summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lsmb-request.pl3
-rw-r--r--sql/modules/Roles.sql78
2 files changed, 80 insertions, 1 deletions
diff --git a/lsmb-request.pl b/lsmb-request.pl
index d848c484..2edd45be 100644
--- a/lsmb-request.pl
+++ b/lsmb-request.pl
@@ -38,7 +38,8 @@ eval { require "custom.pl"; };
$request = new LedgerSMB;
$request->{action} = '__default' if (!$request->{action});
-$0 =~ m/([^\/\\]*.pl)\?*.*$/;
+
+$ENV{SCRIPT_NAME} =~ m/([^\/\\]*.pl)\?*.*$/;
$script = $1;
$locale = LedgerSMB::Locale->get_handle( ${LedgerSMB::Sysconfig::language} )
or $request->error( __FILE__ . ':' . __LINE__ . ": Locale not loaded: $!\n" );
diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql
index c3ad4650..894f5a70 100644
--- a/sql/modules/Roles.sql
+++ b/sql/modules/Roles.sql
@@ -27,6 +27,20 @@ GRANT SELECT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT SELECT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT SELECT ON vendortax TO lsmb_<?lsmb dbname ?>__create_contact;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (11, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (14, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (21, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (30, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (33, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_contact
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -53,6 +67,20 @@ GRANT INSERT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT INSERT ON person_to_location TO lsmb_<?lsmb dbname ?>__create_contact;
GRANT INSERT ON vendortax TO lsmb_<?lsmb dbname ?>__create_contact;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (11, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (12, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (21, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (30, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (31, 'allow', 'lsmb_<?lsmb dbname ?>__create_contact');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__edit_contact
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -93,6 +121,8 @@ GRANT INSERT ON batch TO lsmb_<?lsmb dbname ?>__create_batch;
GRANT SELECT ON batch_class TO lsmb_<?lsmb dbname ?>__create_batch;
GRANT INSERT ON voucher TO lsmb_<?lsmb dbname ?>__create_batch;
+-- TODO add Menu ACLs
+
CREATE ROLE lsmb_<?lsmb dbname ?>__post_batches
WITH INHERIT NOLOGIN;
@@ -102,6 +132,8 @@ GRANT UPDATE ON acc_trans TO lsmb_<?lsmb dbname ?>__post_batches;
GRANT UPDATE ON batch TO lsmb_<?lsmb dbname ?>__post_batches;
GRANT UPDATE ON gl TO lsmb_<?lsmb dbname ?>__post_batches;
+-- TODO add Menu ACLs
+
-- AR
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_transaction
WITH INHERIT NOLOGIN
@@ -110,6 +142,11 @@ IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
GRANT INSERT ON ar TO lsmb_<?lsmb dbname ?>__create_ar_transaction;
GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_ar_transaction;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__create_ar_transaction');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (2, 'allow', 'lsmb_<?lsmb dbname ?>__create_ar_transaction');
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact,
@@ -118,6 +155,8 @@ lsmb_<?lsmb dbname ?>__create_batch;
GRANT INSERT ON ar TO lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher;
GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher;
+-- TODO add Menu ACLs
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_invoice
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact,
@@ -126,6 +165,10 @@ lsmb_<?lsmb dbname ?>__create_ar_transaction;
GRANT INSERT ON invoice TO lsmb_<?lsmb dbname ?>__create_ar_invoice;
GRANT INSERT ON inventory TO lsmb_<?lsmb dbname ?>__create_ar_invoice;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (3, 'allow', 'lsmb_<?lsmb dbname ?>__create_ar_invoice');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_ar_invoice_voucher
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact,
@@ -135,6 +178,8 @@ lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher;
GRANT INSERT ON invoice TO lsmb_<?lsmb dbname ?>__create_ar_invoice_voucher;
GRANT INSERT ON inventory TO lsmb_<?lsmb dbname ?>__create_ar_invoice_voucher;
+-- TODO add Menu ACLs
+
CREATE ROLE lsmb_<?lsmb dbname ?>__list_ar_transactions
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -144,6 +189,27 @@ GRANT SELECT ON acc_trans TO lsmb_<?lsmb dbname ?>__list_ar_transactions;
GRANT SELECT ON invoice TO lsmb_<?lsmb dbname ?>__list_ar_transactions
GRANT SELECT ON inventory TO lsmb_<?lsmb dbname ?>__list_ar_transactions
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (1, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (4, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (5, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (6, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (7, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (9, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (10, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (11, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (13, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (15, 'allow', 'lsmb_<?lsmb dbname ?>__list_ar_transactions');
+
CREATE ROLE lsmb_<?lsmb dbname ?>__ar_all_vouchers
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__create_ar_transaction_voucher,
@@ -162,6 +228,12 @@ IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
GRANT INSERT ON oe TO lsmb_<?lsmb dbname ?>__create_sales_order;
GRANT INSERT ON orderitems TO lsmb_<?lsmb dbname ?>__create_sales_order;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (50, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_order');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (51, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_order');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__create_sales_quotation
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
@@ -169,6 +241,12 @@ IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
GRANT INSERT ON oe TO lsmb_<?lsmb dbname ?>__create_sales_quotation;
GRANT INSERT ON orderitems TO lsmb_<?lsmb dbname ?>__create_sales_quotation;
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (50, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_quotation');
+INSERT INTO menu_acl (node_id, acl_type, role_name)
+values (51, 'allow', 'lsmb_<?lsmb dbname ?>__create_sales_quotation');
+
+
CREATE ROLE lsmb_<?lsmb dbname ?>__list_sales_orders
WITH INHERIT NOLOGIN
IN ROLE lsmb_<?lsmb dbname ?>__read_contact;
generated by cgit v1.2.3 (git 2.46.0) at 2024-11-23 01:53:20 +0000