| From: | Dave Page <dpage(at)pgadmin(dot)org> |
|---|---|
| To: | Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com> |
| Cc: | Nikhil Mohite <nikhil(dot)mohite(at)enterprisedb(dot)com>, pgadmin-hackers <pgadmin-hackers(at)postgresql(dot)org> |
| Subject: | Re: [pgAdmin][RM-6120]: Adding/updating user should not allow to add an older date in account expires. |
| Date: | 2021-01-14 09:08:10 |
| Message-ID: | CA+OCxoyghzW2OJyxC2MpyHX3=T=pSJm1s5nxG8qZO_e6Hm08SA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-hackers |
On Thu, Jan 14, 2021 at 8:18 AM Akshay Joshi <akshay(dot)joshi(at)enterprisedb(dot)com>
wrote:
> Thanks, patch applied.
>
> On Thu, Jan 14, 2021 at 11:28 AM Nikhil Mohite <
> nikhil(dot)mohite(at)enterprisedb(dot)com> wrote:
>
>> Hi Team,
>>
>> Please find the attached patch for RM-6120
>> <https://redmine.postgresql.org/issues/6120>: Adding/updating user
>> should not allow to add an older date in account expires.
>> Added UI validation if a user enters the account expiration date manually.
>>
>
I think this needs to be reverted (and the UI fixed to allow an older date
to be selected).
Selecting a past expiry date is a perfectly valid way to create an account
that is effectively locked, for example, to allow pre-creation of roles for
staff that are yet to join.
PostgreSQL doesn't prevent this - why should we?
--
Dave Page
Blog: http://pgsnake.blogspot.com
Twitter: @pgsnake
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dave Page | 2021-01-14 09:14:43 | Re: Is there a mistake in line 22 of Make.bat? |
| Previous Message | Akshay Joshi | 2021-01-14 08:18:06 | Re: [pgAdmin4][Patch] - RM 5457 - Kerberos Authentication - Phase 1 |