LP#1835127: scoped permissions for reservations

author Jeff Davis <jdavis@sitka.bclibraries.ca>

Wed, 6 May 2020 21:22:49 +0000 (14:22 -0700)

committer Chris Sharp <csharp@georgialibraries.org>

Wed, 23 Sep 2020 20:30:56 +0000 (16:30 -0400)
author Jeff Davis <jdavis@sitka.bclibraries.ca>
Wed, 6 May 2020 21:22:49 +0000 (14:22 -0700)
committer Chris Sharp <csharp@georgialibraries.org>
Wed, 23 Sep 2020 20:30:56 +0000 (16:30 -0400)
diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml

index e47f722..a312c10 100644 (file)
--- a/Open-ILS/examples/fm_IDL.xml
+++ b/Open-ILS/examples/fm_IDL.xml
@@ -5431,10 +5431,10 @@ SELECT  usr,
                 </links>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_BOOKING_RESERVATION" global_required='true'/>
-                               <retrieve permission="STAFF_LOGIN" global_required='true'/>
-                               <update permission="ADMIN_BOOKING_RESERVATION" global_required='true'/>
-                               <delete permission="ADMIN_BOOKING_RESERVATION" global_required='true'/>
+                               <create permission="ADMIN_BOOKING_RESERVATION" context_field="pickup_lib"/>
+                               <retrieve permission="VIEW_BOOKING_RESERVATION" context_field="pickup_lib"/>
+                               <update permission="ADMIN_BOOKING_RESERVATION" context_field="pickup_lib"/>
+                               <delete permission="ADMIN_BOOKING_RESERVATION" context_field="pickup_lib"/>
                         </actions>
                 </permacrud>
         </class>
@@ -5451,10 +5451,18 @@ SELECT  usr,
                 </links>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_BOOKING_RESERVATION_ATTR_MAP" global_required='true'/>
-                               <retrieve permission="STAFF_LOGIN" global_required='true'/>
-                               <update permission="ADMIN_BOOKING_RESERVATION_ATTR_MAP" global_required='true'/>
-                               <delete permission="ADMIN_BOOKING_RESERVATION_ATTR_MAP" global_required='true'/>
+                               <create permission="ADMIN_BOOKING_RESERVATION_ATTR_MAP">
+                                       <context link="reservation" field="pickup_lib"/>
+                               </create>
+                               <retrieve permission="VIEW_BOOKING_RESERVATION_ATTR_MAP">
+                                       <context link="reservation" field="pickup_lib"/>
+                               </retrieve>
+                               <update permission="ADMIN_BOOKING_RESERVATION_ATTR_MAP">
+                                       <context link="reservation" field="pickup_lib"/>
+                               </update>
+                               <delete permission="ADMIN_BOOKING_RESERVATION_ATTR_MAP">
+                                       <context link="reservation" field="pickup_lib"/>
+                               </delete>
                         </actions>
                 </permacrud>
         </class>
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql

index 8f31296..efab317 100644 (file)
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1945,6 +1945,10 @@ INSERT INTO permission.perm_list ( id, code, description ) VALUES
      'Allows a user to configure Matomo Analytics org unit settings', 'ppl', 'description')),
   ( 624, 'MANAGE_RESERVES', oils_i18n_gettext(624,
      'Allows user to manage Courses, Course Materials, and associate Users with Courses.', 'ppl', 'description'))
+ ( 625, 'VIEW_BOOKING_RESERVATION', oils_i18n_gettext(623,
+    'View booking reservations', 'ppl', 'description')),
+ ( 626, 'VIEW_BOOKING_RESERVATION_ATTR_MAP', oils_i18n_gettext(624,
+    'View booking reservation attribute maps', 'ppl', 'description'))
  ;
  
  
diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.booking_reservation.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.booking_reservation.sql

new file mode 100644 (file)

index 0000000..3259ad4
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.booking_reservation.sql
@@ -0,0 +1,12 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+INSERT INTO permission.perm_list ( id, code, description ) VALUES
+ ( 623, 'VIEW_BOOKING_RESERVATION', oils_i18n_gettext(623,
+    'View booking reservations', 'ppl', 'description')),
+ ( 624, 'VIEW_BOOKING_RESERVATION_ATTR_MAP', oils_i18n_gettext(624,
+    'View booking reservation attribute maps', 'ppl', 'description'))
+;
+
+COMMIT;
author	Jeff Davis <jdavis@sitka.bclibraries.ca>
	Wed, 6 May 2020 21:22:49 +0000 (14:22 -0700)
committer	Chris Sharp <csharp@georgialibraries.org>
	Wed, 23 Sep 2020 20:30:56 +0000 (16:30 -0400)
Open-ILS/examples/fm_IDL.xml		patch \| blob \| history
Open-ILS/src/sql/Pg/950.data.seed-values.sql		patch \| blob \| history
Open-ILS/src/sql/Pg/upgrade/XXXX.data.permission.booking_reservation.sql	[new file with mode: 0644]	patch \| blob