summaryrefslogtreecommitdiff
path: root/sql/modules
diff options
context:
space:
mode:
authoreinhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>2007-09-11 20:22:52 +0000
committereinhverfr <einhverfr@4979c152-3d1c-0410-bac9-87ea11338e46>2007-09-11 20:22:52 +0000
commitf8c67e67f0272c3f5d06108ade34a1fa1885d8da (patch)
tree4df7d4e23c3fc0c81acb55a0a98b6515ece73405 /sql/modules
parentf74c8fa213cd5409084ede2de7ea4ed626895955 (diff)
Cleaning up lsmb-request slightly
git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1569 4979c152-3d1c-0410-bac9-87ea11338e46
Diffstat (limited to 'sql/modules')
-rw-r--r--sql/modules/Roles.sql78
1 files changed, 78 insertions, 0 deletions
diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql
index c3ad4650..894f5a70 100644
--- a/sql/modules/Roles.sql
+++ b/sql/modules/Roles.sql
@@ -27,6 +27,20 @@ GRANT SELECT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT SELECT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT SELECT ON vendortax TO lsmb_<?lsmb dbname ?>__create_contact;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (11, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (14, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (21, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (30, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (33, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_contact
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -53,6 +67,20 @@ GRANT INSERT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT INSERT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT INSERT ON vendortax TO lsmb_<?lsmb dbname ?>__create_contact;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (11, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (12, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (21, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (30, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (31, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__edit_contact
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -93,6 +121,8 @@ GRANT INSERT ON batch TO lsmb_<?lsmb dbname ?>__create_batch;
GRANT SELECT ON batch_class TO lsmb_<?lsmb dbname ?>__create_batch;
GRANT INSERT ON voucher TO lsmb_<?lsmb dbname ?>__create_batch;
+-- TODO add Menu ACLs
+
CREATE ROLE lsmb_<?lsmb dbname ?>__post_batches
WITH INHERIT NOLOGIN;
@@ -102,6 +132,8 @@ GRANT UPDATE ON acc_trans TO lsmb_<?lsmb dbname ?>__post_batches;
GRANT UPDATE ON batch TO lsmb_<?lsmb dbname ?>__post_batches;
GRANT UPDATE ON gl TO lsmb_<?lsmb dbname ?>__post_batches;
+-- TODO add Menu ACLs
+
-- AR
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_transaction
WITH INHERIT NOLOGIN
@@ -110,6 +142,11 @@ IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
GRANT INSERT ON ar TO lsmb_<?lsmb dbname ?>__create_ar_transaction;
GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_ar_transaction;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__create_ar_transaction');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (2, 'allow', 'lsmb_<?lsmb dbname ?>__create_ar_transaction');
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact,
@@ -118,6 +155,8 @@ lsmb_<?lsmb dbname ?>__create_batch;
GRANT INSERT ON ar TO lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher;
GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher;
+-- TODO add Menu ACLs
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_invoice
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact,
@@ -126,6 +165,10 @@ lsmb_<?lsmb dbname ?>__create_ar_transaction;
GRANT INSERT ON invoice TO lsmb_<?lsmb dbname ?>__create_ar_invoice;
GRANT INSERT ON inventory TO lsmb_<?lsmb dbname ?>__create_ar_invoice;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (3, 'allow', 'lsmb_<?lsmb dbname ?>__create_ar_invoice');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_invoice_voucher
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact,
@@ -135,6 +178,8 @@ lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher;
GRANT INSERT ON invoice TO lsmb_<?lsmb dbname ?>__create_ar_invoice_voucher;
GRANT INSERT ON inventory TO lsmb_<?lsmb dbname ?>__create_ar_invoice_voucher;
+-- TODO add Menu ACLs
+
CREATE ROLE lsmb_<?lsmb dbname ?>__list_ar_transactions
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -144,6 +189,27 @@ GRANT SELECT ON acc_trans TO lsmb_<?lsmb dbname ?>__list_ar_transactions;
GRANT SELECT ON invoice TO lsmb_<?lsmb dbname ?>__list_ar_transactions
GRANT SELECT ON inventory TO lsmb_<?lsmb dbname ?>__list_ar_transactions
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (4, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (5, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (6, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (7, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (9, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (10, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (11, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (13, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (15, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+
CREATE ROLE lsmb_<?lsmb dbname ?>__ar_all_vouchers
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher,
@@ -162,6 +228,12 @@ IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
GRANT INSERT ON oe TO lsmb_<?lsmb dbname ?>__create_sales_order;
GRANT INSERT ON orderitems TO lsmb_<?lsmb dbname ?>__create_sales_order;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (50, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_order');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (51, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_order');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_sales_quotation
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -169,6 +241,12 @@ IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
GRANT INSERT ON oe TO lsmb_<?lsmb dbname ?>__create_sales_quotation;
GRANT INSERT ON orderitems TO lsmb_<?lsmb dbname ?>__create_sales_quotation;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (50, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_quotation');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (51, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_quotation');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__list_sales_orders
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;