INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
(7, oils_i18n_gettext(7, 'Acquisitions Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.acq_admin');
INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
- (10, oils_i18n_gettext(10, 'Local System Administrator', 'pgt', 'name'), 3,
- oils_i18n_gettext(10, 'System maintenance, configuration, etc.', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.local_admin');
+ (8, oils_i18n_gettext(8, 'Cataloging Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.cat_admin');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (9, oils_i18n_gettext(9, 'Circulation Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.circ_admin');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (10, oils_i18n_gettext(10, 'Local Administrator', 'pgt', 'name'), 3,
+ oils_i18n_gettext(10, 'Can do anything at the Branch level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.local_admin');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (11, oils_i18n_gettext(11, 'Serials', 'pgt', 'name'), 3,
+ oils_i18n_gettext(11, 'Serials (includes admin features)', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.serials');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (12, oils_i18n_gettext(12, 'System Administrator', 'pgt', 'name'), 3,
+ oils_i18n_gettext(12, 'Can do anything at the System level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.system_admin');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (13, oils_i18n_gettext(13, 'Global Administrator', 'pgt', 'name'), 3,
+ oils_i18n_gettext(13, 'Can do anything at the Consortium level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.global_admin');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (14, oils_i18n_gettext(14, 'Data Review', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.data_review');
+INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
+ (15, oils_i18n_gettext(15, 'Volunteers', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.volunteers');
SELECT SETVAL('permission.grp_tree_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_tree));
SELECT SETVAL('permission.grp_penalty_threshold_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_penalty_threshold));
--- XXX Incomplete base permission setup. A patch would be appreciated.
+
-- Add basic user permissions to the Users group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SELECT id FROM permission.perm_list WHERE code = 'OPAC_LOGIN'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SELECT id FROM permission.perm_list WHERE code = 'MR_HOLDS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SELECT id FROM permission.perm_list WHERE code = 'TITLE_HOLDS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SELECT id FROM permission.perm_list WHERE code = 'COPY_CHECKIN'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_MY_CONTAINER'), 0, false);
--- Add basic patron permissions to the Patrons group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (2, (SELECT id FROM permission.perm_list WHERE code = 'RENEW_CIRC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (2, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_MY_CONTAINER'), 0, false);
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Users' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'COPY_CHECKIN',
+ 'CREATE_MY_CONTAINER',
+ 'MR_HOLDS',
+ 'OPAC_LOGIN',
+ 'RENEW_CIRC',
+ 'TITLE_HOLDS',
+ 'user_request.create');
+
+
+-- Add basic user permissions to the Data Review group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Data Review' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'CREATE_COPY_TRANSIT',
+ 'VIEW_BILLING_TYPE',
+ 'VIEW_CIRCULATIONS',
+ 'VIEW_COPY_NOTES',
+ 'VIEW_HOLD',
+ 'VIEW_ORG_SETTINGS',
+ 'VIEW_TITLE_NOTES',
+ 'VIEW_TRANSACTION',
+ 'VIEW_USER',
+ 'VIEW_USER_FINES_SUMMARY',
+ 'VIEW_USER_TRANSACTIONS',
+ 'VIEW_VOLUME_NOTES',
+ 'VIEW_ZIP_DATA');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Data Review' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'COPY_CHECKOUT',
+ 'COPY_HOLDS',
+ 'CREATE_IN_HOUSE_USE',
+ 'CREATE_TRANSACTION',
+ 'OFFLINE_EXECUTE',
+ 'OFFLINE_VIEW',
+ 'STAFF_LOGIN',
+ 'VOLUME_HOLDS');
+
-- Add basic staff permissions to the Staff group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'STAFF_LOGIN'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VOLUME_HOLDS'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'COPY_HOLDS'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'REQUEST_HOLDS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_HOLD'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'RENEW_CIRC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_USER_FINES_SUMMARY'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_USER_TRANSACTIONS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_MARC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_MARC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'IMPORT_MARC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_VOLUME'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_VOLUME'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_VOLUME'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'RENEW_HOLD_OVERRIDE'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_USER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_USER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_USER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_USER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_TRANSIT'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PERMISSION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CHECKIN_BYPASS_HOLD_FULFILL'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_PAYMENT'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'SET_CIRC_LOST'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'SET_CIRC_MISSING'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'SET_CIRC_CLAIMS_RETURNED'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_TRANSACTION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_TRANSACTION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_BILL'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_CONTAINER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_CONTAINER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_ORG_UNIT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_CIRCULATIONS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_CONTAINER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_CONTAINER_ITEM'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PERM_GROUPS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PERMIT_CHECKOUT'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_BATCH_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_PATRON_STAT_CAT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY_STAT_CAT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_PATRON_STAT_CAT_ENTRY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY_STAT_CAT_ENTRY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_PATRON_STAT_CAT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_COPY_STAT_CAT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_PATRON_STAT_CAT_ENTRY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_COPY_STAT_CAT_ENTRY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_NON_CAT_TYPE'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_NON_CAT_TYPE'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_IN_HOUSE_USE'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'COPY_CHECKOUT'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY_LOCATION'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_COPY_LOCATION'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY_TRANSIT'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'COPY_TRANSIT_RECEIVE'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_HOLD_PERMIT'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_COPY_CHECKOUT_HISTORY'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'REMOTE_Z3950_QUERY'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'REGISTER_WORKSTATION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_COPY_NOTES'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_VOLUME_NOTES'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_TITLE_NOTES'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY_NOTE'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_VOLUME_NOTE'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_CONTAINER'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_HOLD_NOTIFICATION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_HOLD_NOTIFICATION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'OFFLINE_UPLOAD'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'OFFLINE_VIEW'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_BILLING_TYPE'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (3, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_ORG_SETTINGS'), 1, false);
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Staff' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'CREATE_CONTAINER',
+ 'CREATE_CONTAINER_ITEM',
+ 'CREATE_COPY_TRANSIT',
+ 'CREATE_HOLD_NOTIFICATION',
+ 'CREATE_TRANSACTION',
+ 'CREATE_TRANSIT',
+ 'DELETE_CONTAINER',
+ 'DELETE_CONTAINER_ITEM',
+ 'group_application.user',
+ 'group_application.user.patron',
+ 'REGISTER_WORKSTATION',
+ 'REMOTE_Z3950_QUERY',
+ 'REQUEST_HOLDS',
+ 'STAFF_LOGIN',
+ 'TRANSIT_COPY',
+ 'UPDATE_CONTAINER',
+ 'VIEW_CONTAINER',
+ 'VIEW_COPY_CHECKOUT_HISTORY',
+ 'VIEW_COPY_NOTES',
+ 'VIEW_HOLD',
+ 'VIEW_HOLD_NOTIFICATION',
+ 'VIEW_HOLD_PERMIT',
+ 'VIEW_PERM_GROUPS',
+ 'VIEW_PERMISSION',
+ 'VIEW_TITLE_NOTES',
+ 'VIEW_TRANSACTION',
+ 'VIEW_VOLUME_NOTES');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Staff' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'CREATE_USER',
+ 'UPDATE_USER',
+ 'VIEW_BILLING_TYPE',
+ 'VIEW_CIRCULATIONS',
+ 'VIEW_ORG_SETTINGS',
+ 'VIEW_PERMIT_CHECKOUT',
+ 'VIEW_USER',
+ 'VIEW_USER_FINES_SUMMARY',
+ 'VIEW_USER_TRANSACTIONS');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Staff' AND
+ aout.name = 'Branch' AND
+ perm.code IN (
+ 'CANCEL_HOLDS',
+ 'COPY_CHECKOUT',
+ 'COPY_HOLDS',
+ 'COPY_TRANSIT_RECEIVE',
+ 'CREATE_BILL',
+ 'CREATE_IN_HOUSE_USE',
+ 'CREATE_PAYMENT',
+ 'RENEW_HOLD_OVERRIDE',
+ 'UPDATE_COPY',
+ 'UPDATE_VOLUME',
+ 'VOLUME_HOLDS');
+
-- Add basic cataloguing permissions to the Catalogers group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'COPY_HOLDS'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_MARC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_MARC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'IMPORT_MARC'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_VOLUME'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_VOLUME'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_VOLUME'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_BATCH_COPY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_MFHD_RECORD'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_MFHD_RECORD'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_MFHD_RECORD'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_RECORD'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (4, (SELECT id FROM permission.perm_list WHERE code = 'MERGE_AUTH_RECORDS'), 1, false);
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Catalogers' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'ALLOW_ALT_TCN',
+ 'CREATE_BIB_IMPORT_QUEUE',
+ 'CREATE_IMPORT_ITEM',
+ 'CREATE_MARC',
+ 'CREATE_TITLE_NOTE',
+ 'DELETE_BIB_IMPORT_QUEUE',
+ 'DELETE_IMPORT_ITEM',
+ 'DELETE_RECORD',
+ 'DELETE_TITLE_NOTE',
+ 'IMPORT_ACQ_LINEITEM_BIB_RECORD',
+ 'IMPORT_MARC',
+ 'MERGE_AUTH_RECORDS',
+ 'MERGE_BIB_RECORDS',
+ 'UPDATE_AUTHORITY_IMPORT_QUEUE',
+ 'UPDATE_AUTHORITY_RECORD_NOTE',
+ 'UPDATE_BIB_IMPORT_QUEUE',
+ 'UPDATE_MARC',
+ 'UPDATE_RECORD',
+ 'user_request.view',
+ 'VIEW_AUTHORITY_RECORD_NOTES');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Catalogers' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'CREATE_COPY',
+ 'CREATE_COPY_NOTE',
+ 'CREATE_MFHD_RECORD',
+ 'CREATE_VOLUME',
+ 'CREATE_VOLUME_NOTE',
+ 'DELETE_COPY',
+ 'DELETE_COPY_NOTE',
+ 'DELETE_MFHD_RECORD',
+ 'DELETE_VOLUME',
+ 'DELETE_VOLUME_NOTE',
+ 'MARK_ITEM_AVAILABLE',
+ 'MARK_ITEM_BINDERY',
+ 'MARK_ITEM_CHECKED_OUT',
+ 'MARK_ITEM_ILL',
+ 'MARK_ITEM_IN_PROCESS',
+ 'MARK_ITEM_IN_TRANSIT',
+ 'MARK_ITEM_LOST',
+ 'MARK_ITEM_MISSING',
+ 'MARK_ITEM_ON_HOLDS_SHELF',
+ 'MARK_ITEM_ON_ORDER',
+ 'MARK_ITEM_RESHELVING',
+ 'UPDATE_COPY',
+ 'UPDATE_COPY_NOTE',
+ 'UPDATE_IMPORT_ITEM',
+ 'UPDATE_MFHD_RECORD',
+ 'UPDATE_VOLUME',
+ 'UPDATE_VOLUME_NOTE',
+ 'VIEW_SERIAL_SUBSCRIPTION');
+
+
+-- Add advanced cataloguing permissions to the Cataloging Admin group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Cataloging Admin' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'ADMIN_IMPORT_ITEM_ATTR_DEF',
+ 'ADMIN_MERGE_PROFILE',
+ 'CREATE_AUTHORITY_IMPORT_IMPORT_DEF',
+ 'CREATE_BIB_IMPORT_FIELD_DEF',
+ 'CREATE_BIB_SOURCE',
+ 'CREATE_IMPORT_ITEM_ATTR_DEF',
+ 'CREATE_IMPORT_TRASH_FIELD',
+ 'CREATE_MERGE_PROFILE',
+ 'DELETE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
+ 'DELETE_BIB_SOURCE',
+ 'DELETE_IMPORT_ITEM_ATTR_DEF',
+ 'DELETE_IMPORT_TRASH_FIELD',
+ 'DELETE_MERGE_PROFILE',
+ 'UPDATE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
+ 'UPDATE_BIB_IMPORT_IMPORT_FIELD_DEF',
+ 'UPDATE_IMPORT_ITEM_ATTR_DEF',
+ 'UPDATE_IMPORT_TRASH_FIELD',
+ 'UPDATE_MERGE_PROFILE');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Cataloging Admin' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'CREATE_COPY_STAT_CAT',
+ 'CREATE_COPY_STAT_CAT_ENTRY',
+ 'CREATE_COPY_STAT_CAT_ENTRY_MAP',
+ 'RUN_REPORTS',
+ 'SHARE_REPORT_FOLDER',
+ 'UPDATE_COPY_LOCATION',
+ 'UPDATE_COPY_STAT_CAT',
+ 'UPDATE_COPY_STAT_CAT_ENTRY',
+ 'VIEW_REPORT_OUTPUT');
+
-- Add basic circulation permissions to the Circulators group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (5, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_TRANSACTION'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (5, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_BILL'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (5, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_CIRCULATIONS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (5, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PERM_GROUPS'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (5, (SELECT id FROM permission.perm_list WHERE code = 'CIRC_OVERRIDE_DUE_DATE'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (5, (SELECT id FROM permission.perm_list WHERE code = 'COPY_IS_REFERENCE.override'), 1, false);
-
--- Add basic sys admin permissions to the Local System Administrator group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_USER_GROUP_LINK'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_PATRON_STAT_CAT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_COPY_STAT_CAT'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_PATRON_STAT_CAT_ENTRY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_COPY_STAT_CAT_ENTRY'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_PATRON_STAT_CAT_ENTRY_MAP'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_COPY_STAT_CAT_ENTRY_MAP'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_COPY_LOCATION'), 2, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_COPY_NOTE'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_VOLUME_NOTE'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'DELETE_TITLE_NOTE'), 0, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_ORG_SETTING'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'OFFLINE_EXECUTE'), 1, true);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'CIRC_OVERRIDE_DUE_DATE'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'CIRC_PERMIT_OVERRIDE'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'RUN_REPORTS'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'SHARE_REPORT_FOLDER'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (10, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_REPORT_OUTPUT'), 1, false);
-
--- Add trigger administration permissions to the Local System Administrator group
+
INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
- SELECT 10, id, 1, false FROM permission.perm_list
- WHERE code LIKE 'ADMIN_TRIGGER%'
- OR code LIKE 'CREATE_TRIGGER%'
- OR code LIKE 'DELETE_TRIGGER%'
- OR code LIKE 'UPDATE_TRIGGER%'
-;
--- View trigger permissions are required at a consortial level for initial setup
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Circulators' AND
+ aout.name = 'Branch' AND
+ perm.code IN (
+ 'ADMIN_BOOKING_RESERVATION',
+ 'ADMIN_BOOKING_RESOURCE',
+ 'ADMIN_BOOKING_RESOURCE_ATTR',
+ 'ADMIN_BOOKING_RESOURCE_ATTR_MAP',
+ 'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
+ 'ADMIN_BOOKING_RESOURCE_TYPE',
+ 'ASSIGN_GROUP_PERM',
+ 'MARK_ITEM_AVAILABLE',
+ 'MARK_ITEM_BINDERY',
+ 'MARK_ITEM_CHECKED_OUT',
+ 'MARK_ITEM_ILL',
+ 'MARK_ITEM_IN_PROCESS',
+ 'MARK_ITEM_IN_TRANSIT',
+ 'MARK_ITEM_LOST',
+ 'MARK_ITEM_MISSING',
+ 'MARK_ITEM_ON_HOLDS_SHELF',
+ 'MARK_ITEM_ON_ORDER',
+ 'MARK_ITEM_RESHELVING',
+ 'OFFLINE_UPLOAD',
+ 'OFFLINE_VIEW',
+ 'REMOVE_USER_GROUP_LINK',
+ 'SET_CIRC_CLAIMS_RETURNED',
+ 'SET_CIRC_CLAIMS_RETURNED.override',
+ 'SET_CIRC_LOST',
+ 'SET_CIRC_MISSING',
+ 'UPDATE_BILL_NOTE',
+ 'UPDATE_PATRON_CLAIM_NEVER_CHECKED_OUT_COUNT',
+ 'UPDATE_PATRON_CLAIM_RETURN_COUNT',
+ 'UPDATE_PAYMENT_NOTE',
+ 'UPDATE_PICKUP_LIB FROM_TRANSIT',
+ 'UPDATE_PICKUP_LIB_FROM_HOLDS_SHELF',
+ 'VIEW_GROUP_PENALTY_THRESHOLD',
+ 'VIEW_STANDING_PENALTY',
+ 'VOID_BILLING',
+ 'VOLUME_HOLDS');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Circulators' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'ABORT_REMOTE_TRANSIT',
+ 'ABORT_TRANSIT',
+ 'CAPTURE_RESERVATION',
+ 'CIRC_CLAIMS_RETURNED.override',
+ 'CIRC_EXCEEDS_COPY_RANGE.override',
+ 'CIRC_OVERRIDE_DUE_DATE',
+ 'CIRC_PERMIT_OVERRIDE',
+ 'COPY_ALERT_MESSAGE.override',
+ 'COPY_BAD_STATUS.override',
+ 'COPY_CIRC_NOT_ALLOWED.override',
+ 'COPY_IS_REFERENCE.override',
+ 'COPY_NEEDED_FOR_HOLD.override',
+ 'COPY_NOT_AVAILABLE.override',
+ 'COPY_STATUS_LOST.override',
+ 'COPY_STATUS_MISSING.override',
+ 'CREATE_DUPLICATE_HOLDS',
+ 'CREATE_USER_GROUP_LINK',
+ 'DELETE_TRANSIT',
+ 'HOLD_EXISTS.override',
+ 'HOLD_ITEM_CHECKED_OUT.override',
+ 'ISSUANCE_HOLDS',
+ 'ITEM_AGE_PROTECTED.override',
+ 'ITEM_ON_HOLDS_SHELF.override',
+ 'MAX_RENEWALS_REACHED.override',
+ 'OVERRIDE_HOLD_HAS_LOCAL_COPY',
+ 'PATRON_EXCEEDS_CHECKOUT_COUNT.override',
+ 'PATRON_EXCEEDS_FINES.override',
+ 'PATRON_EXCEEDS_OVERDUE_COUNT.override',
+ 'RETRIEVE_RESERVATION_PULL_LIST',
+ 'UPDATE_HOLD');
+
+
+-- Add advanced circulation permissions to the Circulation Admin group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Circulation Admin' AND
+ aout.name = 'Branch' AND
+ perm.code IN (
+ 'DELETE_USER');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Circulation Admin' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'ADMIN_MAX_FINE_RULE',
+ 'CREATE_CIRC_DURATION',
+ 'DELETE_CIRC_DURATION',
+ 'UPDATE_CIRC_DURATION',
+ 'UPDATE_NET_ACCESS_LEVEL',
+ 'VIEW_CIRC_MATRIX_MATCHPOINT',
+ 'VIEW_HOLD_MATRIX_MATCHPOINT');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Circulation Admin' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'ADMIN_BOOKING_RESERVATION',
+ 'ADMIN_BOOKING_RESERVATION_ATTR_MAP',
+ 'ADMIN_BOOKING_RESERVATION_ATTR_VALUE_MAP',
+ 'ADMIN_BOOKING_RESOURCE',
+ 'ADMIN_BOOKING_RESOURCE_ATTR',
+ 'ADMIN_BOOKING_RESOURCE_ATTR_MAP',
+ 'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
+ 'ADMIN_BOOKING_RESOURCE_TYPE',
+ 'ADMIN_COPY_LOCATION_ORDER',
+ 'ADMIN_HOLD_CANCEL_CAUSE',
+ 'ASSIGN_GROUP_PERM',
+ 'BAR_PATRON',
+ 'COPY_HOLDS',
+ 'COPY_TRANSIT_RECEIVE',
+ 'CREATE_BILL',
+ 'CREATE_BILLING_TYPE',
+ 'CREATE_NON_CAT_TYPE',
+ 'CREATE_PATRON_STAT_CAT',
+ 'CREATE_PATRON_STAT_CAT_ENTRY',
+ 'CREATE_PATRON_STAT_CAT_ENTRY_MAP',
+ 'CREATE_USER_GROUP_LINK',
+ 'DELETE_BILLING_TYPE',
+ 'DELETE_NON_CAT_TYPE',
+ 'DELETE_PATRON_STAT_CAT',
+ 'DELETE_PATRON_STAT_CAT_ENTRY',
+ 'DELETE_PATRON_STAT_CAT_ENTRY_MAP',
+ 'DELETE_TRANSIT',
+ 'group_application.user.staff',
+ 'MANAGE_BAD_DEBT',
+ 'MARK_ITEM_AVAILABLE',
+ 'MARK_ITEM_BINDERY',
+ 'MARK_ITEM_CHECKED_OUT',
+ 'MARK_ITEM_ILL',
+ 'MARK_ITEM_IN_PROCESS',
+ 'MARK_ITEM_IN_TRANSIT',
+ 'MARK_ITEM_LOST',
+ 'MARK_ITEM_MISSING',
+ 'MARK_ITEM_ON_HOLDS_SHELF',
+ 'MARK_ITEM_ON_ORDER',
+ 'MARK_ITEM_RESHELVING',
+ 'MERGE_USERS',
+ 'money.collections_tracker.create',
+ 'money.collections_tracker.delete',
+ 'OFFLINE_EXECUTE',
+ 'OFFLINE_UPLOAD',
+ 'OFFLINE_VIEW',
+ 'REMOVE_USER_GROUP_LINK',
+ 'SET_CIRC_CLAIMS_RETURNED',
+ 'SET_CIRC_CLAIMS_RETURNED.override',
+ 'SET_CIRC_LOST',
+ 'SET_CIRC_MISSING',
+ 'UNBAR_PATRON',
+ 'UPDATE_BILL_NOTE',
+ 'UPDATE_NON_CAT_TYPE',
+ 'UPDATE_PATRON_CLAIM_NEVER_CHECKED_OUT_COUNT',
+ 'UPDATE_PATRON_CLAIM_RETURN_COUNT',
+ 'UPDATE_PICKUP_LIB_FROM_HOLDS_SHELF',
+ 'UPDATE_PICKUP_LIB_FROM_TRANSIT',
+ 'UPDATE_USER',
+ 'VIEW_REPORT_OUTPUT',
+ 'VIEW_STANDING_PENALTY',
+ 'VOID_BILLING',
+ 'VOLUME_HOLDS');
+
+
+-- Add basic sys admin permissions to the Local Administrator group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Local Administrator' AND
+ aout.name = 'Branch' AND
+ perm.code IN (
+ 'EVERYTHING');
+
+
+-- Add administration permissions to the System Administrator group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'System Administrator' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'EVERYTHING');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'System Administrator' AND
+ aout.name = 'Consortium' AND
+ perm.code ~ '^VIEW_TRIGGER';
+
+
+-- Add administration permissions to the Global Administrator group
+
INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
- SELECT 10, id, 0, false FROM permission.perm_list WHERE code LIKE 'VIEW_TRIGGER%';
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Global Administrator' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'EVERYTHING');
+
-- Add basic acquisitions permissions to the Acquisitions group
+
SELECT SETVAL('permission.grp_perm_map_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_perm_map));
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'GENERAL_ACQ'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PICKLIST'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_PICKLIST'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'CREATE_PURCHASE_ORDER'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PURCHASE_ORDER'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'RECEIVE_PURCHASE_ORDER'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'VIEW_PROVIDER'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_COPY'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (6, (SELECT id FROM permission.perm_list WHERE code = 'UPDATE_VOLUME'), 1, false);
-
--- Add acquisitions administration permissions to the Acquisitions group
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (7, (SELECT id FROM permission.perm_list WHERE code = 'ADMIN_PROVIDER'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (7, (SELECT id FROM permission.perm_list WHERE code = 'ADMIN_FUNDING_SOURCE'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (7, (SELECT id FROM permission.perm_list WHERE code = 'ADMIN_ACQ_FUND'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (7, (SELECT id FROM permission.perm_list WHERE code = 'ADMIN_FUND'), 1, false);
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (7, (SELECT id FROM permission.perm_list WHERE code = 'ADMIN_CURRENCY_TYPE'), 1, false);
-
-INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable) VALUES (1, (SELECT id FROM permission.perm_list WHERE code = 'HOLD_ITEM_CHECKED_OUT.override'), 0, false);
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Acquisitions' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'ALLOW_ALT_TCN',
+ 'CREATE_BIB_IMPORT_QUEUE',
+ 'CREATE_IMPORT_ITEM',
+ 'CREATE_INVOICE',
+ 'CREATE_MARC',
+ 'CREATE_PICKLIST',
+ 'CREATE_PURCHASE_ORDER',
+ 'DELETE_BIB_IMPORT_QUEUE',
+ 'DELETE_IMPORT_ITEM',
+ 'DELETE_RECORD',
+ 'DELETE_VOLUME',
+ 'DELETE_VOLUME_NOTE',
+ 'GENERAL_ACQ',
+ 'IMPORT_ACQ_LINEITEM_BIB_RECORD',
+ 'IMPORT_MARC',
+ 'MANAGE_CLAIM',
+ 'MANAGE_FUND',
+ 'MANAGE_FUNDING_SOURCE',
+ 'MANAGE_PROVIDER',
+ 'MARK_ITEM_AVAILABLE',
+ 'MARK_ITEM_BINDERY',
+ 'MARK_ITEM_CHECKED_OUT',
+ 'MARK_ITEM_ILL',
+ 'MARK_ITEM_IN_PROCESS',
+ 'MARK_ITEM_IN_TRANSIT',
+ 'MARK_ITEM_LOST',
+ 'MARK_ITEM_MISSING',
+ 'MARK_ITEM_ON_HOLDS_SHELF',
+ 'MARK_ITEM_ON_ORDER',
+ 'MARK_ITEM_RESHELVING',
+ 'RECEIVE_PURCHASE_ORDER',
+ 'UPDATE_BATCH_COPY',
+ 'UPDATE_BIB_IMPORT_QUEUE',
+ 'UPDATE_COPY',
+ 'UPDATE_FUND',
+ 'UPDATE_FUND_ALLOCATION',
+ 'UPDATE_FUNDING_SOURCE',
+ 'UPDATE_IMPORT_ITEM',
+ 'UPDATE_MARC',
+ 'UPDATE_RECORD',
+ 'UPDATE_VOLUME',
+ 'user_request.delete',
+ 'user_request.update',
+ 'user_request.view',
+ 'VIEW_ACQ_FUND_ALLOCATION_PERCENT',
+ 'VIEW_ACQ_FUNDING_SOURCE',
+ 'VIEW_FUND',
+ 'VIEW_FUND_ALLOCATION',
+ 'VIEW_FUNDING_SOURCE',
+ 'VIEW_HOLDS',
+ 'VIEW_INVOICE',
+ 'VIEW_ORG_SETTINGS',
+ 'VIEW_PICKLIST',
+ 'VIEW_PROVIDER',
+ 'VIEW_PURCHASE_ORDER',
+ 'VIEW_REPORT_OUTPUT');
+
+
+-- Add acquisitions administration permissions to the Acquisitions Admin group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, TRUE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Acquisitions Administrator' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'ACQ_XFER_MANUAL_DFUND_AMOUNT',
+ 'ADMIN_ACQ_CANCEL_CAUSE',
+ 'ADMIN_ACQ_CLAIM',
+ 'ADMIN_ACQ_CLAIM_EVENT_TYPE',
+ 'ADMIN_ACQ_CLAIM_TYPE',
+ 'ADMIN_ACQ_DISTRIB_FORMULA',
+ 'ADMIN_ACQ_FISCAL_YEAR',
+ 'ADMIN_ACQ_FUND',
+ 'ADMIN_ACQ_FUND_ALLOCATION_PERCENT',
+ 'ADMIN_ACQ_FUND_TAG',
+ 'ADMIN_ACQ_LINE_ITEM_ALERT_TEXT',
+ 'ADMIN_CLAIM_POLICY',
+ 'ADMIN_CURRENCY_TYPE',
+ 'ADMIN_FUND',
+ 'ADMIN_FUNDING_SOURCE',
+ 'ADMIN_INVOICE',
+ 'ADMIN_INVOICE_METHOD',
+ 'ADMIN_INVOICE_PAYMENT_METHOD',
+ 'ADMIN_LINEITEM_MARC_ATTR_DEF',
+ 'ADMIN_PROVIDER',
+ 'ADMIN_USER_REQUEST_TYPE',
+ 'CREATE_ACQ_FUNDING_SOURCE',
+ 'CREATE_FUND',
+ 'CREATE_FUND_ALLOCATION',
+ 'CREATE_FUNDING_SOURCE',
+ 'CREATE_INVOICE_ITEM_TYPE',
+ 'CREATE_INVOICE_METHOD',
+ 'CREATE_PROVIDER',
+ 'DELETE_ACQ_FUNDING_SOURCE',
+ 'DELETE_FUND',
+ 'DELETE_FUND_ALLOCATION',
+ 'DELETE_FUNDING_SOURCE',
+ 'DELETE_INVOICE_ITEM_TYPE',
+ 'DELETE_INVOICE_METHOD',
+ 'DELETE_PROVIDER',
+ 'RUN_REPORTS',
+ 'SHARE_REPORT_FOLDER',
+ 'UPDATE_ACQ_FUNDING_SOURCE',
+ 'UPDATE_INVOICE_ITEM_TYPE',
+ 'UPDATE_INVOICE_METHOD');
+
+
+-- Add serials permissions to the Serials group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Serials' AND
+ aout.name = 'System' AND
+ perm.code IN (
+ 'ADMIN_ASSET_COPY_TEMPLATE',
+ 'ADMIN_SERIAL_CAPTION_PATTERN',
+ 'ADMIN_SERIAL_DISTRIBUTION',
+ 'ADMIN_SERIAL_STREAM',
+ 'ADMIN_SERIAL_SUBSCRIPTION',
+ 'ISSUANCE_HOLDS',
+ 'RECEIVE_SERIAL');
+
+
+-- Add basic staff permissions to the Volunteers group
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Volunteers' AND
+ aout.name = 'Branch' AND
+ perm.code IN (
+ 'COPY_CHECKOUT',
+ 'CREATE_BILL',
+ 'CREATE_IN_HOUSE_USE',
+ 'CREATE_PAYMENT',
+ 'VIEW_BILLING_TYPE',
+ 'VIEW_CIRCS',
+ 'VIEW_COPY_CHECKOUT',
+ 'VIEW_HOLD',
+ 'VIEW_TITLE_HOLDS',
+ 'VIEW_TRANSACTION',
+ 'VIEW_USER',
+ 'VIEW_USER_FINES_SUMMARY',
+ 'VIEW_USER_TRANSACTIONS');
+
+INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
+ SELECT
+ pgt.id, perm.id, aout.depth, FALSE
+ FROM
+ permission.grp_tree pgt,
+ permission.perm_list perm,
+ actor.org_unit_type aout
+ WHERE
+ pgt.name = 'Volunteers' AND
+ aout.name = 'Consortium' AND
+ perm.code IN (
+ 'CREATE_COPY_TRANSIT',
+ 'CREATE_TRANSACTION',
+ 'CREATE_TRANSIT',
+ 'STAFF_LOGIN',
+ 'TRANSIT_COPY',
+ 'VIEW_ORG_SETTINGS');
+
-- Admin user account
INSERT INTO actor.usr ( profile, card, usrname, passwd, first_given_name, family_name, dob, master_account, super_user, ident_type, ident_value, home_ou ) VALUES ( 1, 1, md5(random()::text), md5(random()::text), 'Administrator', 'System Account', '1979-01-22', TRUE, TRUE, 1, 'identification', 1 );
projects / evergreen-equinox.git / commitdiff