From 6f337cb15990f8b8dcf5862f1a8a8c127964ae6f Mon Sep 17 00:00:00 2001 From: einhverfr Date: Tue, 11 Sep 2007 06:19:07 +0000 Subject: Adding some permission grants git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1560 4979c152-3d1c-0410-bac9-87ea11338e46 --- sql/modules/Roles.sql | 136 ++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 126 insertions(+), 10 deletions(-) (limited to 'sql/modules') diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql index 7994a6e3..c3ad4650 100644 --- a/sql/modules/Roles.sql +++ b/sql/modules/Roles.sql @@ -1,13 +1,83 @@ -- Contacts +CREATE ROLE lsmb___read_contact +WITH INHERIT NOLOGIN; + +GRANT SELECT ON entity TO lsmb___create_contact; +GRANT SELECT ON company TO lsmb___create_contact; +GRANT SELECT ON location TO lsmb___create_contact; +GRANT SELECT ON person TO lsmb___create_contact; +GRANT SELECT ON entity_credit_account TO lsmb___create_contact; +GRANT SELECT ON company_to_contact TO lsmb___create_contact; +GRANT SELECT ON company_to_entity TO lsmb___create_contact; +GRANT SELECT ON company_to_location TO lsmb___create_contact; +GRANT SELECT ON customertax TO lsmb___create_contact; +GRANT SELECT ON employee TO lsmb___create_contact; +GRANT SELECT ON customer TO lsmb___create_contact; +GRANT SELECT ON contact_class TO lsmb___create_contact; +GRANT SELECT ON entity_class TO lsmb___create_contact; +GRANT SELECT ON entity_bank_account TO lsmb___create_contact; +GRANT SELECT ON entity_note TO lsmb___create_contact; +GRANT SELECT ON entity_class_to_entity TO lsmb___create_contact; +GRANT SELECT ON entity_other_name TO lsmb___create_contact; +GRANT SELECT ON location_class TO lsmb___create_contact; +GRANT SELECT ON person_to_company TO lsmb___create_contact; +GRANT SELECT ON person_to_contact TO lsmb___create_contact; +GRANT SELECT ON person_to_contact TO lsmb___create_contact; +GRANT SELECT ON person_to_location TO lsmb___create_contact; +GRANT SELECT ON person_to_location TO lsmb___create_contact; +GRANT SELECT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___create_contact -WITH INHERIT NOLOGIN; +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; + +GRANT INSERT ON entity TO lsmb___create_contact; +GRANT INSERT ON company TO lsmb___create_contact; +GRANT INSERT ON location TO lsmb___create_contact; +GRANT INSERT ON person TO lsmb___create_contact; +GRANT INSERT ON entity_credit_account TO lsmb___create_contact; +GRANT INSERT ON company_to_contact TO lsmb___create_contact; +GRANT INSERT ON company_to_entity TO lsmb___create_contact; +GRANT INSERT ON company_to_location TO lsmb___create_contact; +GRANT INSERT ON customertax TO lsmb___create_contact; +GRANT INSERT ON employee TO lsmb___create_contact; +GRANT INSERT ON customer TO lsmb___create_contact; +GRANT INSERT ON entity_bank_account TO lsmb___create_contact; +GRANT INSERT ON entity_note TO lsmb___create_contact; +GRANT INSERT ON entity_class_to_entity TO lsmb___create_contact; +GRANT INSERT ON entity_other_name TO lsmb___create_contact; +GRANT INSERT ON person_to_company TO lsmb___create_contact; +GRANT INSERT ON person_to_contact TO lsmb___create_contact; +GRANT INSERT ON person_to_contact TO lsmb___create_contact; +GRANT INSERT ON person_to_location TO lsmb___create_contact; +GRANT INSERT ON person_to_location TO lsmb___create_contact; +GRANT INSERT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___edit_contact -WITH INHERIT NOLOGIN; +WITH INHERIT NOLOGIN +IN ROLE lsmb___read_contact; -CREATE ROLE lsmb___read_contact -WITH INHERIT NOLOGIN; +GRANT UPDATE ON entity TO lsmb___create_contact; +GRANT UPDATE ON company TO lsmb___create_contact; +GRANT UPDATE ON location TO lsmb___create_contact; +GRANT UPDATE ON person TO lsmb___create_contact; +GRANT UPDATE ON entity_credit_account TO lsmb___create_contact; +GRANT UPDATE ON company_to_contact TO lsmb___create_contact; +GRANT UPDATE ON company_to_entity TO lsmb___create_contact; +GRANT UPDATE ON company_to_location TO lsmb___create_contact; +GRANT UPDATE ON customertax TO lsmb___create_contact; +GRANT UPDATE ON employee TO lsmb___create_contact; +GRANT UPDATE ON customer TO lsmb___create_contact; +GRANT UPDATE ON entity_bank_account TO lsmb___create_contact; +GRANT UPDATE ON entity_note TO lsmb___create_contact; +GRANT UPDATE ON entity_class_to_entity TO lsmb___create_contact; +GRANT UPDATE ON entity_other_name TO lsmb___create_contact; +GRANT UPDATE ON person_to_company TO lsmb___create_contact; +GRANT UPDATE ON person_to_contact TO lsmb___create_contact; +GRANT UPDATE ON person_to_contact TO lsmb___create_contact; +GRANT UPDATE ON person_to_location TO lsmb___create_contact; +GRANT UPDATE ON person_to_location TO lsmb___create_contact; +GRANT DELETE, INSERT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___contact_all_rights WITH INHERIT NOLOGIN @@ -19,36 +89,61 @@ lsmb___read_contact; CREATE ROLE lsmb___create_batch WITH INHERIT NOLOGIN; -CREATE ROLE lsmb___create_list_batches -WITH INHERIT NOLOGIN; +GRANT INSERT ON batch TO lsmb___create_batch; +GRANT SELECT ON batch_class TO lsmb___create_batch; +GRANT INSERT ON voucher TO lsmb___create_batch; -CREATE ROLE lsmb___create_post_batches +CREATE ROLE lsmb___post_batches WITH INHERIT NOLOGIN; +GRANT UPDATE ON ar TO lsmb___post_batches; +GRANT UPDATE ON ap TO lsmb___post_batches; +GRANT UPDATE ON acc_trans TO lsmb___post_batches; +GRANT UPDATE ON batch TO lsmb___post_batches; +GRANT UPDATE ON gl TO lsmb___post_batches; -- AR CREATE ROLE lsmb___create_ar_transaction WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; +GRANT INSERT ON ar TO lsmb___create_ar_transaction; +GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction; + CREATE ROLE lsmb___create_ar_transaction_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; +GRANT INSERT ON ar TO lsmb___create_ar_transaction_voucher; +GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction_voucher; + CREATE ROLE lsmb___create_ar_invoice WITH INHERIT NOLOGIN -IN ROLE lsmb___read_contact; +IN ROLE lsmb___read_contact, +lsmb___create_ar_transaction; + +GRANT INSERT ON invoice TO lsmb___create_ar_invoice; +GRANT INSERT ON inventory TO lsmb___create_ar_invoice; CREATE ROLE lsmb___create_ar_invoice_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, -lsmb___create_batch; +lsmb___create_batch, +lsmb___create_ar_transaction_voucher; + +GRANT INSERT ON invoice TO lsmb___create_ar_invoice_voucher; +GRANT INSERT ON inventory TO lsmb___create_ar_invoice_voucher; CREATE ROLE lsmb___list_ar_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; +GRANT SELECT ON ar TO lsmb___list_ar_transactions; +GRANT SELECT ON acc_trans TO lsmb___list_ar_transactions; +GRANT SELECT ON invoice TO lsmb___list_ar_transactions +GRANT SELECT ON inventory TO lsmb___list_ar_transactions + CREATE ROLE lsmb___ar_all_vouchers WITH INHERIT NOLOGIN IN ROLE lsmb___create_ar_transaction_voucher, @@ -64,18 +159,30 @@ CREATE ROLE lsmb___create_sales_order WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; +GRANT INSERT ON oe TO lsmb___create_sales_order; +GRANT INSERT ON orderitems TO lsmb___create_sales_order; + CREATE ROLE lsmb___create_sales_quotation WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; +GRANT INSERT ON oe TO lsmb___create_sales_quotation; +GRANT INSERT ON orderitems TO lsmb___create_sales_quotation; + CREATE ROLE lsmb___list_sales_orders WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; +GRANT SELECT ON oe TO lsmb___list_sales_orders; +GRANT SELECT ON orderitems TO lsmb___list_sales_orders; + CREATE ROLE lsmb___list_sales_quotations WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; +GRANT SELECT ON oe TO lsmb___list_sales_quotations; +GRANT SELECT ON orderitems TO lsmb___list_sales_quotations; + CREATE ROLE lsmb___all_ar WITH INHERIT NOLOGIN IN ROLE lsmb___ar_all_vouchers, @@ -148,7 +255,8 @@ lsmb___list_purchase_rfqs; -- POS CREATE ROLE lsmb___create_pos_invoice WITH INHERIT NOLOGIN -IN ROLE lsmb___create_sales_invoice; +IN ROLE lsmb___create_sales_invoice, +lsmb___create_ar_invoice; CREATE ROLE lsmb___close_till WITH INHERIT NOLOGIN; @@ -235,6 +343,14 @@ lsmb___list_ap_transactions; CREATE ROLE lsmb___run_yearend WITH INHERIT NOLOGIN; +CREATE ROLE lsmb___create_list_batches +WITH INHERIT NOLOGIN +IN ROLE lsmb___create_list_transactions; + +GRANT SELECT ON batch TO lsmb___create_list_batches; +GRANT SELECT ON batch_class TO lsmb___create_list_batches; +GRANT SELECT ON voucher TO lsmb___create_list_batches; + CREATE ROLE lsmb___all_gl WITH INHERIT NOLOGIN IN ROLE lsmb___create_transaction, -- cgit v1.2.3