[Hyperic-hq-discuss] hq r4987 - in trunk: installer/data sql

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Author: clee
Date: 2007-06-27 17:08:41 -0700 (Wed, 27 Jun 2007)
New Revision: 4987
URL: http://svn.hyperic.org/?view=rev&root=Hyperic+HQ&revision=4987

Modified:
   trunk/installer/data/db-upgrade.xml
   trunk/sql/authz-data.xml
Log:
[HHQ-950]
Because the alert subsystem now uses it's own resource_id to do the permission checking,
the bug was exposing the fact that we have a special super user role that does not have
all of the proper groups and operations in the database.  So the fix is to add the root
group to the super user role, as well as give that role all of the operations.


Modified: trunk/installer/data/db-upgrade.xml
===================================================================

--- trunk/installer/data/db-upgrade.xml	2007-06-28 00:07:31 UTC (rev 4986)
+++ trunk/installer/data/db-upgrade.xml	2007-06-28 00:08:41 UTC (rev 4987)
@@ -5797,6 +5797,12 @@
       </schema-directSQL>
     </schemaSpec>
 
+    <schemaSpec version="3.30">
+      <schema-directSQL>
+        <statement>insert into eam_role_resource_group_map (role_id, resource_group_id) values (1, 1)</statement>
+        <statement>insert into eam_role_operation_map (role_id, operation_id) select 1, id from eam_operation where not id = 0</statement>
+      </schema-directSQL>
+    </schemaSpec>
 </dbupgrade>
 
 </target>

Modified: trunk/sql/authz-data.xml
===================================================================
--- trunk/sql/authz-data.xml	2007-06-28 00:07:31 UTC (rev 4986)
+++ trunk/sql/authz-data.xml	2007-06-28 00:08:41 UTC (rev 4987)
@@ -470,7 +470,8 @@
 
     <!-- add the authz resource group to the role -->
     <table name="EAM_ROLE_RESOURCE_GROUP_MAP">
-        <data CID="2" ROLE_ID="%EAM_ROLE.ID:1" RESOURCE_GROUP_ID="%EAM_RESOURCE_GROUP.ID:0"/>
+        <data CID="2" ROLE_ID="%EAM_ROLE.ID:0" RESOURCE_GROUP_ID="%EAM_RESOURCE_GROUP.ID:1"/>
+        <data CID="3" ROLE_ID="%EAM_ROLE.ID:1" RESOURCE_GROUP_ID="%EAM_RESOURCE_GROUP.ID:0"/>
     </table>
 
     <!-- add the root user to the creator role -->
@@ -481,6 +482,57 @@
      <!-- add the permissions to the creator role -->
     <table name="EAM_ROLE_OPERATION_MAP">
         <data CID="51" OPERATION_ID="%EAM_OPERATION.ID:0" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="52" OPERATION_ID="%EAM_OPERATION.ID:1" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="53" OPERATION_ID="%EAM_OPERATION.ID:2" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="54" OPERATION_ID="%EAM_OPERATION.ID:3" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="55" OPERATION_ID="%EAM_OPERATION.ID:6" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="56" OPERATION_ID="%EAM_OPERATION.ID:7" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="57" OPERATION_ID="%EAM_OPERATION.ID:8" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="58" OPERATION_ID="%EAM_OPERATION.ID:10" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="59" OPERATION_ID="%EAM_OPERATION.ID:11" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="60" OPERATION_ID="%EAM_OPERATION.ID:12" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="61" OPERATION_ID="%EAM_OPERATION.ID:13" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="62" OPERATION_ID="%EAM_OPERATION.ID:16" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="63" OPERATION_ID="%EAM_OPERATION.ID:24" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="64" OPERATION_ID="%EAM_OPERATION.ID:25" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="65" OPERATION_ID="%EAM_OPERATION.ID:28" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="66" OPERATION_ID="%EAM_OPERATION.ID:301" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="67" OPERATION_ID="%EAM_OPERATION.ID:302" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="68" OPERATION_ID="%EAM_OPERATION.ID:303" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="69" OPERATION_ID="%EAM_OPERATION.ID:305" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="70" OPERATION_ID="%EAM_OPERATION.ID:306" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="71" OPERATION_ID="%EAM_OPERATION.ID:307" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="72" OPERATION_ID="%EAM_OPERATION.ID:308" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="73" OPERATION_ID="%EAM_OPERATION.ID:309" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="74" OPERATION_ID="%EAM_OPERATION.ID:311" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="75" OPERATION_ID="%EAM_OPERATION.ID:312" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="76" OPERATION_ID="%EAM_OPERATION.ID:313" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="77" OPERATION_ID="%EAM_OPERATION.ID:314" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="78" OPERATION_ID="%EAM_OPERATION.ID:315" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="79" OPERATION_ID="%EAM_OPERATION.ID:316" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="80" OPERATION_ID="%EAM_OPERATION.ID:317" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="81" OPERATION_ID="%EAM_OPERATION.ID:318" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="82" OPERATION_ID="%EAM_OPERATION.ID:319" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="83" OPERATION_ID="%EAM_OPERATION.ID:320" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="84" OPERATION_ID="%EAM_OPERATION.ID:30" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="85" OPERATION_ID="%EAM_OPERATION.ID:31" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="86" OPERATION_ID="%EAM_OPERATION.ID:321" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="87" OPERATION_ID="%EAM_OPERATION.ID:322" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="88" OPERATION_ID="%EAM_OPERATION.ID:323" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="89" OPERATION_ID="%EAM_OPERATION.ID:324" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="90" OPERATION_ID="%EAM_OPERATION.ID:325" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="91" OPERATION_ID="%EAM_OPERATION.ID:326" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="92" OPERATION_ID="%EAM_OPERATION.ID:327" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="93" OPERATION_ID="%EAM_OPERATION.ID:328" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="94" OPERATION_ID="%EAM_OPERATION.ID:32" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="95" OPERATION_ID="%EAM_OPERATION.ID:400" ROLE_ID="%EAM_ROLE.ID:1"/>
+    	  <data CID="96" OPERATION_ID="%EAM_OPERATION.ID:401" ROLE_ID="%EAM_ROLE.ID:1"/>
+    	  <data CID="97" OPERATION_ID="%EAM_OPERATION.ID:402" ROLE_ID="%EAM_ROLE.ID:1"/>
+    	  <data CID="98" OPERATION_ID="%EAM_OPERATION.ID:403" ROLE_ID="%EAM_ROLE.ID:1"/>
+    	  <data CID="99" OPERATION_ID="%EAM_OPERATION.ID:404" ROLE_ID="%EAM_ROLE.ID:1"/>
+        <data CID="100" OPERATION_ID="%EAM_OPERATION.ID:412" ROLE_ID="%EAM_ROLE.ID:1"/>
+    	  <data CID="101" OPERATION_ID="%EAM_OPERATION.ID:413" ROLE_ID="%EAM_ROLE.ID:1"/>
+    	  <data CID="102" OPERATION_ID="%EAM_OPERATION.ID:414" ROLE_ID="%EAM_ROLE.ID:1"/>
     </table>
 
 </Covalent.DBSetup>



