From 2fe631f078bf2ca596e083ede0c015e3c1aec2d5 Mon Sep 17 00:00:00 2001
From: Javier Segarra <jsegarra@verdnatura.es>
Date: Tue, 5 Dec 2023 07:15:22 +0100
Subject: [PATCH] refs #5666 feat: change models permissions

---
 back/model-config.json                         | 12 ++++++------
 db/changes/235001/00-updateACL_Role_VnRole.sql | 14 +++++++++-----
 loopback/server/model-config.json              |  8 --------
 3 files changed, 15 insertions(+), 19 deletions(-)

diff --git a/back/model-config.json b/back/model-config.json
index 84dd9eebd..27a94498c 100644
--- a/back/model-config.json
+++ b/back/model-config.json
@@ -139,12 +139,6 @@
     "Warehouse": {
         "dataSource": "vn"
     },
-    "VnUser": {
-        "dataSource": "vn"
-    },
-    "VnRole": {
-        "dataSource": "vn"
-    },
     "OsTicket": {
         "dataSource": "osticket"
     },
@@ -159,6 +153,12 @@
     },
     "ViaexpressConfig": {
         "dataSource": "vn"
+    },
+    "VnUser": {
+        "dataSource": "vn"
+    },
+    "VnRole": {
+        "dataSource": "vn"
     }
 }
 
diff --git a/db/changes/235001/00-updateACL_Role_VnRole.sql b/db/changes/235001/00-updateACL_Role_VnRole.sql
index 0b1083991..6fbec02a6 100644
--- a/db/changes/235001/00-updateACL_Role_VnRole.sql
+++ b/db/changes/235001/00-updateACL_Role_VnRole.sql
@@ -1,8 +1,12 @@
 --  Auto-generated SQL script #202311301038
-INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
-	VALUES ('VnRole','*','*','ALLOW','ROLE','$everyone');
-INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
-	VALUES ('VnRole','*','*','ALLOW','ROLE','employee');
+-- INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+-- 	VALUES ('VnRole','*','*','ALLOW','ROLE','$everyone');
+-- INSERT INTO `salix`.`ACL` (model,property,accessType,permission,principalType,principalId)
+-- 	VALUES ('VnRole','*','*','ALLOW','ROLE','employee');
+INSERT INTO salix.ACL (model,property,accessType,permission,principalType,principalId) VALUES
+	 ('VnRole','*','READ','ALLOW','ROLE','employee'),
+	 ('VnRole','*','WRITE','ALLOW','ROLE','it');
 
 --  Auto-generated SQL script #202311301203
-UPDATE `salix`.`ACL` SET permission='DENY' WHERE model='Role';
+DELETE FROM`salix`.`ACL`  WHERE model='Role';
+
diff --git a/loopback/server/model-config.json b/loopback/server/model-config.json
index 33ef3797d..51874988d 100644
--- a/loopback/server/model-config.json
+++ b/loopback/server/model-config.json
@@ -25,14 +25,6 @@
     "FieldAcl": {
         "dataSource": "vn"
     },
-    "Role": {
-        "dataSource": "vn",
-        "options": {
-            "mysql": {
-                "table": "salix.Role"
-            }
-        }
-    },
     "RoleMapping": {
         "dataSource": "vn",
         "options": {