salix/db/changes/231601/00-useSpecificsAcls.sql

INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
    VALUES
        ('Ticket', 'editDiscount', 'WRITE', 'ALLOW', 'ROLE', 'claimManager'),
        ('Ticket', 'editDiscount', 'WRITE', 'ALLOW', 'ROLE', 'salesPerson'),
        ('State', 'editableStates', 'READ', 'ALLOW', 'ROLE', 'employee'),
        ('State', 'seeEditableStates', 'READ', 'ALLOW', 'ROLE', 'administrative'),
        ('State', 'seeEditableStates', 'READ', 'ALLOW', 'ROLE', 'production'),
        ('State', 'seeFilteredEditableStates', 'READ', 'ALLOW', 'ROLE', 'salesPerson'),
        ('Agency', 'seeExpired', 'READ', 'ALLOW', 'ROLE', 'administrative'),
        ('Agency', 'seeExpired', 'READ', 'ALLOW', 'ROLE', 'productionBoss'),
        ('Claim', 'createAfterDeadline', 'WRITE', 'ALLOW', 'ROLE', 'claimManager'),
        ('Client', 'editAddressLogifloraAllowed', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),
        ('Client', 'editFiscalDataWithoutTaxDataCheck', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),
        ('Client', 'editVerifiedDataWithoutTaxDataCheck', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),
        ('Client', 'editCredit', 'WRITE', 'ALLOW', 'ROLE', 'financialBoss'),
        ('Client', 'isNotEditableCredit', 'WRITE', 'ALLOW', 'ROLE', 'financialBoss'),
        ('InvoiceOut', 'canCreatePdf', 'WRITE', 'ALLOW', 'ROLE', 'invoicing'),
        ('Supplier', 'editPayMethodCheck', 'WRITE', 'ALLOW', 'ROLE', 'financial'),
        ('Claim', 'editState', 'WRITE', 'ALLOW', 'ROLE', 'claimManager');

DELETE FROM `salix`.`ACL`
    WHERE
        model = 'Claim'
        AND property = '*'
        AND accessType = '*';

DELETE FROM `salix`.`ACL`
    WHERE
        model = 'State'
        AND property = '*'
        AND accessType = 'READ';
refs #5488 removes 'role ==' 2023-04-18 13:03:23 +00:00			INSERT INTO `salix`.`ACL` (`model`, `property`, `accessType`, `permission`, `principalType`, `principalId`)
			`VALUES`
			`('Ticket', 'editDiscount', 'WRITE', 'ALLOW', 'ROLE', 'claimManager'),`
refs #5488 replace hasWriteRole, hasReadRole 2023-04-19 11:59:26 +00:00			`('Ticket', 'editDiscount', 'WRITE', 'ALLOW', 'ROLE', 'salesPerson'),`
feat(State/Supplier): replace hasRole to acls 2023-04-25 07:15:05 +00:00			`('State', 'editableStates', 'READ', 'ALLOW', 'ROLE', 'employee'),`
			`('State', 'seeEditableStates', 'READ', 'ALLOW', 'ROLE', 'administrative'),`
			`('State', 'seeEditableStates', 'READ', 'ALLOW', 'ROLE', 'production'),`
			`('State', 'seeFilteredEditableStates', 'READ', 'ALLOW', 'ROLE', 'salesPerson'),`
refs #5488 replace hasWriteRole, hasReadRole 2023-04-19 11:59:26 +00:00			`('Agency', 'seeExpired', 'READ', 'ALLOW', 'ROLE', 'administrative'),`
			`('Agency', 'seeExpired', 'READ', 'ALLOW', 'ROLE', 'productionBoss'),`
			`('Claim', 'createAfterDeadline', 'WRITE', 'ALLOW', 'ROLE', 'claimManager'),`
refs #5488 replace hasRole for checkAccessAcl 2023-04-19 13:23:32 +00:00			`('Client', 'editAddressLogifloraAllowed', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),`
feat(): replace hasRole to checkAccessAcl 2023-04-24 09:07:04 +00:00			`('Client', 'editFiscalDataWithoutTaxDataCheck', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),`
			`('Client', 'editVerifiedDataWithoutTaxDataCheck', 'WRITE', 'ALLOW', 'ROLE', 'salesAssistant'),`
			`('Client', 'editCredit', 'WRITE', 'ALLOW', 'ROLE', 'financialBoss'),`
			`('Client', 'isNotEditableCredit', 'WRITE', 'ALLOW', 'ROLE', 'financialBoss'),`
			`('InvoiceOut', 'canCreatePdf', 'WRITE', 'ALLOW', 'ROLE', 'invoicing'),`
feat(State/Supplier): replace hasRole to acls 2023-04-25 07:15:05 +00:00			`('Supplier', 'editPayMethodCheck', 'WRITE', 'ALLOW', 'ROLE', 'financial'),`
refs #5488 replace hasWriteRole, hasReadRole 2023-04-19 11:59:26 +00:00			`('Claim', 'editState', 'WRITE', 'ALLOW', 'ROLE', 'claimManager');`
feat(): replace hasRole to checkAccessAcl 2023-04-24 09:07:04 +00:00
			DELETE FROM `salix`.`ACL`
			`WHERE`
			`model = 'Claim'`
			`AND property = '*'`
			`AND accessType = '*';`
feat(State/Supplier): replace hasRole to acls 2023-04-25 07:15:05 +00:00
			DELETE FROM `salix`.`ACL`
			`WHERE`
			`model = 'State'`
			`AND property = '*'`
			`AND accessType = 'READ';`