From 91839954219504367ca5302633807b6b016035ec Mon Sep 17 00:00:00 2001 From: Galen Charlton Date: Thu, 27 Oct 2022 21:37:13 -0400 Subject: [PATCH] LP1977761: (follow-up) adjust DB update Assign the new permission to permission groups that include ADMIN_FUND; that way, users who were able to rollover funds are less likely to lose the ability to do so unexpectedly. Signed-off-by: Galen Charlton --- .../sql/Pg/upgrade/XXXX.data.acqrolloverperm.sql | 30 +++++++++++++++++++--- 1 file changed, 27 insertions(+), 3 deletions(-) diff --git a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.acqrolloverperm.sql b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.acqrolloverperm.sql index cb08020a26..b205641522 100644 --- a/Open-ILS/src/sql/Pg/upgrade/XXXX.data.acqrolloverperm.sql +++ b/Open-ILS/src/sql/Pg/upgrade/XXXX.data.acqrolloverperm.sql @@ -2,14 +2,38 @@ BEGIN; INSERT INTO permission.perm_list ( id, code, description ) VALUES ( - 639, + 641, 'ADMIN_FUND_ROLLOVER', oils_i18n_gettext( - 639, + 641, 'Allow a user to perform fund propagation and rollover', 'ppl', 'description' ) ); -COMMIT; \ No newline at end of file +-- ensure that permission groups that are able to +-- rollover funds can continue to do so +WITH perms_to_add AS + (SELECT id FROM + permission.perm_list + WHERE code IN ('ADMIN_FUND_ROLLOVER')) +INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) + SELECT grp, perms_to_add.id as perm, depth, grantable + FROM perms_to_add, + permission.grp_perm_map + + --- Don't add the permissions if they have already been assigned + WHERE grp NOT IN + (SELECT DISTINCT grp FROM permission.grp_perm_map + INNER JOIN perms_to_add ON perm=perms_to_add.id) + + --- Anybody who can view resources should also see reservations + --- at the same level + AND perm = ( + SELECT id + FROM permission.perm_list + WHERE code = 'ADMIN_FUND' + ); + +COMMIT; -- 2.11.0