projects / working / Evergreen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 25d4b18)
LP#16663435 - Stripe org settings lack view permissions.
authorChris Sharp <csharp@georgialibraries.org>
Tue, 14 Feb 2017 18:27:31 +0000 (13:27 -0500)
committerDan Wells <dbw2@calvin.edu>
Thu, 16 Feb 2017 23:34:33 +0000 (18:34 -0500)
Unprivileged users can retrieve organizational unit setting values
for setting types lacking a "view" permission.  When the feature adding
Stripe credit card processing was added, the upgrade script neglected to
add the VIEW_CREDIT_CARD_PROCESSING permission to the organizational unit
setting type (which was included in 0396.data.org-setting-payflowpro.sql).

Fresh installs are not affected, but anyone who upgraded through 0863.data.stripe-payments.sql
(included in the 2.5.3-2.6.0-upgrade-db.sql version upgrade script) and is
using Stripe credit card processing should run this script.

Signed-off-by: Chris Sharp <csharp@georgialibraries.org>
Signed-off-by: Jason Stephenson <jason@sigio.com>
Signed-off-by: Galen Charlton <gmc@equinoxinitiative.org>
Open-ILS/src/sql/Pg/upgrade/XXXX.data.coust_view_perms_stripe.sql [new file with mode: 0644] patch | blob

diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.coust_view_perms_stripe.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.coust_view_perms_stripe.sql
new file mode 100644 (file)
index 0000000..438ec30
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.coust_view_perms_stripe.sql
@@ -0,0 +1,15 @@
+BEGIN;
+
+SELECT evergreen.upgrade_deps_block_check('XXXX', :eg_version);
+
+UPDATE config.org_unit_setting_type
+    SET view_perm = (SELECT id FROM permission.perm_list
+        WHERE code = 'VIEW_CREDIT_CARD_PROCESSING' LIMIT 1)
+    WHERE name LIKE 'credit.processor.stripe%' AND view_perm IS NULL;
+
+UPDATE config.org_unit_setting_type
+    SET update_perm = (SELECT id FROM permission.perm_list
+        WHERE code = 'ADMIN_CREDIT_CARD_PROCESSING' LIMIT 1)
+    WHERE name LIKE 'credit.processor.stripe%' AND update_perm IS NULL;
+
+COMMIT;
Evergreen ILS