[open-ils-commits] r15735 - in trunk/Open-ILS: examples src/sql/Pg src/sql/Pg/upgrade (dbs)
svn at svn.open-ils.org
svn at svn.open-ils.org
Mon Mar 8 14:25:58 EST 2010
Author: dbs
Date: 2010-03-08 14:25:53 -0500 (Mon, 08 Mar 2010)
New Revision: 15735
Added:
trunk/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql
Modified:
trunk/Open-ILS/examples/fm_IDL.xml
trunk/Open-ILS/src/sql/Pg/002.schema.config.sql
trunk/Open-ILS/src/sql/Pg/950.data.seed-values.sql
Log:
Make permissions for administering triggers more usable out of the box:
* Add CREATE/DELETE/UPDATE/VIEW variants to the generic ADMIN
* Add ADMIN/CREATE/DELETE/UPDATE trigger permissions to Local System Administrator group at System depth
* Add VIEW trigger permissions to Local System Administrator at Consortial depth to enable cloning
Modified: trunk/Open-ILS/examples/fm_IDL.xml
===================================================================
--- trunk/Open-ILS/examples/fm_IDL.xml 2010-03-08 18:57:47 UTC (rev 15734)
+++ trunk/Open-ILS/examples/fm_IDL.xml 2010-03-08 19:25:53 UTC (rev 15735)
@@ -610,7 +610,7 @@
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
<retrieve/>
- <delete permission="ADMIN_TRIGGER_TEMPLATE_OUTPUT" global_required="true"/>
+ <delete permission="ADMIN_TRIGGER_TEMPLATE_OUTPUT DELETE_TRIGGER_TEMPLATE_OUTPUT" global_required="true"/>
</actions>
</permacrud>
</class>
@@ -625,10 +625,10 @@
<links/>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_HOOK" global_required="true"/>
+ <create permission="ADMIN_TRIGGER_HOOK CREATE_TRIGGER_HOOK" global_required="true"/>
<retrieve/>
- <update permission="ADMIN_TRIGGER_HOOK" global_required="true"/>
- <delete permission="ADMIN_TRIGGER_HOOK" global_required="true"/>
+ <update permission="ADMIN_TRIGGER_HOOK UPDATE_TRIGGER_HOOK" global_required="true"/>
+ <delete permission="ADMIN_TRIGGER_HOOK DELETE_TRIGGER_HOOK" global_required="true"/>
</actions>
</permacrud>
</class>
@@ -649,10 +649,10 @@
<links/>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_VALIDATOR" global_required="true"/>
+ <create permission="ADMIN_TRIGGER_VALIDATOR CREATE_TRIGGER_VALIDATOR" global_required="true"/>
<retrieve/>
- <update permission="ADMIN_TRIGGER_VALIDATOR" global_required="true"/>
- <delete permission="ADMIN_TRIGGER_VALIDATOR" global_required="true"/>
+ <update permission="ADMIN_TRIGGER_VALIDATOR UPDATE_TRIGGER_VALIDATOR" global_required="true"/>
+ <delete permission="ADMIN_TRIGGER_VALIDATOR DELETE_TRIGGER_VALIDATOR" global_required="true"/>
</actions>
</permacrud>
</class>
@@ -665,10 +665,10 @@
<links/>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_REACTOR" global_required="true"/>
+ <create permission="ADMIN_TRIGGER_REACTOR CREATE_TRIGGER_REACTOR" global_required="true"/>
<retrieve/>
- <update permission="ADMIN_TRIGGER_REACTOR" global_required="true"/>
- <delete permission="ADMIN_TRIGGER_REACTOR" global_required="true"/>
+ <update permission="ADMIN_TRIGGER_REACTOR UPDATE_TRIGGER_REACTOR" global_required="true"/>
+ <delete permission="ADMIN_TRIGGER_REACTOR DELETE_TRIGGER_REACTOR" global_required="true"/>
</actions>
</permacrud>
</class>
@@ -681,10 +681,10 @@
<links/>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_CLEANUP" global_required="true"/>
+ <create permission="ADMIN_TRIGGER_CLEANUP CREATE_TRIGGER_CLEANUP" global_required="true"/>
<retrieve/>
- <update permission="ADMIN_TRIGGER_CLEANUP" global_required="true"/>
- <delete permission="ADMIN_TRIGGER_CLEANUP" global_required="true"/>
+ <update permission="ADMIN_TRIGGER_CLEANUP UPDATE_TRIGGER_CLEANUP" global_required="true"/>
+ <delete permission="ADMIN_TRIGGER_CLEANUP DELETE_TRIGGER_CLEANUP" global_required="true"/>
</actions>
</permacrud>
</class>
@@ -703,16 +703,16 @@
</links>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_EVENT_DEF">
+ <create permission="ADMIN_TRIGGER_EVENT_DEF CREATE_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</create>
- <retrieve permission="ADMIN_TRIGGER_EVENT_DEF">
+ <retrieve permission="ADMIN_TRIGGER_EVENT_DEF VIEW_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</retrieve>
- <update permission="ADMIN_TRIGGER_EVENT_DEF">
+ <update permission="ADMIN_TRIGGER_EVENT_DEF UPDATE_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</update>
- <delete permission="ADMIN_TRIGGER_EVENT_DEF">
+ <delete permission="ADMIN_TRIGGER_EVENT_DEF DELETE_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</delete>
</actions>
@@ -754,10 +754,10 @@
</links>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
- <retrieve permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
- <update permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
- <delete permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
+ <create permission="ADMIN_TRIGGER_EVENT_DEF CREATE_TRIGGER_EVENT_DEF" context_field="owner"/>
+ <retrieve permission="ADMIN_TRIGGER_EVENT_DEF VIEW_TRIGGER_EVENT_DEF" context_field="owner"/>
+ <update permission="ADMIN_TRIGGER_EVENT_DEF UPDATE_TRIGGER_EVENT_DEF" context_field="owner"/>
+ <delete permission="ADMIN_TRIGGER_EVENT_DEF DELETE_TRIGGER_EVENT_DEF" context_field="owner"/>
</actions>
</permacrud>
</class>
@@ -799,16 +799,16 @@
</links>
<permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
<actions>
- <create permission="ADMIN_TRIGGER_EVENT_DEF">
+ <create permission="ADMIN_TRIGGER_EVENT_DEF CREATE_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</create>
- <retrieve permission="ADMIN_TRIGGER_EVENT_DEF">
+ <retrieve permission="ADMIN_TRIGGER_EVENT_DEF VIEW_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</retrieve>
- <update permission="ADMIN_TRIGGER_EVENT_DEF">
+ <update permission="ADMIN_TRIGGER_EVENT_DEF UPDATE_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</update>
- <delete permission="ADMIN_TRIGGER_EVENT_DEF">
+ <delete permission="ADMIN_TRIGGER_EVENT_DEF DELETE_TRIGGER_EVENT_DEF">
<context link="event_def" field="owner"/>
</delete>
</actions>
Modified: trunk/Open-ILS/src/sql/Pg/002.schema.config.sql
===================================================================
--- trunk/Open-ILS/src/sql/Pg/002.schema.config.sql 2010-03-08 18:57:47 UTC (rev 15734)
+++ trunk/Open-ILS/src/sql/Pg/002.schema.config.sql 2010-03-08 19:25:53 UTC (rev 15735)
@@ -51,7 +51,7 @@
install_date TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
);
-INSERT INTO config.upgrade_log (version) VALUES ('0181'); -- Scott McKellar
+INSERT INTO config.upgrade_log (version) VALUES ('0182'); -- dbs
CREATE TABLE config.bib_source (
id SERIAL PRIMARY KEY,
Modified: trunk/Open-ILS/src/sql/Pg/950.data.seed-values.sql
===================================================================
--- trunk/Open-ILS/src/sql/Pg/950.data.seed-values.sql 2010-03-08 18:57:47 UTC (rev 15734)
+++ trunk/Open-ILS/src/sql/Pg/950.data.seed-values.sql 2010-03-08 19:25:53 UTC (rev 15735)
@@ -1256,6 +1256,28 @@
(363, 'ALLOW_ALT_TCN', oils_i18n_gettext(363, 'Allows staff to import a record using an alternate TCN to avoid conflicts', 'ppl', 'description')),
(364, 'ADMIN_TRIGGER_EVENT_DEF', oils_i18n_gettext(364, 'Allow a user to administer trigger event definitions', 'ppl', 'description')),
(365, 'ADMIN_ACQ_CANCEL_CAUSE', oils_i18n_gettext(365, 'Allow a user to create/update/delete reasons for order cancellations', 'ppl', 'description')
+ (366, 'ADMIN_TRIGGER_CLEANUP', oils_i18n_gettext(366, 'Allow a user to create, delete, and update trigger cleanup entries', 'ppl', 'description')),
+ (367, 'CREATE_TRIGGER_CLEANUP', oils_i18n_gettext(367, 'Allow a user to create trigger cleanup entries', 'ppl', 'description')),
+ (368, 'DELETE_TRIGGER_CLEANUP', oils_i18n_gettext(368, 'Allow a user to delete trigger cleanup entries', 'ppl', 'description')),
+ (369, 'UPDATE_TRIGGER_CLEANUP', oils_i18n_gettext(369, 'Allow a user to update trigger cleanup entries', 'ppl', 'description')),
+ (370, 'CREATE_TRIGGER_EVENT_DEF', oils_i18n_gettext(370, 'Allow a user to create trigger event definitions', 'ppl', 'description')),
+ (371, 'DELETE_TRIGGER_EVENT_DEF', oils_i18n_gettext(371, 'Allow a user to delete trigger event definitions', 'ppl', 'description')),
+ (372, 'UPDATE_TRIGGER_EVENT_DEF', oils_i18n_gettext(372, 'Allow a user to update trigger event definitions', 'ppl', 'description')),
+ (373, 'VIEW_TRIGGER_EVENT_DEF', oils_i18n_gettext(373, 'Allow a user to view trigger event definitions', 'ppl', 'description')),
+ (374, 'ADMIN_TRIGGER_HOOK', oils_i18n_gettext(374, 'Allow a user to create, update, and delete trigger hooks', 'ppl', 'description')),
+ (375, 'CREATE_TRIGGER_HOOK', oils_i18n_gettext(375, 'Allow a user to create trigger hooks', 'ppl', 'description')),
+ (376, 'DELETE_TRIGGER_HOOK', oils_i18n_gettext(376, 'Allow a user to delete trigger hooks', 'ppl', 'description')),
+ (377, 'UPDATE_TRIGGER_HOOK', oils_i18n_gettext(377, 'Allow a user to update trigger hooks', 'ppl', 'description')),
+ (378, 'ADMIN_TRIGGER_REACTOR', oils_i18n_gettext(378, 'Allow a user to create, update, and delete trigger reactors', 'ppl', 'description')),
+ (379, 'CREATE_TRIGGER_REACTOR', oils_i18n_gettext(379, 'Allow a user to create trigger reactors', 'ppl', 'description')),
+ (380, 'DELETE_TRIGGER_REACTOR', oils_i18n_gettext(380, 'Allow a user to delete trigger reactors', 'ppl', 'description')),
+ (381, 'UPDATE_TRIGGER_REACTOR', oils_i18n_gettext(381, 'Allow a user to update trigger reactors', 'ppl', 'description')),
+ (382, 'ADMIN_TRIGGER_TEMPLATE_OUTPUT', oils_i18n_gettext(382, 'Allow a user to delete trigger template output', 'ppl', 'description')),
+ (383, 'DELETE_TRIGGER_TEMPLATE_OUTPUT', oils_i18n_gettext(383, 'Allow a user to delete trigger template output', 'ppl', 'description')),
+ (384, 'ADMIN_TRIGGER_VALIDATOR', oils_i18n_gettext(384, 'Allow a user to create, update, and delete trigger validators', 'ppl', 'description')),
+ (385, 'CREATE_TRIGGER_VALIDATOR', oils_i18n_gettext(385, 'Allow a user to create trigger validators', 'ppl', 'description')),
+ (386, 'DELETE_TRIGGER_VALIDATOR', oils_i18n_gettext(386, 'Allow a user to delete trigger validators', 'ppl', 'description')),
+ (387, 'UPDATE_TRIGGER_VALIDATOR', oils_i18n_gettext(387, 'Allow a user to update trigger validators', 'ppl', 'description'))
;
SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000);
@@ -1420,6 +1442,18 @@
INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'SHARE_REPORT_FOLDER'), 1, false);
INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_REPORT_OUTPUT'), 1, false);
+-- Add trigger administration permissions to the Local System Administrator group
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT 10, id, 1, false FROM permission.perm_list
+ WHERE code LIKE 'ADMIN_TRIGGER%'
+ OR code LIKE 'CREATE_TRIGGER%'
+ OR code LIKE 'DELETE_TRIGGER%'
+ OR code LIKE 'UPDATE_TRIGGER%'
+;
+-- View trigger permissions are required at a consortial level for initial setup
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT 10, id, 0, false FROM permission.perm_list WHERE code LIKE 'VIEW_TRIGGER%';
+
-- Add basic acquisitions permissions to the Acquisitions group
SELECT SETVAL('permission.grp_perm_map_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_perm_map));
INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'GENERAL_ACQ'), 1, false);
Added: trunk/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql
===================================================================
--- trunk/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql (rev 0)
+++ trunk/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql 2010-03-08 19:25:53 UTC (rev 15735)
@@ -0,0 +1,42 @@
+BEGIN;
+
+INSERT INTO config.upgrade_log (version) VALUES ('0182'); -- dbs
+
+INSERT INTO permission.perm_list (code, description) VALUES
+ ('ADMIN_TRIGGER_CLEANUP', 'Allow a user to create, delete, and update trigger cleanup entries'),
+ ('CREATE_TRIGGER_CLEANUP', 'Allow a user to create trigger cleanup entries'),
+ ('DELETE_TRIGGER_CLEANUP', 'Allow a user to delete trigger cleanup entries'),
+ ('UPDATE_TRIGGER_CLEANUP', 'Allow a user to update trigger cleanup entries'),
+ ('CREATE_TRIGGER_EVENT_DEF', 'Allow a user to create trigger event definitions'),
+ ('DELETE_TRIGGER_EVENT_DEF', 'Allow a user to delete trigger event definitions'),
+ ('UPDATE_TRIGGER_EVENT_DEF', 'Allow a user to update trigger event definitions'),
+ ('VIEW_TRIGGER_EVENT_DEF', 'Allow a user to view trigger event definitions'),
+ ('ADMIN_TRIGGER_HOOK', 'Allow a user to create, update, and delete trigger hooks'),
+ ('CREATE_TRIGGER_HOOK', 'Allow a user to create trigger hooks'),
+ ('DELETE_TRIGGER_HOOK', 'Allow a user to delete trigger hooks'),
+ ('UPDATE_TRIGGER_HOOK', 'Allow a user to update trigger hooks'),
+ ('ADMIN_TRIGGER_REACTOR', 'Allow a user to create, update, and delete trigger reactors'),
+ ('CREATE_TRIGGER_REACTOR', 'Allow a user to create trigger reactors'),
+ ('DELETE_TRIGGER_REACTOR', 'Allow a user to delete trigger reactors'),
+ ('UPDATE_TRIGGER_REACTOR', 'Allow a user to update trigger reactors'),
+ ('ADMIN_TRIGGER_TEMPLATE_OUTPUT', 'Allow a user to delete trigger template output'),
+ ('DELETE_TRIGGER_TEMPLATE_OUTPUT', 'Allow a user to delete trigger template output'),
+ ('ADMIN_TRIGGER_VALIDATOR', 'Allow a user to create, update, and delete trigger validators'),
+ ('CREATE_TRIGGER_VALIDATOR', 'Allow a user to create trigger validators'),
+ ('DELETE_TRIGGER_VALIDATOR', 'Allow a user to delete trigger validators'),
+ ('UPDATE_TRIGGER_VALIDATOR', 'Allow a user to update trigger validators')
+;
+
+-- Add trigger administration permissions to the Local System Administrator group
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT 10, id, 1, false FROM permission.perm_list
+ WHERE code LIKE 'ADMIN_TRIGGER%'
+ OR code LIKE 'CREATE_TRIGGER%'
+ OR code LIKE 'DELETE_TRIGGER%'
+ OR code LIKE 'UPDATE_TRIGGER%'
+;
+-- View trigger permissions are required at a consortial level for initial setup
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT 10, id, 0, false FROM permission.perm_list WHERE code LIKE 'VIEW_TRIGGER%';
+
+COMMIT;
More information about the open-ils-commits
mailing list