github-mirror/grocy
1
0
Fork 0
mirror of https://github.com/grocy/grocy.git synced 2026-04-07 13:26:14 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
5cb08db737
grocy/migrations/0111.sql
fipwmaqzufheoxq92ebc bb3315de53 Remove MASTER_DATA_READ
2020-08-28 15:43:54 +02:00

101 lines
3.9 KiB
SQL
Raw Blame History

CREATE TABLE user_permissions
(
id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT UNIQUE,
permission_id INTEGER NOT NULL,
user_id INTEGER NOT NULL,
UNIQUE (user_id, permission_id)
);
CREATE TABLE permission_hierarchy
(
id INTEGER NOT NULL PRIMARY KEY AUTOINCREMENT UNIQUE,
name TEXT NOT NULL UNIQUE,
/* if the user has the parent permission,
the user also has the child permission */
parent INTEGER NULL
);
INSERT INTO permission_hierarchy(name, parent)
VALUES ('ADMIN', NULL);
INSERT INTO user_permissions(permission_id, user_id)
VALUES (last_insert_rowid(), (SELECT MIN(id) FROM users)); -- The first user (normally "admin") starts as ADMIN
DROP VIEW IF EXISTS permission_tree;
CREATE VIEW permission_tree
AS
WITH RECURSIVE perm AS (SELECT id AS root, id AS child, name, parent
FROM permission_hierarchy
UNION
SELECT perm.root, ph.id, ph.name, ph.id
FROM permission_hierarchy ph,
perm
WHERE ph.parent = perm.child
)
SELECT root AS id, name AS name
FROM perm;
DROP VIEW IF EXISTS permission_check;
CREATE VIEW permission_check
AS
SELECT u.id AS id, -- dummy for LessQL
u.id AS user_id,
pt.name AS permission_name
FROM permission_tree pt,
users u
WHERE pt.id IN (SELECT permission_id FROM user_permissions sub_up WHERE sub_up.user_id = u.id);
DROP VIEW IF EXISTS uihelper_permission;
CREATE VIEW uihelper_permission
AS
SELECT ph.id AS id,
u.id AS user_id,
ph.name AS permission_name,
ph.id AS permission_id,
(ph.name IN
(SELECT pc.permission_name FROM permission_check pc WHERE pc.user_id = u.id)
) AS has_permission,
ph.parent AS parent
FROM users u,
permission_hierarchy ph;
INSERT INTO permission_hierarchy(name, parent)
VALUES ('CREATE_USER', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN'));
INSERT INTO permission_hierarchy(name, parent)
VALUES ('EDIT_USER', last_insert_rowid());
INSERT INTO permission_hierarchy(name, parent)
VALUES ('READ_USER', last_insert_rowid()),
('EDIT_SELF', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN'));
INSERT INTO permission_hierarchy(name, parent)
VALUES
-- Batteries
('BATTERY_UNDO_TRACK_CHARGE_CYCLE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('BATTERY_TRACK_CHARGE_CYCLE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-- Chores
('CHORE_TRACK', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('CHORE_TRACK_OTHERS', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('CHORE_EDIT', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('CHORE_UNDO', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-- Files
('UPLOAD_FILE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('DELETE_FILE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-- master data
('MASTER_DATA_EDIT', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-- Tasks
('TASKS_UNDO', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('TASKS_MARK_COMPLETED', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-- Stock / Products
('STOCK_EDIT', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('STOCK_TRANSFER', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('STOCK_CORRECTION', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('PRODUCT_PURCHASE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('PRODUCT_CONSUME', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('PRODUCT_OPEN', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
-- shopping list
('SHOPPINGLIST_ITEMS_ADD', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN')),
('SHOPPINGLIST_ITEMS_DELETE', (SELECT id FROM permission_hierarchy WHERE name = 'ADMIN'));
Reference in New Issue View Git Blame Copy Permalink