-- Contacts CREATE ROLE lsmb___read_contact WITH INHERIT NOLOGIN; GRANT SELECT ON entity TO lsmb___create_contact; GRANT SELECT ON company TO lsmb___create_contact; GRANT SELECT ON location TO lsmb___create_contact; GRANT SELECT ON person TO lsmb___create_contact; GRANT SELECT ON entity_credit_account TO lsmb___create_contact; GRANT SELECT ON company_to_contact TO lsmb___create_contact; GRANT SELECT ON company_to_entity TO lsmb___create_contact; GRANT SELECT ON company_to_location TO lsmb___create_contact; GRANT SELECT ON customertax TO lsmb___create_contact; GRANT SELECT ON employee TO lsmb___create_contact; GRANT SELECT ON customer TO lsmb___create_contact; GRANT SELECT ON contact_class TO lsmb___create_contact; GRANT SELECT ON entity_class TO lsmb___create_contact; GRANT SELECT ON entity_bank_account TO lsmb___create_contact; GRANT SELECT ON entity_note TO lsmb___create_contact; GRANT SELECT ON entity_class_to_entity TO lsmb___create_contact; GRANT SELECT ON entity_other_name TO lsmb___create_contact; GRANT SELECT ON location_class TO lsmb___create_contact; GRANT SELECT ON person_to_company TO lsmb___create_contact; GRANT SELECT ON person_to_contact TO lsmb___create_contact; GRANT SELECT ON person_to_contact TO lsmb___create_contact; GRANT SELECT ON person_to_location TO lsmb___create_contact; GRANT SELECT ON person_to_location TO lsmb___create_contact; GRANT SELECT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___create_contact WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON entity TO lsmb___create_contact; GRANT INSERT ON company TO lsmb___create_contact; GRANT INSERT ON location TO lsmb___create_contact; GRANT INSERT ON person TO lsmb___create_contact; GRANT INSERT ON entity_credit_account TO lsmb___create_contact; GRANT INSERT ON company_to_contact TO lsmb___create_contact; GRANT INSERT ON company_to_entity TO lsmb___create_contact; GRANT INSERT ON company_to_location TO lsmb___create_contact; GRANT INSERT ON customertax TO lsmb___create_contact; GRANT INSERT ON employee TO lsmb___create_contact; GRANT INSERT ON customer TO lsmb___create_contact; GRANT INSERT ON entity_bank_account TO lsmb___create_contact; GRANT INSERT ON entity_note TO lsmb___create_contact; GRANT INSERT ON entity_class_to_entity TO lsmb___create_contact; GRANT INSERT ON entity_other_name TO lsmb___create_contact; GRANT INSERT ON person_to_company TO lsmb___create_contact; GRANT INSERT ON person_to_contact TO lsmb___create_contact; GRANT INSERT ON person_to_contact TO lsmb___create_contact; GRANT INSERT ON person_to_location TO lsmb___create_contact; GRANT INSERT ON person_to_location TO lsmb___create_contact; GRANT INSERT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___edit_contact WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT UPDATE ON entity TO lsmb___create_contact; GRANT UPDATE ON company TO lsmb___create_contact; GRANT UPDATE ON location TO lsmb___create_contact; GRANT UPDATE ON person TO lsmb___create_contact; GRANT UPDATE ON entity_credit_account TO lsmb___create_contact; GRANT UPDATE ON company_to_contact TO lsmb___create_contact; GRANT UPDATE ON company_to_entity TO lsmb___create_contact; GRANT UPDATE ON company_to_location TO lsmb___create_contact; GRANT UPDATE ON customertax TO lsmb___create_contact; GRANT UPDATE ON employee TO lsmb___create_contact; GRANT UPDATE ON customer TO lsmb___create_contact; GRANT UPDATE ON entity_bank_account TO lsmb___create_contact; GRANT UPDATE ON entity_note TO lsmb___create_contact; GRANT UPDATE ON entity_class_to_entity TO lsmb___create_contact; GRANT UPDATE ON entity_other_name TO lsmb___create_contact; GRANT UPDATE ON person_to_company TO lsmb___create_contact; GRANT UPDATE ON person_to_contact TO lsmb___create_contact; GRANT UPDATE ON person_to_contact TO lsmb___create_contact; GRANT UPDATE ON person_to_location TO lsmb___create_contact; GRANT UPDATE ON person_to_location TO lsmb___create_contact; GRANT DELETE, INSERT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___contact_all_rights WITH INHERIT NOLOGIN in role lsmb___create_contact, lsmb___edit_contact, lsmb___read_contact; -- Batches and VOuchers CREATE ROLE lsmb___create_batch WITH INHERIT NOLOGIN; GRANT INSERT ON batch TO lsmb___create_batch; GRANT SELECT ON batch_class TO lsmb___create_batch; GRANT INSERT ON voucher TO lsmb___create_batch; CREATE ROLE lsmb___post_batches WITH INHERIT NOLOGIN; GRANT UPDATE ON ar TO lsmb___post_batches; GRANT UPDATE ON ap TO lsmb___post_batches; GRANT UPDATE ON acc_trans TO lsmb___post_batches; GRANT UPDATE ON batch TO lsmb___post_batches; GRANT UPDATE ON gl TO lsmb___post_batches; -- AR CREATE ROLE lsmb___create_ar_transaction WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON ar TO lsmb___create_ar_transaction; GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction; CREATE ROLE lsmb___create_ar_transaction_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; GRANT INSERT ON ar TO lsmb___create_ar_transaction_voucher; GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction_voucher; CREATE ROLE lsmb___create_ar_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_ar_transaction; GRANT INSERT ON invoice TO lsmb___create_ar_invoice; GRANT INSERT ON inventory TO lsmb___create_ar_invoice; CREATE ROLE lsmb___create_ar_invoice_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch, lsmb___create_ar_transaction_voucher; GRANT INSERT ON invoice TO lsmb___create_ar_invoice_voucher; GRANT INSERT ON inventory TO lsmb___create_ar_invoice_voucher; CREATE ROLE lsmb___list_ar_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON ar TO lsmb___list_ar_transactions; GRANT SELECT ON acc_trans TO lsmb___list_ar_transactions; GRANT SELECT ON invoice TO lsmb___list_ar_transactions GRANT SELECT ON inventory TO lsmb___list_ar_transactions CREATE ROLE lsmb___ar_all_vouchers WITH INHERIT NOLOGIN IN ROLE lsmb___create_ar_transaction_voucher, lsmb___create_ar_invoice_voucher; CREATE ROLE lsmb___ar_all_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___create_ar_transaction, lsmb___create_ar_invoice, lsmb___list_ar_transactions; CREATE ROLE lsmb___create_sales_order WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_sales_order; GRANT INSERT ON orderitems TO lsmb___create_sales_order; CREATE ROLE lsmb___create_sales_quotation WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_sales_quotation; GRANT INSERT ON orderitems TO lsmb___create_sales_quotation; CREATE ROLE lsmb___list_sales_orders WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON oe TO lsmb___list_sales_orders; GRANT SELECT ON orderitems TO lsmb___list_sales_orders; CREATE ROLE lsmb___list_sales_quotations WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON oe TO lsmb___list_sales_quotations; GRANT SELECT ON orderitems TO lsmb___list_sales_quotations; CREATE ROLE lsmb___all_ar WITH INHERIT NOLOGIN IN ROLE lsmb___ar_all_vouchers, lsmb___ar_all_transactions, lsmb___create_sales_order, lsmb___create_sales_quotation, lsmb___list_sales_orders, lsmb___list_sales_quotations; -- AP CREATE ROLE lsmb___create_ap_transaction WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; CREATE ROLE lsmb___create_ap_transaction_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; CREATE ROLE lsmb___create_ap_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; CREATE ROLE lsmb___create_ap_invoice_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; CREATE ROLE lsmb___list_ap_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; CREATE ROLE lsmb___ap_all_vouchers WITH INHERIT NOLOGIN IN ROLE lsmb___create_ap_transaction_voucher, lsmb___create_ap_invoice_voucher; CREATE ROLE lsmb___ap_all_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___create_ap_transaction, lsmb___create_ap_invoice, lsmb___list_ap_transactions; CREATE ROLE lsmb___create_purchase_order WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_purchase_rfq WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; CREATE ROLE lsmb___list_purchase_orders WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; CREATE ROLE lsmb___list_purchase_rfqs WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; CREATE ROLE lsmb___all_ap WITH INHERIT NOLOGIN IN ROLE lsmb___ap_all_vouchers, lsmb___ap_all_transactions, lsmb___create_purchase_order, lsmb___create_purchase_rfq, lsmb___list_purchase_orders, lsmb___list_purchase_rfqs; -- POS CREATE ROLE lsmb___create_pos_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___create_sales_invoice, lsmb___create_ar_invoice; CREATE ROLE lsmb___close_till WITH INHERIT NOLOGIN; CREATE ROLE lsmb___list_all_open WITH INHERIT NOLOGIN; CREATE ROLE lsmb___pos_cashier WITH INHERIT NOLOGIN lsmb___create_pos_invoice, lsmb___close_till; CREATE ROLE lsmb___all_pos WITH INHERIT NOLOGIN IN ROLE lsmb___pos_cashier, lsmb___list_all_open; -- CASH CREATE ROLE lsmb___reconcile WITH INHERIT NOLOGIN; CREATE ROLE lsmb___approve_reconciliation WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_reconcile WITH INHERIT NOLOGIN IN ROLE lsmb___reconcile, lsmb___approve_reconciliation; CREATE ROLE lsmb___process_payment WITH INHERIT NOLOGIN IN ROLE ar_list_transactions; CREATE ROLE lsmb___process_receipt WITH INHERIT NOLOGIN IN ROLE ap_list_transactions; CREATE ROLE lsmb___cash_all WITH INHERIT NOLOGIN IN ROLE lsmb___all_reconcile, lsmb___process_payment, lsmb___process_receipt; -- Inventory Control CREATE ROLE lsmb___create_part WITH INHERIT NOLOGIN; CREATE ROLE lsmb___inventory_reports WITH INHERIT NOLOGIN; CREATE ROLE lsmb___stock_assembly WITH INHERIT NOLOGIN; CREATE ROLE lsmb___ship_inventory WITH INHERIT NOLOGIN; CREATE ROLE lsmb___receive_inventory WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_warehouse WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_inventory WITH INHERIT NOLOGIN IN ROLE lsmb___create_part, lsmb___inventory_reports, lsmb___stock_assembly, lsmb___ship_inventory, lsmb___receive_inventory, lsmb___create_warehouse; -- GL CREATE ROLE lsmb___create_transaction WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_transaction_voucher WITH INHERIT NOLOGIN; CREATE ROLE lsmb___list_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___list_ar_transactions, lsmb___list_ap_transactions; CREATE ROLE lsmb___run_yearend WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_list_batches WITH INHERIT NOLOGIN IN ROLE lsmb___create_list_transactions; GRANT SELECT ON batch TO lsmb___create_list_batches; GRANT SELECT ON batch_class TO lsmb___create_list_batches; GRANT SELECT ON voucher TO lsmb___create_list_batches; CREATE ROLE lsmb___all_gl WITH INHERIT NOLOGIN IN ROLE lsmb___create_transaction, lsmb___create_transaction_voucher, lsmb___run_yearend, lsmb___list_transactions; -- PROJECTS CREATE ROLE lsmb___create_project WITH INHERIT NOLOGIN; CREATE ROLE lsmb___add_project_timecard WITH INHERIT NOLOGIN; -- ORDER GENERATION CREATE ROLE lsmb___project_generate_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___sales_to_purchase_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___consolidate_purchase_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___consolidate_sales_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___manage_orders WITH INHERIT NOLOGIN IN ROLE lsmb___project_generate_orders, lsmb___sales_to_purchase_orders, lsmb___consolidate_purchase_orders, lsmb___consolidate_sales_orders; -- FINANCIAL REPORTS CREATE ROLE lsmb___run_financial_reports WITH INHERIT NOLOGIN IN ROLE lsmb___list_transactions; -- RECURRING TRANSACTIONS -- TO ADD WHEN THIS IS REDESIGNED -- BATCH PRINTING CREATE ROLE lsmb___list_print_jobs WITH INHERIT NOLOGIN; CREATE ROLE lsmb___print_jobs WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_batch_printing WITH INHERIT NOLOGIN IN ROLE lsmb___list_print_jobs, lsmb___print_jobs; -- SYSTEM SETTINGS CREATE ROLE lsmb___list_system_settings WITH INHERIT NOLOGIN; CREATE ROLE lsmb___change_system_settings WITH INHERIT NOLOGIN IN ROLE lsmb___list_system_settings; CREATE ROLE lsmb___set_taxes WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_account WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_account WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_gifi WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_gifi WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_accounts WITH INHERIT NOLOGIN IN ROLE lsmb___create_account, lsmb___set_taxes, lsmb___edit_account, lsmb___create_gifi; lsmb___edit_gifi; CREATE ROLE lsmb___create_department WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_department WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_department WITH INHERIT NOLOGIN IN ROLE lsmb___create_department, lsmb___edit_department; CREATE ROLE lsmb___create_business_type WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_business_type WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_business_type WITH INHERIT NOLOGIN IN ROLE lsmb___create_business_type, lsmb___edit_business_type; CREATE ROLE lsmb___create_sic WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_sic WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_sic WITH INHERIT NOLOGIN IN ROLE lsmb___create_sic, lsmb___edit_sic; CREATE ROLE lsmb___edit_template WITH INHERIT NOLOGIN; CREATE ROLE lsmb___manage_system WITH INHERIT NOLOGIN IN ROLE lsmb___change_system_settings, lsmb___all_accounts, lsmb___all_department, lsmb___all_business_type, lsmb___all_sic, lsmb___edit_template; -- Manual Translation CREATE ROLE lsmb___create_language WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_part_translation WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_project_translation WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_manual_translation WITH INHERIT NOLOGIN IN ROLE lsmb___create_language, lsmb___create_part_translation, lsmb___create_project_translation;