diff options
| author | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-09-12 06:37:22 +0000 |
|---|---|---|
| committer | einhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46> | 2007-09-12 06:37:22 +0000 |
| commit | f8aba07c6513193b1ae265d4a45df105762de388 (patch) | |
| tree | 53459a938b6e8b27c54f875670d3dda7e6d85a66 /sql/modules | |
| parent | 81ea97a00b3df5ce3afdbe05119316d39b40d169 (diff) | |
More additions to role system
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1574 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'sql/modules')
| -rw-r--r-- | sql/modules/Roles.sql | 52 |
1 files changed, 46 insertions, 6 deletions
diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql index cfdd62c2..4b803989 100644 --- a/sql/modules/Roles.sql +++ b/sql/modules/Roles.sql @@ -744,24 +744,60 @@ lsmb_<?lsmb dbname ?>__create_warehouse; CREATE ROLE lsmb_<?lsmb dbname ?>__create_transaction WITH INHERIT NOLOGIN; +GRANT INSERT ON gl TO lsmb_<?lsmb dbname ?>__create_transaction; +GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_transaction; + +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (73, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (74, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (75, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (35, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (40, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); + + CREATE ROLE lsmb_<?lsmb dbname ?>__create_transaction_voucher WITH INHERIT NOLOGIN; +GRANT INSERT ON gl TO lsmb_<?lsmb dbname ?>__create_transaction; +GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_transaction; + +-- TODO Add menu permissions + CREATE ROLE lsmb_<?lsmb dbname ?>__list_transactions WITH INHERIT NOLOGIN IN ROLE lsmb_<?lsmb dbname ?>__list_ar_transactions, lsmb_<?lsmb dbname ?>__list_ap_transactions; +GRANT SELECT ON gl TO lsmb_<?lsmb dbname ?>__list_transactions; + +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (73, 'allow', 'lsmb_<?lsmb dbname ?>__list_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (76, 'allow', 'lsmb_<?lsmb dbname ?>__list_transactions'); + + CREATE ROLE lsmb_<?lsmb dbname ?>__run_yearend WITH INHERIT NOLOGIN; -CREATE ROLE lsmb_<?lsmb dbname ?>__create_list_batches +GRANT INSERT, SELECT ON acc_trans TO lsmb_<?lsmb dbname ?>__run_yearend; + +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (128, 'allow', 'lsmb_<?lsmb dbname ?>__run_yearend'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (132, 'allow', 'lsmb_<?lsmb dbname ?>__run_yearend'); + + +CREATE ROLE lsmb_<?lsmb dbname ?>__list_batches WITH INHERIT NOLOGIN -IN ROLE lsmb_<?lsmb dbname ?>__create_list_transactions; +IN ROLE lsmb_<?lsmb dbname ?>__list_transactions; -GRANT SELECT ON batch TO lsmb_<?lsmb dbname ?>__create_list_batches; -GRANT SELECT ON batch_class TO lsmb_<?lsmb dbname ?>__create_list_batches; -GRANT SELECT ON voucher TO lsmb_<?lsmb dbname ?>__create_list_batches; +GRANT SELECT ON batch TO lsmb_<?lsmb dbname ?>__list_batches; +GRANT SELECT ON batch_class TO lsmb_<?lsmb dbname ?>__list_batches; +GRANT SELECT ON voucher TO lsmb_<?lsmb dbname ?>__list_batches; CREATE ROLE lsmb_<?lsmb dbname ?>__all_gl WITH INHERIT NOLOGIN @@ -774,9 +810,13 @@ lsmb_<?lsmb dbname ?>__list_transactions; CREATE ROLE lsmb_<?lsmb dbname ?>__create_project WITH INHERIT NOLOGIN; -CREATE ROLE lsmb_<?lsmb dbname ?>__add_project_timecard +CREATE ROLE lsmb_<?lsmb dbname ?>__edit_project WITH INHERIT NOLOGIN; +CREATE ROLE lsmb_<?lsmb dbname ?>__add_project_timecard +WITH INHERIT NOLOGIN +IN ROLE lsmb_<?lsmb dbname ?>__read_contact; + -- ORDER GENERATION CREATE ROLE lsmb_<?lsmb dbname ?>__project_generate_orders WITH INHERIT NOLOGIN; |