-- Contacts CREATE ROLE lsmb___read_contact WITH INHERIT NOLOGIN; GRANT SELECT ON entity TO lsmb___create_contact; GRANT SELECT ON company TO lsmb___create_contact; GRANT SELECT ON location TO lsmb___create_contact; GRANT SELECT ON person TO lsmb___create_contact; GRANT SELECT ON entity_credit_account TO lsmb___create_contact; GRANT SELECT ON company_to_contact TO lsmb___create_contact; GRANT SELECT ON company_to_entity TO lsmb___create_contact; GRANT SELECT ON company_to_location TO lsmb___create_contact; GRANT SELECT ON customertax TO lsmb___create_contact; GRANT SELECT ON employee TO lsmb___create_contact; GRANT SELECT ON customer TO lsmb___create_contact; GRANT SELECT ON contact_class TO lsmb___create_contact; GRANT SELECT ON entity_class TO lsmb___create_contact; GRANT SELECT ON entity_bank_account TO lsmb___create_contact; GRANT SELECT ON entity_note TO lsmb___create_contact; GRANT SELECT ON entity_class_to_entity TO lsmb___create_contact; GRANT SELECT ON entity_other_name TO lsmb___create_contact; GRANT SELECT ON location_class TO lsmb___create_contact; GRANT SELECT ON person_to_company TO lsmb___create_contact; GRANT SELECT ON person_to_contact TO lsmb___create_contact; GRANT SELECT ON person_to_contact TO lsmb___create_contact; GRANT SELECT ON person_to_location TO lsmb___create_contact; GRANT SELECT ON person_to_location TO lsmb___create_contact; GRANT SELECT ON vendortax TO lsmb___create_contact; INSERT INTO menu_acl (node_id, acl_type, role_name) values (1, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (11, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (14, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (21, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (30, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (33, 'allow', 'lsmb___create_contact'); CREATE ROLE lsmb___create_contact WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON entity TO lsmb___create_contact; GRANT INSERT ON company TO lsmb___create_contact; GRANT INSERT ON location TO lsmb___create_contact; GRANT INSERT ON person TO lsmb___create_contact; GRANT INSERT ON entity_credit_account TO lsmb___create_contact; GRANT INSERT ON company_to_contact TO lsmb___create_contact; GRANT INSERT ON company_to_entity TO lsmb___create_contact; GRANT INSERT ON company_to_location TO lsmb___create_contact; GRANT INSERT ON customertax TO lsmb___create_contact; GRANT INSERT ON employee TO lsmb___create_contact; GRANT INSERT ON customer TO lsmb___create_contact; GRANT INSERT ON entity_bank_account TO lsmb___create_contact; GRANT INSERT ON entity_note TO lsmb___create_contact; GRANT INSERT ON entity_class_to_entity TO lsmb___create_contact; GRANT INSERT ON entity_other_name TO lsmb___create_contact; GRANT INSERT ON person_to_company TO lsmb___create_contact; GRANT INSERT ON person_to_contact TO lsmb___create_contact; GRANT INSERT ON person_to_contact TO lsmb___create_contact; GRANT INSERT ON person_to_location TO lsmb___create_contact; GRANT INSERT ON person_to_location TO lsmb___create_contact; GRANT INSERT ON vendortax TO lsmb___create_contact; INSERT INTO menu_acl (node_id, acl_type, role_name) values (1, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (11, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (12, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (21, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (30, 'allow', 'lsmb___create_contact'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (31, 'allow', 'lsmb___create_contact'); CREATE ROLE lsmb___edit_contact WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT UPDATE ON entity TO lsmb___create_contact; GRANT UPDATE ON company TO lsmb___create_contact; GRANT UPDATE ON location TO lsmb___create_contact; GRANT UPDATE ON person TO lsmb___create_contact; GRANT UPDATE ON entity_credit_account TO lsmb___create_contact; GRANT UPDATE ON company_to_contact TO lsmb___create_contact; GRANT UPDATE ON company_to_entity TO lsmb___create_contact; GRANT UPDATE ON company_to_location TO lsmb___create_contact; GRANT UPDATE ON customertax TO lsmb___create_contact; GRANT UPDATE ON employee TO lsmb___create_contact; GRANT UPDATE ON customer TO lsmb___create_contact; GRANT UPDATE ON entity_bank_account TO lsmb___create_contact; GRANT UPDATE ON entity_note TO lsmb___create_contact; GRANT UPDATE ON entity_class_to_entity TO lsmb___create_contact; GRANT UPDATE ON entity_other_name TO lsmb___create_contact; GRANT UPDATE ON person_to_company TO lsmb___create_contact; GRANT UPDATE ON person_to_contact TO lsmb___create_contact; GRANT UPDATE ON person_to_contact TO lsmb___create_contact; GRANT UPDATE ON person_to_location TO lsmb___create_contact; GRANT UPDATE ON person_to_location TO lsmb___create_contact; GRANT DELETE, INSERT ON vendortax TO lsmb___create_contact; CREATE ROLE lsmb___contact_all_rights WITH INHERIT NOLOGIN in role lsmb___create_contact, lsmb___edit_contact, lsmb___read_contact; -- Batches and VOuchers CREATE ROLE lsmb___create_batch WITH INHERIT NOLOGIN; GRANT INSERT ON batch TO lsmb___create_batch; GRANT SELECT ON batch_class TO lsmb___create_batch; GRANT INSERT ON voucher TO lsmb___create_batch; -- TODO add Menu ACLs CREATE ROLE lsmb___post_batches WITH INHERIT NOLOGIN; GRANT UPDATE ON ar TO lsmb___post_batches; GRANT UPDATE ON ap TO lsmb___post_batches; GRANT UPDATE ON acc_trans TO lsmb___post_batches; GRANT UPDATE ON batch TO lsmb___post_batches; GRANT UPDATE ON gl TO lsmb___post_batches; -- TODO add Menu ACLs -- AR CREATE ROLE lsmb___create_ar_transaction WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON ar TO lsmb___create_ar_transaction; GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction; INSERT INTO menu_acl (node_id, acl_type, role_name) values (1, 'allow', 'lsmb___create_ar_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (2, 'allow', 'lsmb___create_ar_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (194, 'allow', 'lsmb___create_ar_transaction'); CREATE ROLE lsmb___create_ar_transaction_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; GRANT INSERT ON ar TO lsmb___create_ar_transaction_voucher; GRANT INSERT ON acc_trans TO lsmb___create_ar_transaction_voucher; -- TODO add Menu ACLs CREATE ROLE lsmb___create_ar_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_ar_transaction; GRANT INSERT ON invoice TO lsmb___create_ar_invoice; GRANT INSERT ON inventory TO lsmb___create_ar_invoice; INSERT INTO menu_acl (node_id, acl_type, role_name) values (3, 'allow', 'lsmb___create_ar_invoice'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (195, 'allow', 'lsmb___create_ar_transaction'); CREATE ROLE lsmb___create_ar_invoice_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch, lsmb___create_ar_transaction_voucher; GRANT INSERT ON invoice TO lsmb___create_ar_invoice_voucher; GRANT INSERT ON inventory TO lsmb___create_ar_invoice_voucher; -- TODO add Menu ACLs CREATE ROLE lsmb___list_ar_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON ar TO lsmb___list_ar_transactions; GRANT SELECT ON acc_trans TO lsmb___list_ar_transactions; GRANT SELECT ON invoice TO lsmb___list_ar_transactions GRANT SELECT ON inventory TO lsmb___list_ar_transactions INSERT INTO menu_acl (node_id, acl_type, role_name) values (1, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (4, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (5, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (6, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (7, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (9, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (10, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (11, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (13, 'allow', 'lsmb___list_ar_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (15, 'allow', 'lsmb___list_ar_transactions'); CREATE ROLE lsmb___ar_all_vouchers WITH INHERIT NOLOGIN IN ROLE lsmb___create_ar_transaction_voucher, lsmb___create_ar_invoice_voucher; CREATE ROLE lsmb___ar_all_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___create_ar_transaction, lsmb___create_ar_invoice, lsmb___list_ar_transactions; CREATE ROLE lsmb___create_sales_order WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_sales_order; GRANT INSERT ON orderitems TO lsmb___create_sales_order; INSERT INTO menu_acl (node_id, acl_type, role_name) values (50, 'allow', 'lsmb___create_sales_order'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (51, 'allow', 'lsmb___create_sales_order'); CREATE ROLE lsmb___create_sales_quotation WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_sales_quotation; GRANT INSERT ON orderitems TO lsmb___create_sales_quotation; INSERT INTO menu_acl (node_id, acl_type, role_name) values (67, 'allow', 'lsmb___create_sales_quotation'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (68, 'allow', 'lsmb___create_sales_quotation'); CREATE ROLE lsmb___list_sales_orders WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON oe TO lsmb___list_sales_orders; GRANT SELECT ON orderitems TO lsmb___list_sales_orders; INSERT INTO menu_acl (node_id, acl_type, role_name) values (50, 'allow', 'lsmb___list_sales_orders'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (53, 'allow', 'lsmb___list_sales_orders'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (54, 'allow', 'lsmb___list_sales_orders'); CREATE ROLE lsmb___list_sales_quotations WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON oe TO lsmb___list_sales_quotations; GRANT SELECT ON orderitems TO lsmb___list_sales_quotations; INSERT INTO menu_acl (node_id, acl_type, role_name) values (67, 'allow', 'lsmb___list_sales_quotations'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (70, 'allow', 'lsmb___list_sales_quotations'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (71, 'allow', 'lsmb___list_sales_quotations'); CREATE ROLE lsmb___all_ar WITH INHERIT NOLOGIN IN ROLE lsmb___ar_all_vouchers, lsmb___ar_all_transactions, lsmb___create_sales_order, lsmb___create_sales_quotation, lsmb___list_sales_orders, lsmb___list_sales_quotations; -- AP CREATE ROLE lsmb___create_ap_transaction WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON ap TO lsmb___create_ap_transaction; GRANT INSERT ON acc_trans TO lsmb___create_ap_transaction; INSERT INTO menu_acl (node_id, acl_type, role_name) values (21, 'allow', 'lsmb___create_ap_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (22, 'allow', 'lsmb___create_ap_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (196, 'allow', 'lsmb___create_ap_transaction'); CREATE ROLE lsmb___create_ap_transaction_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; GRANT INSERT ON ar TO lsmb___create_ap_transaction_voucher; GRANT INSERT ON acc_trans TO lsmb___create_ap_transaction_voucher; -- TODO add Menu ACLs CREATE ROLE lsmb___create_ap_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_ap_transaction; GRANT INSERT ON invoice TO lsmb___create_ap_invoice; GRANT INSERT ON inventory TO lsmb___create_ap_invoice; INSERT INTO menu_acl (node_id, acl_type, role_name) values (23, 'allow', 'lsmb___create_ap_invoice'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (197, 'allow', 'lsmb___create_ap_transaction'); CREATE ROLE lsmb___create_ap_invoice_voucher WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact, lsmb___create_batch; GRANT INSERT ON invoice TO lsmb___create_ap_invoice_voucher; GRANT INSERT ON inventory TO lsmb___create_ap_invoice_voucher; -- TODO add Menu ACLs CREATE ROLE lsmb___list_ap_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON ap TO lsmb___list_ap_transactions; GRANT SELECT ON acc_trans TO lsmb___list_ap_transactions; GRANT SELECT ON invoice TO lsmb___list_ap_transactions GRANT SELECT ON inventory TO lsmb___list_ap_transactions INSERT INTO menu_acl (node_id, acl_type, role_name) values (21, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (24, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (25, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (26, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (27, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (28, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (29, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (30, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (32, 'allow', 'lsmb___list_ap_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (34, 'allow', 'lsmb___list_ap_transactions'); CREATE ROLE lsmb___ap_all_vouchers WITH INHERIT NOLOGIN IN ROLE lsmb___create_ap_transaction_voucher, lsmb___create_ap_invoice_voucher; CREATE ROLE lsmb___ap_all_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___create_ap_transaction, lsmb___create_ap_invoice, lsmb___list_ap_transactions; CREATE ROLE lsmb___create_purchase_order WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; WITH INHERIT NOLOGIN; GRANT INSERT ON oe TO lsmb___create_purchase_order; GRANT INSERT ON orderitems TO lsmb___create_purchase_order; INSERT INTO menu_acl (node_id, acl_type, role_name) values (50, 'allow', 'lsmb___create_purchase_order'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (52, 'allow', 'lsmb___create_purchase_order'); CREATE ROLE lsmb___create_purchase_rfq WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON oe TO lsmb___create_purchase_rfq; GRANT INSERT ON orderitems TO lsmb___create_purchase_rfq; INSERT INTO menu_acl (node_id, acl_type, role_name) values (67, 'allow', 'lsmb___create_purchase_rfq'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (69, 'allow', 'lsmb___create_purchase_rfq'); CREATE ROLE lsmb___list_purchase_orders WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON oe TO lsmb___list_purchase_orders; GRANT SELECT ON orderitems TO lsmb___list_purchase_orders; INSERT INTO menu_acl (node_id, acl_type, role_name) values (50, 'allow', 'lsmb___list_purchase_orders'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (53, 'allow', 'lsmb___list_purchase_orders'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (55, 'allow', 'lsmb___list_purchase_orders'); CREATE ROLE lsmb___list_purchase_rfqs WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT SELECT ON oe TO lsmb___list_purchase_rfqs; GRANT SELECT ON orderitems TO lsmb___list_purchase_rfqs; INSERT INTO menu_acl (node_id, acl_type, role_name) values (67, 'allow', 'lsmb___list_purchase_rfqs'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (70, 'allow', 'lsmb___list_purchase_rfqs'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (72, 'allow', 'lsmb___list_purchase_rfqs'); CREATE ROLE lsmb___all_ap WITH INHERIT NOLOGIN IN ROLE lsmb___ap_all_vouchers, lsmb___ap_all_transactions, lsmb___create_purchase_order, lsmb___create_purchase_rfq, lsmb___list_purchase_orders, lsmb___list_purchase_rfqs; -- POS CREATE ROLE lsmb___create_pos_invoice WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON invoice TO lsmb___create_pos_invoice; GRANT INSERT ON inventory TO lsmb___create_pos_invoice; GRANT INSERT ON ar TO lsmb___create_pos_invoice; GRANT INSERT ON acc_trans TO lsmb___create_pos_invoice; INSERT INTO menu_acl (node_id, acl_type, role_name) values (16, 'allow', 'lsmb___create_pos_invoice'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (17, 'allow', 'lsmb___create_pos_invoice'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (18, 'allow', 'lsmb___create_pos_invoice'); CREATE ROLE lsmb___close_till WITH INHERIT NOLOGIN; GRANT INSERT ON gl TO lsmb___close_till; GRANT INSERT ON acc_trans TO lsmb___close_till; INSERT INTO menu_acl (node_id, acl_type, role_name) values (16, 'allow', 'lsmb___close_till'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (19, 'allow', 'lsmb___close_till'); CREATE ROLE lsmb___list_all_open WITH INHERIT NOLOGIN; GRANT SELECT ON ar TO lsmb___list_all_open; GRANT SELECT ON acc_trans TO lsmb___list_all_open; INSERT INTO menu_acl (node_id, acl_type, role_name) values (16, 'allow', 'lsmb___list_all_open'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (18, 'allow', 'lsmb___list_all_open'); CREATE ROLE lsmb___pos_cashier WITH INHERIT NOLOGIN lsmb___create_pos_invoice, lsmb___close_till; CREATE ROLE lsmb___all_pos WITH INHERIT NOLOGIN IN ROLE lsmb___pos_cashier, lsmb___list_all_open; -- CASH CREATE ROLE lsmb___reconcile WITH INHERIT NOLOGIN; GRANT INSERT ON pending_reports TO lsmb___reconcile; GRANT INSERT on report_corrections TO lsmb___reconcile; GRANT SELECT ON acc_trans TO lsmb___reconcile; INSERT INTO menu_acl (node_id, acl_type, role_name) values (35, 'allow', 'lsmb__reconcile'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (45, 'allow', 'lsmb__reconcile'); CREATE ROLE lsmb___approve_reconciliation WITH INHERIT NOLOGIN; GRANT UPDATE ON pending_reports TO lsmb___reconcile; GRANT SELECT ON acc_trans TO lsmb___reconcile; INSERT INTO menu_acl (node_id, acl_type, role_name) values (35, 'allow', 'lsmb__reconcile'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (41, 'allow', 'lsmb__reconcile'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (44, 'allow', 'lsmb__reconcile'); CREATE ROLE lsmb___all_reconcile WITH INHERIT NOLOGIN IN ROLE lsmb___reconcile, lsmb___approve_reconciliation; CREATE ROLE lsmb___process_payment WITH INHERIT NOLOGIN IN ROLE ap_list_transactions; GRANT INSERT ON acc_trans TO lsmb___process_payment; INSERT INTO menu_acl (node_id, acl_type, role_name) values (35, 'allow', 'lsmb___process_payment'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (38, 'allow', 'lsmb___process_payment'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (39, 'allow', 'lsmb___process_payment'); CREATE ROLE lsmb___process_receipt WITH INHERIT NOLOGIN IN ROLE ar_list_transactions; GRANT INSERT ON acc_trans TO lsmb___process_receipt; INSERT INTO menu_acl (node_id, acl_type, role_name) values (35, 'allow', 'lsmb___process_receipt'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (36, 'allow', 'lsmb___process_receipt'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (47, 'allow', 'lsmb___process_receipt'); CREATE ROLE lsmb___cash_all WITH INHERIT NOLOGIN IN ROLE lsmb___all_reconcile, lsmb___process_payment, lsmb___process_receipt; -- Inventory Control CREATE ROLE lsmb___create_part WITH INHERIT NOLOGIN; GRANT INSERT ON parts TO lsmb___create_part; INSERT INTO menu_acl (node_id, acl_type, role_name) values (77, 'allow', 'lsmb___create_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (78, 'allow', 'lsmb___create_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (79, 'allow', 'lsmb___create_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (80, 'allow', 'lsmb___create_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (81, 'allow', 'lsmb___create_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (82, 'allow', 'lsmb___create_part'); CREATE ROLE lsmb___edit_part WITH INHERIT NOLOGIN; GRANT UPDATE ON parts TO lsmb___edit_part; INSERT INTO menu_acl (node_id, acl_type, role_name) values (77, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (85, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (86, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (87, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (88, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (89, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (90, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (91, 'allow', 'lsmb___edit_part'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (93, 'allow', 'lsmb___edit_part'); CREATE ROLE lsmb___inventory_reports WITH INHERIT NOLOGIN; GRANT SELECT ON ar TO lsmb___inventory_reports; GRANT SELECT ON ap TO lsmb___inventory_reports; GRANT SELECT ON inventory TO lsmb___inventory_reports; GRANT SELECT ON invoice TO lsmb___inventory_reports; GRANT SELECT ON acc_trans TO lsmb___inventory_reports; INSERT INTO menu_acl (node_id, acl_type, role_name) values (77, 'allow', 'lsmb___inventory_reports'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (85, 'allow', 'lsmb___inventory_reports'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (88, 'allow', 'lsmb___inventory_reports'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (94, 'allow', 'lsmb___inventory_reports'); CREATE ROLE lsmb___create_pricegroup WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT INSERT ON pricegroup TO lsmb___create_pricegroup; GRANT UPDATE ON entity_credit_account TO lsmb___create_pricegroup; INSERT INTO menu_acl (node_id, acl_type, role_name) values (77, 'allow', 'lsmb___create_pricegroup'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (83, 'allow', 'lsmb___create_pricegroup'); CREATE ROLE lsmb___edit_pricegroup WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; GRANT UPDATE ON pricegroup TO lsmb___edit_pricegroup; GRANT UPDATE ON entity_credit_account TO lsmb___edit_pricegroup; INSERT INTO menu_acl (node_id, acl_type, role_name) values (77, 'allow', 'lsmb___edit_pricegroup'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (85, 'allow', 'lsmb___edit_pricegroup'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (92, 'allow', 'lsmb___edit_pricegroup'); CREATE ROLE lsmb___stock_assembly WITH INHERIT NOLOGIN; GRANT UPDATE ON parts TO lsmb___stock_assembly; INSERT INTO menu_acl (node_id, acl_type, role_name) values (77, 'allow', 'lsmb___stock_assembly'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (84, 'allow', 'lsmb___stock_assembly'); CREATE ROLE lsmb___ship_inventory WITH INHERIT NOLOGIN IN ROLE lsmb___list_sales_orders; GRANT INSERT ON inventory TO lsmb___ship_inventory; INSERT INTO menu_acl (node_id, acl_type, role_name) values (63, 'allow', 'lsmb___ship_inventory'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (64, 'allow', 'lsmb___ship_inventory'); CREATE ROLE lsmb___receive_inventory WITH INHERIT NOLOGIN IN ROLE lsmb___list_purchase_orders; GRANT INSERT ON inventory TO lsmb___receive_inventory; INSERT INTO menu_acl (node_id, acl_type, role_name) values (63, 'allow', 'lsmb___receive_inventory'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (65, 'allow', 'lsmb___receive_inventory'); CREATE ROLE lsmb___transfer_inventory WITH INHERIT NOLOGIN; GRANT INSERT ON inventory TO lsmb___transfer_inventory; INSERT INTO menu_acl (node_id, acl_type, role_name) values (63, 'allow', 'lsmb___transfer_inventory'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (66, 'allow', 'lsmb___transfer_inventory'); CREATE ROLE lsmb___create_warehouse WITH INHERIT NOLOGIN; GRANT INSERT ON warehouse TO lsmb___create_warehouse; INSERT INTO menu_acl (node_id, acl_type, role_name) values (128, 'allow', 'lsmb___create_warehouse'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (141, 'allow', 'lsmb___create_warehouse'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (142, 'allow', 'lsmb___create_warehouse'); CREATE ROLE lsmb___edit_warehouse WITH INHERIT NOLOGIN; GRANT UPDATE ON warehouse TO lsmb___edit_warehouse; INSERT INTO menu_acl (node_id, acl_type, role_name) values (128, 'allow', 'lsmb___edit_warehouse'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (141, 'allow', 'lsmb___edit_warehouse'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (143, 'allow', 'lsmb___edit_warehouse'); CREATE ROLE lsmb___all_inventory WITH INHERIT NOLOGIN IN ROLE lsmb___create_part, lsmb___inventory_reports, lsmb___stock_assembly, lsmb___ship_inventory, lsmb___receive_inventory, lsmb___transfer_inventory, lsmb___edit_warehouse, lsmb___create_warehouse; -- GL CREATE ROLE lsmb___create_transaction WITH INHERIT NOLOGIN; GRANT INSERT ON gl TO lsmb___create_transaction; GRANT INSERT ON acc_trans TO lsmb___create_transaction; INSERT INTO menu_acl (node_id, acl_type, role_name) values (73, 'allow', 'lsmb___create_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (74, 'allow', 'lsmb___create_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (75, 'allow', 'lsmb___create_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (35, 'allow', 'lsmb___create_transaction'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (40, 'allow', 'lsmb___create_transaction'); CREATE ROLE lsmb___create_transaction_voucher WITH INHERIT NOLOGIN; GRANT INSERT ON gl TO lsmb___create_transaction; GRANT INSERT ON acc_trans TO lsmb___create_transaction; -- TODO Add menu permissions CREATE ROLE lsmb___list_transactions WITH INHERIT NOLOGIN IN ROLE lsmb___list_ar_transactions, lsmb___list_ap_transactions; GRANT SELECT ON gl TO lsmb___list_transactions; INSERT INTO menu_acl (node_id, acl_type, role_name) values (73, 'allow', 'lsmb___list_transactions'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (76, 'allow', 'lsmb___list_transactions'); CREATE ROLE lsmb___run_yearend WITH INHERIT NOLOGIN; GRANT INSERT, SELECT ON acc_trans TO lsmb___run_yearend; INSERT INTO menu_acl (node_id, acl_type, role_name) values (128, 'allow', 'lsmb___run_yearend'); INSERT INTO menu_acl (node_id, acl_type, role_name) values (132, 'allow', 'lsmb___run_yearend'); CREATE ROLE lsmb___list_batches WITH INHERIT NOLOGIN IN ROLE lsmb___list_transactions; GRANT SELECT ON batch TO lsmb___list_batches; GRANT SELECT ON batch_class TO lsmb___list_batches; GRANT SELECT ON voucher TO lsmb___list_batches; CREATE ROLE lsmb___all_gl WITH INHERIT NOLOGIN IN ROLE lsmb___create_transaction, lsmb___create_transaction_voucher, lsmb___run_yearend, lsmb___list_transactions; -- PROJECTS CREATE ROLE lsmb___create_project WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_project WITH INHERIT NOLOGIN; CREATE ROLE lsmb___add_project_timecard WITH INHERIT NOLOGIN IN ROLE lsmb___read_contact; -- ORDER GENERATION CREATE ROLE lsmb___project_generate_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___sales_to_purchase_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___consolidate_purchase_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___consolidate_sales_orders WITH INHERIT NOLOGIN; CREATE ROLE lsmb___manage_orders WITH INHERIT NOLOGIN IN ROLE lsmb___project_generate_orders, lsmb___sales_to_purchase_orders, lsmb___consolidate_purchase_orders, lsmb___consolidate_sales_orders; -- FINANCIAL REPORTS CREATE ROLE lsmb___run_financial_reports WITH INHERIT NOLOGIN IN ROLE lsmb___list_transactions; -- RECURRING TRANSACTIONS -- TO ADD WHEN THIS IS REDESIGNED -- BATCH PRINTING CREATE ROLE lsmb___list_print_jobs WITH INHERIT NOLOGIN; CREATE ROLE lsmb___print_jobs WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_batch_printing WITH INHERIT NOLOGIN IN ROLE lsmb___list_print_jobs, lsmb___print_jobs; -- SYSTEM SETTINGS CREATE ROLE lsmb___list_system_settings WITH INHERIT NOLOGIN; CREATE ROLE lsmb___change_system_settings WITH INHERIT NOLOGIN IN ROLE lsmb___list_system_settings; CREATE ROLE lsmb___set_taxes WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_account WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_account WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_gifi WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_gifi WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_accounts WITH INHERIT NOLOGIN IN ROLE lsmb___create_account, lsmb___set_taxes, lsmb___edit_account, lsmb___create_gifi; lsmb___edit_gifi; CREATE ROLE lsmb___create_department WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_department WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_department WITH INHERIT NOLOGIN IN ROLE lsmb___create_department, lsmb___edit_department; CREATE ROLE lsmb___create_business_type WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_business_type WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_business_type WITH INHERIT NOLOGIN IN ROLE lsmb___create_business_type, lsmb___edit_business_type; CREATE ROLE lsmb___create_sic WITH INHERIT NOLOGIN; CREATE ROLE lsmb___edit_sic WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_sic WITH INHERIT NOLOGIN IN ROLE lsmb___create_sic, lsmb___edit_sic; CREATE ROLE lsmb___edit_template WITH INHERIT NOLOGIN; CREATE ROLE lsmb___manage_system WITH INHERIT NOLOGIN IN ROLE lsmb___change_system_settings, lsmb___all_accounts, lsmb___all_department, lsmb___all_business_type, lsmb___all_sic, lsmb___edit_template; -- Manual Translation CREATE ROLE lsmb___create_language WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_part_translation WITH INHERIT NOLOGIN; CREATE ROLE lsmb___create_project_translation WITH INHERIT NOLOGIN; CREATE ROLE lsmb___all_manual_translation WITH INHERIT NOLOGIN IN ROLE lsmb___create_language, lsmb___create_part_translation, lsmb___create_project_translation;