diff options
Diffstat (limited to 'sql')
-rw-r--r-- | sql/modules/Roles.sql | 52 |
1 files changed, 46 insertions, 6 deletions
diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql index cfdd62c2..4b803989 100644 --- a/sql/modules/Roles.sql +++ b/sql/modules/Roles.sql @@ -744,24 +744,60 @@ lsmb_<?lsmb dbname ?>__create_warehouse; CREATE ROLE lsmb_<?lsmb dbname ?>__create_transaction WITH INHERIT NOLOGIN; +GRANT INSERT ON gl TO lsmb_<?lsmb dbname ?>__create_transaction; +GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_transaction; + +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (73, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (74, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (75, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (35, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (40, 'allow', 'lsmb_<?lsmb dbname ?>__create_transaction'); + + CREATE ROLE lsmb_<?lsmb dbname ?>__create_transaction_voucher WITH INHERIT NOLOGIN; +GRANT INSERT ON gl TO lsmb_<?lsmb dbname ?>__create_transaction; +GRANT INSERT ON acc_trans TO lsmb_<?lsmb dbname ?>__create_transaction; + +-- TODO Add menu permissions + CREATE ROLE lsmb_<?lsmb dbname ?>__list_transactions WITH INHERIT NOLOGIN IN ROLE lsmb_<?lsmb dbname ?>__list_ar_transactions, lsmb_<?lsmb dbname ?>__list_ap_transactions; +GRANT SELECT ON gl TO lsmb_<?lsmb dbname ?>__list_transactions; + +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (73, 'allow', 'lsmb_<?lsmb dbname ?>__list_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (76, 'allow', 'lsmb_<?lsmb dbname ?>__list_transactions'); + + CREATE ROLE lsmb_<?lsmb dbname ?>__run_yearend WITH INHERIT NOLOGIN; -CREATE ROLE lsmb_<?lsmb dbname ?>__create_list_batches +GRANT INSERT, SELECT ON acc_trans TO lsmb_<?lsmb dbname ?>__run_yearend; + +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (128, 'allow', 'lsmb_<?lsmb dbname ?>__run_yearend'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (132, 'allow', 'lsmb_<?lsmb dbname ?>__run_yearend'); + + +CREATE ROLE lsmb_<?lsmb dbname ?>__list_batches WITH INHERIT NOLOGIN -IN ROLE lsmb_<?lsmb dbname ?>__create_list_transactions; +IN ROLE lsmb_<?lsmb dbname ?>__list_transactions; -GRANT SELECT ON batch TO lsmb_<?lsmb dbname ?>__create_list_batches; -GRANT SELECT ON batch_class TO lsmb_<?lsmb dbname ?>__create_list_batches; -GRANT SELECT ON voucher TO lsmb_<?lsmb dbname ?>__create_list_batches; +GRANT SELECT ON batch TO lsmb_<?lsmb dbname ?>__list_batches; +GRANT SELECT ON batch_class TO lsmb_<?lsmb dbname ?>__list_batches; +GRANT SELECT ON voucher TO lsmb_<?lsmb dbname ?>__list_batches; CREATE ROLE lsmb_<?lsmb dbname ?>__all_gl WITH INHERIT NOLOGIN @@ -774,9 +810,13 @@ lsmb_<?lsmb dbname ?>__list_transactions; CREATE ROLE lsmb_<?lsmb dbname ?>__create_project WITH INHERIT NOLOGIN; -CREATE ROLE lsmb_<?lsmb dbname ?>__add_project_timecard +CREATE ROLE lsmb_<?lsmb dbname ?>__edit_project WITH INHERIT NOLOGIN; +CREATE ROLE lsmb_<?lsmb dbname ?>__add_project_timecard +WITH INHERIT NOLOGIN +IN ROLE lsmb_<?lsmb dbname ?>__read_contact; + -- ORDER GENERATION CREATE ROLE lsmb_<?lsmb dbname ?>__project_generate_orders WITH INHERIT NOLOGIN; |