Make permissions for administering triggers more usable out of the box:

author dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>

Mon, 8 Mar 2010 19:25:53 +0000 (19:25 +0000)

committer dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>

Mon, 8 Mar 2010 19:25:53 +0000 (19:25 +0000)
author dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Mon, 8 Mar 2010 19:25:53 +0000 (19:25 +0000)
committer dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>
Mon, 8 Mar 2010 19:25:53 +0000 (19:25 +0000)
diff --git a/Open-ILS/examples/fm_IDL.xml b/Open-ILS/examples/fm_IDL.xml

index 99d4b20..63fdc9a 100644 (file)
--- a/Open-ILS/examples/fm_IDL.xml
+++ b/Open-ILS/examples/fm_IDL.xml
@@ -610,7 +610,7 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
                                 <retrieve/>
-                               <delete permission="ADMIN_TRIGGER_TEMPLATE_OUTPUT" global_required="true"/>
+                               <delete permission="ADMIN_TRIGGER_TEMPLATE_OUTPUT DELETE_TRIGGER_TEMPLATE_OUTPUT" global_required="true"/>
                         </actions>
                 </permacrud>
         </class>
@@ -625,10 +625,10 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 <links/>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_HOOK" global_required="true"/>
+                               <create permission="ADMIN_TRIGGER_HOOK CREATE_TRIGGER_HOOK" global_required="true"/>
                                 <retrieve/>
-                               <update permission="ADMIN_TRIGGER_HOOK" global_required="true"/>
-                               <delete permission="ADMIN_TRIGGER_HOOK" global_required="true"/>
+                               <update permission="ADMIN_TRIGGER_HOOK UPDATE_TRIGGER_HOOK" global_required="true"/>
+                               <delete permission="ADMIN_TRIGGER_HOOK DELETE_TRIGGER_HOOK" global_required="true"/>
                         </actions>
                 </permacrud>
         </class>
@@ -649,10 +649,10 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 <links/>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_VALIDATOR" global_required="true"/>
+                               <create permission="ADMIN_TRIGGER_VALIDATOR CREATE_TRIGGER_VALIDATOR" global_required="true"/>
                                 <retrieve/>
-                               <update permission="ADMIN_TRIGGER_VALIDATOR" global_required="true"/>
-                               <delete permission="ADMIN_TRIGGER_VALIDATOR" global_required="true"/>
+                               <update permission="ADMIN_TRIGGER_VALIDATOR UPDATE_TRIGGER_VALIDATOR" global_required="true"/>
+                               <delete permission="ADMIN_TRIGGER_VALIDATOR DELETE_TRIGGER_VALIDATOR" global_required="true"/>
                         </actions>
                 </permacrud>
         </class>
@@ -665,10 +665,10 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 <links/>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_REACTOR" global_required="true"/>
+                               <create permission="ADMIN_TRIGGER_REACTOR CREATE_TRIGGER_REACTOR" global_required="true"/>
                                 <retrieve/>
-                               <update permission="ADMIN_TRIGGER_REACTOR" global_required="true"/>
-                               <delete permission="ADMIN_TRIGGER_REACTOR" global_required="true"/>
+                               <update permission="ADMIN_TRIGGER_REACTOR UPDATE_TRIGGER_REACTOR" global_required="true"/>
+                               <delete permission="ADMIN_TRIGGER_REACTOR DELETE_TRIGGER_REACTOR" global_required="true"/>
                         </actions>
                 </permacrud>
         </class>
@@ -681,10 +681,10 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 <links/>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_CLEANUP" global_required="true"/>
+                               <create permission="ADMIN_TRIGGER_CLEANUP CREATE_TRIGGER_CLEANUP" global_required="true"/>
                                 <retrieve/>
-                               <update permission="ADMIN_TRIGGER_CLEANUP" global_required="true"/>
-                               <delete permission="ADMIN_TRIGGER_CLEANUP" global_required="true"/>
+                               <update permission="ADMIN_TRIGGER_CLEANUP UPDATE_TRIGGER_CLEANUP" global_required="true"/>
+                               <delete permission="ADMIN_TRIGGER_CLEANUP DELETE_TRIGGER_CLEANUP" global_required="true"/>
                         </actions>
                 </permacrud>
         </class>
@@ -703,16 +703,16 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 </links>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <create permission="ADMIN_TRIGGER_EVENT_DEF CREATE_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </create>
-                               <retrieve permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <retrieve permission="ADMIN_TRIGGER_EVENT_DEF VIEW_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </retrieve>
-                               <update permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <update permission="ADMIN_TRIGGER_EVENT_DEF UPDATE_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </update>
-                               <delete permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <delete permission="ADMIN_TRIGGER_EVENT_DEF DELETE_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </delete>
                         </actions>
@@ -754,10 +754,10 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 </links>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
-                               <retrieve permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
-                               <update permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
-                               <delete permission="ADMIN_TRIGGER_EVENT_DEF" context_field="owner"/>
+                               <create permission="ADMIN_TRIGGER_EVENT_DEF CREATE_TRIGGER_EVENT_DEF" context_field="owner"/>
+                               <retrieve permission="ADMIN_TRIGGER_EVENT_DEF VIEW_TRIGGER_EVENT_DEF" context_field="owner"/>
+                               <update permission="ADMIN_TRIGGER_EVENT_DEF UPDATE_TRIGGER_EVENT_DEF" context_field="owner"/>
+                               <delete permission="ADMIN_TRIGGER_EVENT_DEF DELETE_TRIGGER_EVENT_DEF" context_field="owner"/>
                         </actions>
                 </permacrud>
         </class>
@@ -799,16 +799,16 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA
                 </links>
                 <permacrud xmlns="http://open-ils.org/spec/opensrf/IDL/permacrud/v1">
                         <actions>
-                               <create permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <create permission="ADMIN_TRIGGER_EVENT_DEF CREATE_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </create>
-                               <retrieve permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <retrieve permission="ADMIN_TRIGGER_EVENT_DEF VIEW_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </retrieve>
-                               <update permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <update permission="ADMIN_TRIGGER_EVENT_DEF UPDATE_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </update>
-                               <delete permission="ADMIN_TRIGGER_EVENT_DEF">
+                               <delete permission="ADMIN_TRIGGER_EVENT_DEF DELETE_TRIGGER_EVENT_DEF">
                      <context link="event_def" field="owner"/>
                  </delete>
                         </actions>
diff --git a/Open-ILS/src/sql/Pg/002.schema.config.sql b/Open-ILS/src/sql/Pg/002.schema.config.sql

index 76f60b9..24abc8b 100644 (file)
--- a/Open-ILS/src/sql/Pg/002.schema.config.sql
+++ b/Open-ILS/src/sql/Pg/002.schema.config.sql
@@ -51,7 +51,7 @@ CREATE TABLE config.upgrade_log (
      install_date    TIMESTAMP WITH TIME ZONE NOT NULL DEFAULT NOW()
  );
  
-INSERT INTO config.upgrade_log (version) VALUES ('0181'); -- Scott McKellar
+INSERT INTO config.upgrade_log (version) VALUES ('0182'); -- dbs
  
  CREATE TABLE config.bib_source (
         id              SERIAL  PRIMARY KEY,
diff --git a/Open-ILS/src/sql/Pg/950.data.seed-values.sql b/Open-ILS/src/sql/Pg/950.data.seed-values.sql

index a76dc65..f76363c 100644 (file)
--- a/Open-ILS/src/sql/Pg/950.data.seed-values.sql
+++ b/Open-ILS/src/sql/Pg/950.data.seed-values.sql
@@ -1256,6 +1256,28 @@ INSERT INTO permission.perm_list VALUES
      (363, 'ALLOW_ALT_TCN', oils_i18n_gettext(363, 'Allows staff to import a record using an alternate TCN to avoid conflicts', 'ppl', 'description')),
      (364, 'ADMIN_TRIGGER_EVENT_DEF', oils_i18n_gettext(364, 'Allow a user to administer trigger event definitions', 'ppl', 'description')),
         (365, 'ADMIN_ACQ_CANCEL_CAUSE', oils_i18n_gettext(365, 'Allow a user to create/update/delete reasons for order cancellations', 'ppl', 'description')
+    (366, 'ADMIN_TRIGGER_CLEANUP', oils_i18n_gettext(366, 'Allow a user to create, delete, and update trigger cleanup entries', 'ppl', 'description')),
+    (367, 'CREATE_TRIGGER_CLEANUP', oils_i18n_gettext(367, 'Allow a user to create trigger cleanup entries', 'ppl', 'description')),
+    (368, 'DELETE_TRIGGER_CLEANUP', oils_i18n_gettext(368, 'Allow a user to delete trigger cleanup entries', 'ppl', 'description')),
+    (369, 'UPDATE_TRIGGER_CLEANUP', oils_i18n_gettext(369, 'Allow a user to update trigger cleanup entries', 'ppl', 'description')),
+    (370, 'CREATE_TRIGGER_EVENT_DEF', oils_i18n_gettext(370, 'Allow a user to create trigger event definitions', 'ppl', 'description')),
+    (371, 'DELETE_TRIGGER_EVENT_DEF', oils_i18n_gettext(371, 'Allow a user to delete trigger event definitions', 'ppl', 'description')),
+    (372, 'UPDATE_TRIGGER_EVENT_DEF', oils_i18n_gettext(372, 'Allow a user to update trigger event definitions', 'ppl', 'description')),
+    (373, 'VIEW_TRIGGER_EVENT_DEF', oils_i18n_gettext(373, 'Allow a user to view trigger event definitions', 'ppl', 'description')),
+    (374, 'ADMIN_TRIGGER_HOOK', oils_i18n_gettext(374, 'Allow a user to create, update, and delete trigger hooks', 'ppl', 'description')),
+    (375, 'CREATE_TRIGGER_HOOK', oils_i18n_gettext(375, 'Allow a user to create trigger hooks', 'ppl', 'description')),
+    (376, 'DELETE_TRIGGER_HOOK', oils_i18n_gettext(376, 'Allow a user to delete trigger hooks', 'ppl', 'description')),
+    (377, 'UPDATE_TRIGGER_HOOK', oils_i18n_gettext(377, 'Allow a user to update trigger hooks', 'ppl', 'description')),
+    (378, 'ADMIN_TRIGGER_REACTOR', oils_i18n_gettext(378, 'Allow a user to create, update, and delete trigger reactors', 'ppl', 'description')),
+    (379, 'CREATE_TRIGGER_REACTOR', oils_i18n_gettext(379, 'Allow a user to create trigger reactors', 'ppl', 'description')),
+    (380, 'DELETE_TRIGGER_REACTOR', oils_i18n_gettext(380, 'Allow a user to delete trigger reactors', 'ppl', 'description')),
+    (381, 'UPDATE_TRIGGER_REACTOR', oils_i18n_gettext(381, 'Allow a user to update trigger reactors', 'ppl', 'description')),
+    (382, 'ADMIN_TRIGGER_TEMPLATE_OUTPUT', oils_i18n_gettext(382, 'Allow a user to delete trigger template output', 'ppl', 'description')),
+    (383, 'DELETE_TRIGGER_TEMPLATE_OUTPUT', oils_i18n_gettext(383, 'Allow a user to delete trigger template output', 'ppl', 'description')),
+    (384, 'ADMIN_TRIGGER_VALIDATOR', oils_i18n_gettext(384, 'Allow a user to create, update, and delete trigger validators', 'ppl', 'description')),
+    (385, 'CREATE_TRIGGER_VALIDATOR', oils_i18n_gettext(385, 'Allow a user to create trigger validators', 'ppl', 'description')),
+    (386, 'DELETE_TRIGGER_VALIDATOR', oils_i18n_gettext(386, 'Allow a user to delete trigger validators', 'ppl', 'description')),
+    (387, 'UPDATE_TRIGGER_VALIDATOR', oils_i18n_gettext(387, 'Allow a user to update trigger validators', 'ppl', 'description'))
  ;
  
  SELECT SETVAL('permission.perm_list_id_seq'::TEXT, 1000);
@@ -1420,6 +1442,18 @@ INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (S
  INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'SHARE_REPORT_FOLDER'), 1, false);
  INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_REPORT_OUTPUT'), 1, false);
  
+-- Add trigger administration permissions to the Local System Administrator group
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+    SELECT 10, id, 1, false FROM permission.perm_list
+        WHERE code LIKE 'ADMIN_TRIGGER%'
+            OR code LIKE 'CREATE_TRIGGER%'
+            OR code LIKE 'DELETE_TRIGGER%'
+            OR code LIKE 'UPDATE_TRIGGER%'
+;
+-- View trigger permissions are required at a consortial level for initial setup
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+    SELECT 10, id, 0, false FROM permission.perm_list WHERE code LIKE 'VIEW_TRIGGER%';
+
  -- Add basic acquisitions permissions to the Acquisitions group
  SELECT SETVAL('permission.grp_perm_map_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_perm_map));
  INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'GENERAL_ACQ'), 1, false);
diff --git a/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql b/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql

new file mode 100644 (file)

index 0000000..31170d5
--- /dev/null
+++ b/Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql
@@ -0,0 +1,42 @@
+BEGIN;
+
+INSERT INTO config.upgrade_log (version) VALUES ('0182'); -- dbs
+
+INSERT INTO permission.perm_list (code, description) VALUES
+    ('ADMIN_TRIGGER_CLEANUP', 'Allow a user to create, delete, and update trigger cleanup entries'),
+    ('CREATE_TRIGGER_CLEANUP', 'Allow a user to create trigger cleanup entries'),
+    ('DELETE_TRIGGER_CLEANUP', 'Allow a user to delete trigger cleanup entries'),
+    ('UPDATE_TRIGGER_CLEANUP', 'Allow a user to update trigger cleanup entries'),
+    ('CREATE_TRIGGER_EVENT_DEF', 'Allow a user to create trigger event definitions'),
+    ('DELETE_TRIGGER_EVENT_DEF', 'Allow a user to delete trigger event definitions'),
+    ('UPDATE_TRIGGER_EVENT_DEF', 'Allow a user to update trigger event definitions'),
+    ('VIEW_TRIGGER_EVENT_DEF', 'Allow a user to view trigger event definitions'),
+    ('ADMIN_TRIGGER_HOOK', 'Allow a user to create, update, and delete trigger hooks'),
+    ('CREATE_TRIGGER_HOOK', 'Allow a user to create trigger hooks'),
+    ('DELETE_TRIGGER_HOOK', 'Allow a user to delete trigger hooks'),
+    ('UPDATE_TRIGGER_HOOK', 'Allow a user to update trigger hooks'),
+    ('ADMIN_TRIGGER_REACTOR', 'Allow a user to create, update, and delete trigger reactors'),
+    ('CREATE_TRIGGER_REACTOR', 'Allow a user to create trigger reactors'),
+    ('DELETE_TRIGGER_REACTOR', 'Allow a user to delete trigger reactors'),
+    ('UPDATE_TRIGGER_REACTOR', 'Allow a user to update trigger reactors'),
+    ('ADMIN_TRIGGER_TEMPLATE_OUTPUT', 'Allow a user to delete trigger template output'),
+    ('DELETE_TRIGGER_TEMPLATE_OUTPUT', 'Allow a user to delete trigger template output'),
+    ('ADMIN_TRIGGER_VALIDATOR', 'Allow a user to create, update, and delete trigger validators'),
+    ('CREATE_TRIGGER_VALIDATOR', 'Allow a user to create trigger validators'),
+    ('DELETE_TRIGGER_VALIDATOR', 'Allow a user to delete trigger validators'),
+    ('UPDATE_TRIGGER_VALIDATOR', 'Allow a user to update trigger validators')
+;
+
+-- Add trigger administration permissions to the Local System Administrator group
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+    SELECT 10, id, 1, false FROM permission.perm_list
+        WHERE code LIKE 'ADMIN_TRIGGER%'
+            OR code LIKE 'CREATE_TRIGGER%'
+            OR code LIKE 'DELETE_TRIGGER%'
+            OR code LIKE 'UPDATE_TRIGGER%'
+;
+-- View trigger permissions are required at a consortial level for initial setup
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+    SELECT 10, id, 0, false FROM permission.perm_list WHERE code LIKE 'VIEW_TRIGGER%';
+
+COMMIT;
author	dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>
	Mon, 8 Mar 2010 19:25:53 +0000 (19:25 +0000)
committer	dbs <dbs@dcc99617-32d9-48b4-a31d-7c20da2025e4>
	Mon, 8 Mar 2010 19:25:53 +0000 (19:25 +0000)
Open-ILS/examples/fm_IDL.xml		patch \| blob \| history
Open-ILS/src/sql/Pg/002.schema.config.sql		patch \| blob \| history
Open-ILS/src/sql/Pg/950.data.seed-values.sql		patch \| blob \| history
Open-ILS/src/sql/Pg/upgrade/0182.data.permission.action_trigger.sql	[new file with mode: 0644]	patch \| blob