← Back to team overview

dhis2-devs-core team mailing list archive

  1. dhis2-devs-core team
  2. Mailing list archive
  3. Message #00575

Re: DHIS2 demo admin password

  Thread PreviousDate PreviousThread Next 
Would it be possible to disregard updates on column password only?

-- 
Morten Olav Hansen
Senior Engineer, DHIS 2
University of Oslo
http://www.dhis2.org

On Tue, May 24, 2016 at 3:43 PM, Jason Pickering <
jason.p.pickering@xxxxxxxxx> wrote:

> Someone who wishes to remain anonymous requested some useful logging.
>
> create or replace function cant_touch_this() returns trigger language
> plpgsql as $$
> begin
>   RAISE EXCEPTION 'Hammertime!';
>   return null;
>
> end $$;
>
> create trigger prevent_changing_password before update on users
> FOR EACH ROW
> execute procedure cant_touch_this();
>
>
>
> On Tue, May 24, 2016 at 10:01 AM, Jason Pickering <
> jason.p.pickering@xxxxxxxxx> wrote:
>
>> I think this will work. Tested it locally
>>
>> create or replace function cant_touch_this() returns trigger language
>> plpgsql as $$
>> begin
>>
>>   return null;
>>
>> end $$;
>>
>> create trigger prevent_changing_password before update on users for each
>> row execute procedure cant_touch_this();
>>
>> On Tue, May 24, 2016 at 9:39 AM, Morten Olav Hansen <morten@xxxxxxxxx>
>> wrote:
>>
>>> There are at least 4-5 different ways of doing it though...
>>> /api/userAccount, /api/me, any kind of user import etc...
>>>
>>> --
>>> Morten Olav Hansen
>>> Senior Engineer, DHIS 2
>>> University of Oslo
>>> http://www.dhis2.org
>>>
>>> On Tue, May 24, 2016 at 2:39 PM, Jason Pickering <
>>> jason.p.pickering@xxxxxxxxx> wrote:
>>>
>>>> That sounds like perhaps the best way to me.
>>>>
>>>> Just block POST to
>>>>
>>>> https://play.dhis2.org/dhis-web-commons-about/updateUserAccount.action
>>>>
>>>> and perhaps its API equivalent if it exists?
>>>>
>>>> Are there other ways?
>>>>
>>>>
>>>> On Tue, May 24, 2016 at 9:34 AM, Bob Jolliffe <bobjolliffe@xxxxxxxxx>
>>>> wrote:
>>>>
>>>>> Could we use nginx to prevent access to the action. Redirect to
>>>>> somewhere punitive :-)
>>>>> On 24 May 2016 03:38, "Morten Olav Hansen" <morten@xxxxxxxxx> wrote:
>>>>>
>>>>>> I agree that it would be helpful. A couple of issues:
>>>>>>
>>>>>> 1) If using the web-api, it would require it to be a valid password,
>>>>>> so "district" would no longer work (District1?)
>>>>>>
>>>>>> 2) If instead injecting with SQL, one would also have to clear the
>>>>>> cache
>>>>>>
>>>>>> --
>>>>>> Morten Olav Hansen
>>>>>> Senior Engineer, DHIS 2
>>>>>> University of Oslo
>>>>>> http://www.dhis2.org
>>>>>>
>>>>>> On Tue, May 24, 2016 at 3:37 AM, John Mukulu <john.f.mukulu@xxxxxxxxx
>>>>>> > wrote:
>>>>>>
>>>>>>> I concur,
>>>>>>> Or even a simple repeated 5 mins cronjob script to reset the
>>>>>>> password via API.
>>>>>>>
>>>>>>> On Mon, May 23, 2016 at 9:19 PM, Jim Grace <jim@xxxxxxxxx> wrote:
>>>>>>>
>>>>>>>> Sounds reasonable to me.
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, May 23, 2016 at 1:16 PM, Jason Pickering <
>>>>>>>> jason.p.pickering@xxxxxxxxx> wrote:
>>>>>>>>
>>>>>>>>> Increasingly people change the password of the demo server.
>>>>>>>>>
>>>>>>>>> Can we put a database trigger in place to prevent this from being
>>>>>>>>> changed? It causes problems for people in general.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>> Jason
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Jason P. Pickering
>>>>>>>>> email: jason.p.pickering@xxxxxxxxx
>>>>>>>>> tel:+46764147049
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Mailing list: https://launchpad.net/~dhis2-devs-core
>>>>>>>>> Post to     : dhis2-devs-core@xxxxxxxxxxxxxxxxxxx
>>>>>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs-core
>>>>>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Jim Grace
>>>>>>>> Core developer, DHIS 2
>>>>>>>> HISP US Inc.
>>>>>>>> http://www.dhis2.org <https://www.dhis2.org/>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Mailing list: https://launchpad.net/~dhis2-devs-core
>>>>>>>> Post to     : dhis2-devs-core@xxxxxxxxxxxxxxxxxxx
>>>>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs-core
>>>>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> *http://mukulu.me <http://mukulu.me>*
>>>>>>> *Open source developer*
>>>>>>>
>>>>>>> --
>>>>>>> Mailing list: https://launchpad.net/~dhis2-devs-core
>>>>>>> Post to     : dhis2-devs-core@xxxxxxxxxxxxxxxxxxx
>>>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs-core
>>>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Mailing list: https://launchpad.net/~dhis2-devs-core
>>>>>> Post to     : dhis2-devs-core@xxxxxxxxxxxxxxxxxxx
>>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs-core
>>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>>
>>>>>>
>>>>> --
>>>>> Mailing list: https://launchpad.net/~dhis2-devs-core
>>>>> Post to     : dhis2-devs-core@xxxxxxxxxxxxxxxxxxx
>>>>> Unsubscribe : https://launchpad.net/~dhis2-devs-core
>>>>> More help   : https://help.launchpad.net/ListHelp
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Jason P. Pickering
>>>> email: jason.p.pickering@xxxxxxxxx
>>>> tel:+46764147049
>>>>
>>>
>>>
>>
>>
>> --
>> Jason P. Pickering
>> email: jason.p.pickering@xxxxxxxxx
>> tel:+46764147049
>>
>
>
>
> --
> Jason P. Pickering
> email: jason.p.pickering@xxxxxxxxx
> tel:+46764147049
>

Follow ups

References

  Thread PreviousDate PreviousThread Next