
|
RETURNS uuid
|
|
LANGUAGE plpgsql
|
|
SECURITY DEFINER
|
|
SET search_path TO 'public'
|
|
AS $$
|
|
DECLARE
|
|
new_user_id UUID;
|
|
temp_password TEXT := 'usuario'; -- Alterado de '1234' para 'usuario'
|
|
hashed_password TEXT;
|
|
BEGIN
|
|
-- Check if current user is admin
|
|
IF NOT public.has_role(auth.uid(), 'admin'::app_role) THEN
|
|
RAISE EXCEPTION 'Only admins can create new users';
|
|
END IF;
|
|
|
|
-- Check if email already exists
|
|
IF EXISTS (SELECT 1 FROM auth.users WHERE email = user_email) THEN
|
|
RAISE EXCEPTION 'User with this email already exists';
|
|
END IF;
|
|
|
|
-- Generate a hash for the password
|
|
hashed_password := crypt(temp_password, gen_salt('bf'));
|
|
|
|
-- Create user in auth.users
|
|
INSERT INTO auth.users (
|
|
instance_id,
|
|
id,
|
|
aud,
|
|
role,
|
|
email,
|
|
encrypted_password,
|
|
email_confirmed_at,
|
|
created_at,
|
|
updated_at,
|
|
confirmation_token,
|
|
email_change,
|
|
email_change_token_new,
|
|
recovery_token
|
|
) VALUES (
|
|
'00000000-0000-0000-0000-000000000000',
|
|
gen_random_uuid(),
|
|
'authenticated',
|
|
'authenticated',
|
|
user_email,
|
|
hashed_password,
|
|
now(),
|
|
now(),
|
|
now(),
|
|
'',
|
|
'',
|
|
'',
|
|
''
|
|
) RETURNING id INTO new_user_id;
|
|
|
|
-- Update the profile with additional information
|
|
UPDATE public.profiles
|
|
SET
|
|
full_name = user_full_name,
|
|
function_id = user_function_id,
|
|
privilege_id = user_privilege_id,
|
|
status = 'active'
|
|
WHERE id = new_user_id;
|
|
|
|
RETURN new_user_id;
|
|
END;
|
|
$$;
|