From f8c67e67f0272c3f5d06108ade34a1fa1885d8da Mon Sep 17 00:00:00 2001 From: einhverfr Date: Tue, 11 Sep 2007 20:22:52 +0000 Subject: Cleaning up lsmb-request slightly git-svn-id: https://ledger-smb.svn.sourceforge.net/svnroot/ledger-smb/trunk@1569 4979c152-3d1c-0410-bac9-87ea11338e46 --- sql/modules/Roles.sql | 78 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) (limited to 'sql') diff --git a/sql/modules/Roles.sql b/sql/modules/Roles.sql index c3ad4650..894f5a70 100644 --- a/sql/modules/Roles.sql +++ b/sql/modules/Roles.sql @@ -27,6 +27,20 @@ GRANT SELECT ON person_to_location TO lsmb___create_contact; GRANT SELECT ON person_to_location TO lsmb___create_contact; GRANT SELECT ON vendortax TO lsmb___create_contact; +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (1, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (11, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (14, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (21, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (30, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (33, 'allow', 'lsmb___create_contact'); + + CREATE ROLE lsmb___create_contact WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; @@ -53,6 +67,20 @@ GRANT INSERT ON person_to_location TO lsmb___create_contact; GRANT INSERT ON person_to_location TO lsmb___create_contact; GRANT INSERT ON vendortax TO lsmb___create_contact; +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (1, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (11, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (12, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (21, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (30, 'allow', 'lsmb___create_contact'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (31, 'allow', 'lsmb___create_contact'); + + CREATE ROLE lsmb___edit_contact WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; @@ -93,6 +121,8 @@ GRANT INSERT ON batch TO lsmb___create_batch; GRANT SELECT ON batch_class TO lsmb___create_batch; GRANT INSERT ON voucher TO lsmb___create_batch; +-- TODO add Menu ACLs + CREATE ROLE lsmb___post_batches WITH INHERIT NOLOGIN; @@ -102,6 +132,8 @@ GRANT UPDATE ON acc_trans TO lsmb___post_batches; GRANT UPDATE ON batch TO lsmb___post_batches; GRANT UPDATE ON gl TO lsmb___post_batches; +-- TODO add Menu ACLs + -- AR CREATE ROLE lsmb___create_ar_transaction WITH INHERIT NOLOGIN @@ -110,6 +142,11 @@ IN ROLE lsmb___read_contact; GRANT INSERT ON ar TO lsmb___create_ar_transaction; GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction; +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (1, 'allow', 'lsmb___create_ar_transaction'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (2, 'allow', 'lsmb___create_ar_transaction'); + CREATE ROLE lsmb___create_ar_transaction_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, @@ -118,6 +155,8 @@ lsmb___create_batch; GRANT INSERT ON ar TO lsmb___create_ar_transaction_voucher; GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction_voucher; +-- TODO add Menu ACLs + CREATE ROLE lsmb___create_ar_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, @@ -126,6 +165,10 @@ lsmb___create_ar_transaction; GRANT INSERT ON invoice TO lsmb___create_ar_invoice; GRANT INSERT ON inventory TO lsmb___create_ar_invoice; +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (3, 'allow', 'lsmb___create_ar_invoice'); + + CREATE ROLE lsmb___create_ar_invoice_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, @@ -135,6 +178,8 @@ lsmb___create_ar_transaction_voucher; GRANT INSERT ON invoice TO lsmb___create_ar_invoice_voucher; GRANT INSERT ON inventory TO lsmb___create_ar_invoice_voucher; +-- TODO add Menu ACLs + CREATE ROLE lsmb___list_ar_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; @@ -144,6 +189,27 @@ GRANT SELECT ON acc_trans TO lsmb___list_ar_transactions; GRANT SELECT ON invoice TO lsmb___list_ar_transactions GRANT SELECT ON inventory TO lsmb___list_ar_transactions +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (1, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (4, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (5, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (6, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (7, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (9, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (10, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (11, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (13, 'allow', 'lsmb___list_ar_transactions'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (15, 'allow', 'lsmb___list_ar_transactions'); + CREATE ROLE lsmb___ar_all_vouchers WITH INHERIT NOLOGIN IN ROLE lsmb___create_ar_transaction_voucher, @@ -162,6 +228,12 @@ IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_sales_order; GRANT INSERT ON orderitems TO lsmb___create_sales_order; +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (50, 'allow', 'lsmb___create_sales_order'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (51, 'allow', 'lsmb___create_sales_order'); + + CREATE ROLE lsmb___create_sales_quotation WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; @@ -169,6 +241,12 @@ IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_sales_quotation; GRANT INSERT ON orderitems TO lsmb___create_sales_quotation; +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (50, 'allow', 'lsmb___create_sales_quotation'); +INSERT INTO menu_acl (node_id, acl_type, role_name) +values (51, 'allow', 'lsmb___create_sales_quotation'); + + CREATE ROLE lsmb___list_sales_orders WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; -- cgit v1.2.3