Menu
▾
▴
[Hyperic-hq-discuss] hq r14297 - trunk/installer/data
|
From: <dcr...@hy...> - 2010-02-16 21:49:14
|
Author: dcrutchf Date: 2010-02-16 13:49:06 -0800 (Tue, 16 Feb 2010) New Revision: 14297 URL: http://svn.hyperic.org/?view=rev&root=Hyperic+HQ&revision=14297 Modified: trunk/installer/data/db-upgrade.xml Log: Updated upgrade script to bring all operation assignments up to date, so that it all works with the new permission changes. For example, if you have create but delete permissions, it'll update the db so you have both. If you have modify but not read permission, it'll correct that so you have both, etc. Modified: trunk/installer/data/db-upgrade.xml =================================================================== --- trunk/installer/data/db-upgrade.xml 2010-02-16 18:25:31 UTC (rev 14296) +++ trunk/installer/data/db-upgrade.xml 2010-02-16 21:49:06 UTC (rev 14297) @@ -10882,23 +10882,273 @@ <!-- Increase autoinventoryidentifier to limit of 500 (per name in EAM_RESOURCE) --> <schemaSpec version="3.194"> <schema-alterColumn table="EAM_SERVICE" column="autoinventoryidentifier" - precision="500" columnType="VARCHAR2" /> + precision="500" columnType="VARCHAR2" /> </schemaSpec> <schemaSpec version="3.195"> <schema-directSQL> <statement desc="Adding create group permission..."> - INSERT INTO EAM_OPERATION(ID,VERSION_COL,NAME,RESOURCE_TYPE_ID) VALUES (29,0,'createResourceGroup',3); + INSERT INTO EAM_OPERATION(ID,VERSION_COL,NAME,RESOURCE_TYPE_ID) VALUES (29,0,'createResourceGroup',3); </statement> <statement desc="Adding view escalation permission..."> - INSERT INTO EAM_OPERATION(ID,VERSION_COL,NAME,RESOURCE_TYPE_ID) VALUES (415,0,'viewEscalation',0); + INSERT INTO EAM_OPERATION(ID,VERSION_COL,NAME,RESOURCE_TYPE_ID) VALUES (415,0,'viewEscalation',0); </statement> - <statement desc="Adding create group permission to all existing roles (for backwards-compatibility)..."> - INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) SELECT ID,29 FROM EAM_ROLE; + <statement desc="Adding create group permission to any role that has delete group permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 29 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 31 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 29) = 0; </statement> - <statement desc="Adding view escalation permission to all existing roles (for backwards-compatibility)..."> - INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) SELECT ID,415 FROM EAM_ROLE; + <statement desc="Adding delete group permission to any role that has create group permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 31 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 29 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 31) = 0; </statement> + <statement desc="Adding update group permission to any role that has create or delete group permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 24 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 29 or m.operation_id = 31) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 24) = 0; + </statement> + <statement desc="Adding read group permission to any role that has create, update or delete group permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 28 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 29 or m.operation_id = 31 or m.operation_id = 24) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 28) = 0; + </statement> + <statement desc="Adding create platform permission to any role that has delete platform permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 320 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 302 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 320) = 0; + </statement> + <statement desc="Adding delete platform permission to any role that has create platform permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 302 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 320 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 302) = 0; + </statement> + <statement desc="Adding update platform permission to any role that has create or delete platform permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 301 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 320 or m.operation_id = 302) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 301) = 0; + </statement> + <statement desc="Adding read platform permission to any role that has create, update or delete platform permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 305 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 320 or m.operation_id = 302 or m.operation_id = 301) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 305) = 0; + </statement> + <statement desc="Adding create server permission to any role that has delete server permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 306 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 304 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 306) = 0; + </statement> + <statement desc="Adding delete server permission to any role that has create server permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 304 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 306 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 304) = 0; + </statement> + <statement desc="Adding update server permission to any role that has create or delete server permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 307 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 304 or m.operation_id = 306) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 307) = 0; + </statement> + <statement desc="Adding read server permission to any role that has create, update or delete server permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 311 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 304 or m.operation_id = 306 or m.operation_id = 307) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 311) = 0; + </statement> + <statement desc="Adding create service permission to any role that has delete service permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 312 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 314 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 312) = 0; + </statement> + <statement desc="Adding delete service permission to any role that has create service permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 314 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 312 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 314) = 0; + </statement> + <statement desc="Adding update service permission to any role that has create or delete service permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 313 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 312 or m.operation_id = 314) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 313) = 0; + </statement> + <statement desc="Adding read service permission to any role that has create, update or delete service permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 315 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 312 or m.operation_id = 314 or m.operation_id = 313) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 315) = 0; + </statement> + <statement desc="Adding create application permission to any role that has delete application permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 316 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 318 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 316) = 0; + </statement> + <statement desc="Adding delete application permission to any role that has create application permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 318 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 316 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 318) = 0; + </statement> + <statement desc="Adding update application permission to any role that has create or delete application permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 317 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 316 or m.operation_id = 318) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 317) = 0; + </statement> + <statement desc="Adding read application permission to any role that has create, update or delete application permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 319 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 316 or m.operation_id = 318 or m.operation_id = 317) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 319) = 0; + </statement> + <statement desc="Adding create user permission to any role that has delete user permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 10 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 7 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 10) = 0; + </statement> + <statement desc="Adding delete user permission to any role that has create user permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 7 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 10 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 7) = 0; + </statement> + <statement desc="Adding update user permission to any role that has create or delete user permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 6 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 7 or m.operation_id = 10) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 6) = 0; + </statement> + <statement desc="Adding read user permission to any role that has create, update or delete user permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 8 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 7 or m.operation_id = 10 or m.operation_id = 6) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 8) = 0; + </statement> + <statement desc="Adding create role permission to any role that has delete role permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 12 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 30 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 12) = 0; + </statement> + <statement desc="Adding delete role permission to any role that has create role permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 30 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 12 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 30) = 0; + </statement> + <statement desc="Adding update role permission to any role that has create or delete role permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 11 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 12 or m.operation_id = 30) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 11) = 0; + </statement> + <statement desc="Adding read role permission to any role that has create, update or delete role permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 16 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 12 or m.operation_id = 30 or m.operation_id = 11) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 16) = 0; + </statement> + <statement desc="Adding create escalation permission to any role that has delete escalation permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 412 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 414 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 412) = 0; + </statement> + <statement desc="Adding delete escalation permission to any role that has create escalation permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT m.role_id, 414 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE m.operation_id = 412 + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 414) = 0; + </statement> + <statement desc="Adding update escalation permission to any role that has create or delete escalation permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 413 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 412 or m.operation_id = 414) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 413) = 0; + </statement> + <statement desc="Adding read escalation permission to any role that has create, update or delete escalation permission..."> + INSERT INTO EAM_ROLE_OPERATION_MAP(ROLE_ID, OPERATION_ID) + SELECT distinct m.role_id, 415 FROM EAM_ROLE r + INNER JOIN EAM_ROLE_OPERATION_MAP m on r.id = m.role_id + WHERE (m.operation_id = 412 or m.operation_id = 414 or m.operation_id = 413) + AND (SELECT count(*) FROM EAM_ROLE_OPERATION_MAP rm + WHERE rm.role_id = r.id AND rm.operation_id = 415) = 0; + </statement> </schema-directSQL> </schemaSpec> </dbupgrade> |
