-- Deploy camper:change_password to pg
-- requires: roles
-- requires: schema_auth
-- requires: schema_camper
-- requires: user

begin;

set search_path to camper, auth, public;

create or replace function change_password(new_password text) returns void as
$$
update "user"
set password = new_password
where email = current_user_email()
  and cookie = current_user_cookie()
  and cookie_expires_at > current_timestamp
  and length(cookie) > 30
$$
language sql
security definer
set search_path to auth, camper, pg_temp;

revoke execute on function change_password(text) from public;
grant execute on function change_password(text) to employee;
grant execute on function change_password(text) to admin;

comment on function change_password(text) is
'Changes the password for the current app user';

commit;