removed unncessary schema declared on column and fixed issue where value needed was...
[migration-tools.git] / sql / new_permission_groups.sql
1 --
2 -- Run this script immediately after a normal installation
3 -- (assuming LP bug 782268 is rejected) in order to implement
4 -- the new permission groups.
5 --
6
7 -- Alter the permission hierarchy
8
9 UPDATE permission.grp_tree SET description = oils_i18n_gettext(10, 'Can do anything at the Branch level', 'pgt', 'description') WHERE id = 10;
10
11 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
12         (100, oils_i18n_gettext(100, 'Cataloging Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.cat_admin');
13 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
14         (101, oils_i18n_gettext(101, 'Circulation Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.circ_admin');
15 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
16         (102, oils_i18n_gettext(102, 'Serials', 'pgt', 'name'), 3, 
17         oils_i18n_gettext(102, 'Serials (includes admin features)', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.serials');
18 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
19         (103, oils_i18n_gettext(103, 'System Administrator', 'pgt', 'name'), 3, 
20         oils_i18n_gettext(103, 'Can do anything at the System level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.system_admin');
21 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
22         (104, oils_i18n_gettext(104, 'Global Administrator', 'pgt', 'name'), 3, 
23         oils_i18n_gettext(104, 'Can do anything at the Consortium level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.global_admin');
24 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
25         (105, oils_i18n_gettext(105, 'Data Review', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.data_review');
26 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
27         (106, oils_i18n_gettext(106, 'Volunteers', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.volunteers');
28
29 SELECT SETVAL('permission.grp_tree_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_tree));
30
31
32 -- Wipe out existing permissions
33
34 DELETE FROM permission.usr_grp_map WHERE usr <> 1;
35
36 -- Add basic user permissions to the Users group
37
38 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
39         SELECT
40                 pgt.id, perm.id, aout.depth, FALSE
41         FROM
42                 permission.grp_tree pgt,
43                 permission.perm_list perm,
44                 actor.org_unit_type aout
45         WHERE
46                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
47                 pgt.name = 'Users' AND
48                 aout.name = 'Consortium' AND
49                 perm.code IN (
50                         'COPY_CHECKIN',
51                         'CREATE_MY_CONTAINER',
52                         'MR_HOLDS',
53                         'OPAC_LOGIN',
54                         'RENEW_CIRC',
55                         'TITLE_HOLDS',
56                         'user_request.create');
57
58
59 -- Add basic user permissions to the Data Review group
60
61 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
62         SELECT
63                 pgt.id, perm.id, aout.depth, FALSE
64         FROM
65                 permission.grp_tree pgt,
66                 permission.perm_list perm,
67                 actor.org_unit_type aout
68         WHERE
69                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
70                 pgt.name = 'Data Review' AND
71                 aout.name = 'Consortium' AND
72                 perm.code IN (
73                         'CREATE_COPY_TRANSIT',
74                         'VIEW_BILLING_TYPE',
75                         'VIEW_CIRCULATIONS',
76                         'VIEW_COPY_NOTES',
77                         'VIEW_HOLD',
78                         'VIEW_ORG_SETTINGS',
79                         'VIEW_TITLE_NOTES',
80                         'VIEW_TRANSACTION',
81                         'VIEW_USER',
82                         'VIEW_USER_FINES_SUMMARY',
83                         'VIEW_USER_TRANSACTIONS',
84                         'VIEW_VOLUME_NOTES',
85                         'VIEW_ZIP_DATA');
86
87 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
88         SELECT
89                 pgt.id, perm.id, aout.depth, FALSE
90         FROM
91                 permission.grp_tree pgt,
92                 permission.perm_list perm,
93                 actor.org_unit_type aout
94         WHERE
95                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
96                 pgt.name = 'Data Review' AND
97                 aout.name = 'System' AND
98                 perm.code IN (
99                         'COPY_CHECKOUT',
100                         'COPY_HOLDS',
101                         'CREATE_IN_HOUSE_USE',
102                         'CREATE_TRANSACTION',
103                         'OFFLINE_EXECUTE',
104                         'OFFLINE_VIEW',
105                         'STAFF_LOGIN',
106                         'VOLUME_HOLDS');
107
108
109 -- Add basic staff permissions to the Staff group
110
111 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
112         SELECT
113                 pgt.id, perm.id, aout.depth, FALSE
114         FROM
115                 permission.grp_tree pgt,
116                 permission.perm_list perm,
117                 actor.org_unit_type aout
118         WHERE
119                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
120                 pgt.name = 'Staff' AND
121                 aout.name = 'Consortium' AND
122                 perm.code IN (
123                         'CREATE_CONTAINER',
124                         'CREATE_CONTAINER_ITEM',
125                         'CREATE_COPY_TRANSIT',
126                         'CREATE_HOLD_NOTIFICATION',
127                         'CREATE_TRANSACTION',
128                         'CREATE_TRANSIT',
129                         'DELETE_CONTAINER',
130                         'DELETE_CONTAINER_ITEM',
131                         'group_application.user',
132                         'group_application.user.patron',
133                         'REGISTER_WORKSTATION',
134                         'REMOTE_Z3950_QUERY',
135                         'REQUEST_HOLDS',
136                         'STAFF_LOGIN',
137                         'TRANSIT_COPY',
138                         'UPDATE_CONTAINER',
139                         'VIEW_CONTAINER',
140                         'VIEW_COPY_CHECKOUT_HISTORY',
141                         'VIEW_COPY_NOTES',
142                         'VIEW_HOLD',
143                         'VIEW_HOLD_NOTIFICATION',
144                         'VIEW_HOLD_PERMIT',
145                         'VIEW_PERM_GROUPS',
146                         'VIEW_PERMISSION',
147                         'VIEW_TITLE_NOTES',
148                         'VIEW_TRANSACTION',
149                         'VIEW_VOLUME_NOTES');
150
151 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
152         SELECT
153                 pgt.id, perm.id, aout.depth, FALSE
154         FROM
155                 permission.grp_tree pgt,
156                 permission.perm_list perm,
157                 actor.org_unit_type aout
158         WHERE
159                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
160                 pgt.name = 'Staff' AND
161                 aout.name = 'System' AND
162                 perm.code IN (
163                         'CREATE_USER',
164                         'UPDATE_USER',
165                         'VIEW_BILLING_TYPE',
166                         'VIEW_CIRCULATIONS',
167                         'VIEW_ORG_SETTINGS',
168                         'VIEW_PERMIT_CHECKOUT',
169                         'VIEW_USER',
170                         'VIEW_USER_FINES_SUMMARY',
171                         'VIEW_USER_TRANSACTIONS');
172
173 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
174         SELECT
175                 pgt.id, perm.id, aout.depth, FALSE
176         FROM
177                 permission.grp_tree pgt,
178                 permission.perm_list perm,
179                 actor.org_unit_type aout
180         WHERE
181                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
182                 pgt.name = 'Staff' AND
183                 aout.name = 'Branch' AND
184                 perm.code IN (
185                         'CANCEL_HOLDS',
186                         'COPY_CHECKOUT',
187                         'COPY_HOLDS',
188                         'COPY_TRANSIT_RECEIVE',
189                         'CREATE_BILL',
190                         'CREATE_IN_HOUSE_USE',
191                         'CREATE_PAYMENT',
192                         'RENEW_HOLD_OVERRIDE',
193                         'UPDATE_COPY',
194                         'UPDATE_VOLUME',
195                         'VOLUME_HOLDS');
196
197
198 -- Add basic cataloguing permissions to the Catalogers group
199
200 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
201         SELECT
202                 pgt.id, perm.id, aout.depth, FALSE
203         FROM
204                 permission.grp_tree pgt,
205                 permission.perm_list perm,
206                 actor.org_unit_type aout
207         WHERE
208                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
209                 pgt.name = 'Catalogers' AND
210                 aout.name = 'Consortium' AND
211                 perm.code IN (
212                         'ALLOW_ALT_TCN',
213                         'CREATE_BIB_IMPORT_QUEUE',
214                         'CREATE_IMPORT_ITEM',
215                         'CREATE_MARC',
216                         'CREATE_TITLE_NOTE',
217                         'DELETE_BIB_IMPORT_QUEUE',
218                         'DELETE_IMPORT_ITEM',
219                         'DELETE_RECORD',
220                         'DELETE_TITLE_NOTE',
221                         'IMPORT_ACQ_LINEITEM_BIB_RECORD',
222                         'IMPORT_MARC',
223                         'MERGE_AUTH_RECORDS',
224                         'MERGE_BIB_RECORDS',
225                         'UPDATE_AUTHORITY_IMPORT_QUEUE',
226                         'UPDATE_AUTHORITY_RECORD_NOTE',
227                         'UPDATE_BIB_IMPORT_QUEUE',
228                         'UPDATE_MARC',
229                         'UPDATE_RECORD',
230                         'user_request.view',
231                         'VIEW_AUTHORITY_RECORD_NOTES');
232
233 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
234         SELECT
235                 pgt.id, perm.id, aout.depth, FALSE
236         FROM
237                 permission.grp_tree pgt,
238                 permission.perm_list perm,
239                 actor.org_unit_type aout
240         WHERE
241                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
242                 pgt.name = 'Catalogers' AND
243                 aout.name = 'System' AND
244                 perm.code IN (
245                         'CREATE_COPY',
246                         'CREATE_COPY_NOTE',
247                         'CREATE_MFHD_RECORD',
248                         'CREATE_VOLUME',
249                         'CREATE_VOLUME_NOTE',
250                         'DELETE_COPY',
251                         'DELETE_COPY_NOTE',
252                         'DELETE_MFHD_RECORD',
253                         'DELETE_VOLUME',
254                         'DELETE_VOLUME_NOTE',
255                         'MARK_ITEM_AVAILABLE',
256                         'MARK_ITEM_BINDERY',
257                         'MARK_ITEM_CHECKED_OUT',
258                         'MARK_ITEM_ILL',
259                         'MARK_ITEM_IN_PROCESS',
260                         'MARK_ITEM_IN_TRANSIT',
261                         'MARK_ITEM_LOST',
262                         'MARK_ITEM_MISSING',
263                         'MARK_ITEM_ON_HOLDS_SHELF',
264                         'MARK_ITEM_ON_ORDER',
265                         'MARK_ITEM_RESHELVING',
266                         'UPDATE_COPY',
267                         'UPDATE_COPY_NOTE',
268                         'UPDATE_IMPORT_ITEM',
269                         'UPDATE_MFHD_RECORD',
270                         'UPDATE_VOLUME',
271                         'UPDATE_VOLUME_NOTE',
272                         'VIEW_SERIAL_SUBSCRIPTION');
273
274
275 -- Add advanced cataloguing permissions to the Cataloging Admin group
276
277 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
278         SELECT
279                 pgt.id, perm.id, aout.depth, TRUE
280         FROM
281                 permission.grp_tree pgt,
282                 permission.perm_list perm,
283                 actor.org_unit_type aout
284         WHERE
285                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
286                 pgt.name = 'Cataloging Admin' AND
287                 aout.name = 'Consortium' AND
288                 perm.code IN (
289                         'ADMIN_IMPORT_ITEM_ATTR_DEF',
290                         'ADMIN_MERGE_PROFILE',
291                         'CREATE_AUTHORITY_IMPORT_IMPORT_DEF',
292                         'CREATE_BIB_IMPORT_FIELD_DEF',
293                         'CREATE_BIB_SOURCE',
294                         'CREATE_IMPORT_ITEM_ATTR_DEF',
295                         'CREATE_IMPORT_TRASH_FIELD',
296                         'CREATE_MERGE_PROFILE',
297                         'DELETE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
298                         'DELETE_BIB_SOURCE',
299                         'DELETE_IMPORT_ITEM_ATTR_DEF',
300                         'DELETE_IMPORT_TRASH_FIELD',
301                         'DELETE_MERGE_PROFILE',
302                         'UPDATE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
303                         'UPDATE_BIB_IMPORT_IMPORT_FIELD_DEF',
304                         'UPDATE_IMPORT_ITEM_ATTR_DEF',
305                         'UPDATE_IMPORT_TRASH_FIELD',
306                         'UPDATE_MERGE_PROFILE');
307
308 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
309         SELECT
310                 pgt.id, perm.id, aout.depth, TRUE
311         FROM
312                 permission.grp_tree pgt,
313                 permission.perm_list perm,
314                 actor.org_unit_type aout
315         WHERE
316                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
317                 pgt.name = 'Cataloging Admin' AND
318                 aout.name = 'System' AND
319                 perm.code IN (
320                         'CREATE_COPY_STAT_CAT',
321                         'CREATE_COPY_STAT_CAT_ENTRY',
322                         'CREATE_COPY_STAT_CAT_ENTRY_MAP',
323                         'RUN_REPORTS',
324                         'SHARE_REPORT_FOLDER',
325                         'UPDATE_COPY_LOCATION',
326                         'UPDATE_COPY_STAT_CAT',
327                         'UPDATE_COPY_STAT_CAT_ENTRY',
328                         'VIEW_REPORT_OUTPUT');
329
330
331 -- Add basic circulation permissions to the Circulators group
332
333 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
334         SELECT
335                 pgt.id, perm.id, aout.depth, FALSE
336         FROM
337                 permission.grp_tree pgt,
338                 permission.perm_list perm,
339                 actor.org_unit_type aout
340         WHERE
341                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
342                 pgt.name = 'Circulators' AND
343                 aout.name = 'Branch' AND
344                 perm.code IN (
345                         'ADMIN_BOOKING_RESERVATION',
346                         'ADMIN_BOOKING_RESOURCE',
347                         'ADMIN_BOOKING_RESOURCE_ATTR',
348                         'ADMIN_BOOKING_RESOURCE_ATTR_MAP',
349                         'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
350                         'ADMIN_BOOKING_RESOURCE_TYPE',
351                         'ASSIGN_GROUP_PERM',
352                         'MARK_ITEM_AVAILABLE',
353                         'MARK_ITEM_BINDERY',
354                         'MARK_ITEM_CHECKED_OUT',
355                         'MARK_ITEM_ILL',
356                         'MARK_ITEM_IN_PROCESS',
357                         'MARK_ITEM_IN_TRANSIT',
358                         'MARK_ITEM_LOST',
359                         'MARK_ITEM_MISSING',
360                         'MARK_ITEM_ON_HOLDS_SHELF',
361                         'MARK_ITEM_ON_ORDER',
362                         'MARK_ITEM_RESHELVING',
363                         'OFFLINE_UPLOAD',
364                         'OFFLINE_VIEW',
365                         'REMOVE_USER_GROUP_LINK',
366                         'SET_CIRC_CLAIMS_RETURNED',
367                         'SET_CIRC_CLAIMS_RETURNED.override',
368                         'SET_CIRC_LOST',
369                         'SET_CIRC_MISSING',
370                         'UPDATE_BILL_NOTE',
371                         'UPDATE_PATRON_CLAIM_NEVER_CHECKED_OUT_COUNT',
372                         'UPDATE_PATRON_CLAIM_RETURN_COUNT',
373                         'UPDATE_PAYMENT_NOTE',
374                         'UPDATE_PICKUP_LIB FROM_TRANSIT',
375                         'UPDATE_PICKUP_LIB_FROM_HOLDS_SHELF',
376                         'VIEW_GROUP_PENALTY_THRESHOLD',
377                         'VIEW_STANDING_PENALTY',
378                         'VOID_BILLING',
379                         'VOLUME_HOLDS');
380
381 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
382         SELECT
383                 pgt.id, perm.id, aout.depth, FALSE
384         FROM
385                 permission.grp_tree pgt,
386                 permission.perm_list perm,
387                 actor.org_unit_type aout
388         WHERE
389                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
390                 pgt.name = 'Circulators' AND
391                 aout.name = 'System' AND
392                 perm.code IN (
393                         'ABORT_REMOTE_TRANSIT',
394                         'ABORT_TRANSIT',
395                         'CAPTURE_RESERVATION',
396                         'CIRC_CLAIMS_RETURNED.override',
397                         'CIRC_EXCEEDS_COPY_RANGE.override',
398                         'CIRC_OVERRIDE_DUE_DATE',
399                         'CIRC_PERMIT_OVERRIDE',
400                         'COPY_ALERT_MESSAGE.override',
401                         'COPY_BAD_STATUS.override',
402                         'COPY_CIRC_NOT_ALLOWED.override',
403                         'COPY_IS_REFERENCE.override',
404                         'COPY_NEEDED_FOR_HOLD.override',
405                         'COPY_NOT_AVAILABLE.override',
406                         'COPY_STATUS_LOST.override',
407                         'COPY_STATUS_MISSING.override',
408                         'CREATE_DUPLICATE_HOLDS',
409                         'CREATE_USER_GROUP_LINK',
410                         'DELETE_TRANSIT',
411                         'HOLD_EXISTS.override',
412                         'HOLD_ITEM_CHECKED_OUT.override',
413                         'ISSUANCE_HOLDS',
414                         'ITEM_AGE_PROTECTED.override',
415                         'ITEM_ON_HOLDS_SHELF.override',
416                         'MAX_RENEWALS_REACHED.override',
417                         'OVERRIDE_HOLD_HAS_LOCAL_COPY',
418                         'PATRON_EXCEEDS_CHECKOUT_COUNT.override',
419                         'PATRON_EXCEEDS_FINES.override',
420                         'PATRON_EXCEEDS_OVERDUE_COUNT.override',
421                         'RETRIEVE_RESERVATION_PULL_LIST',
422                         'UPDATE_HOLD');
423
424
425 -- Add advanced circulation permissions to the Circulation Admin group
426
427 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
428         SELECT
429                 pgt.id, perm.id, aout.depth, TRUE
430         FROM
431                 permission.grp_tree pgt,
432                 permission.perm_list perm,
433                 actor.org_unit_type aout
434         WHERE
435                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
436                 pgt.name = 'Circulation Admin' AND
437                 aout.name = 'Branch' AND
438                 perm.code IN (
439                         'DELETE_USER');
440
441 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
442         SELECT
443                 pgt.id, perm.id, aout.depth, TRUE
444         FROM
445                 permission.grp_tree pgt,
446                 permission.perm_list perm,
447                 actor.org_unit_type aout
448         WHERE
449                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
450                 pgt.name = 'Circulation Admin' AND
451                 aout.name = 'Consortium' AND
452                 perm.code IN (
453                         'ADMIN_MAX_FINE_RULE',
454                         'CREATE_CIRC_DURATION',
455                         'DELETE_CIRC_DURATION',
456                         'UPDATE_CIRC_DURATION',
457                         'UPDATE_NET_ACCESS_LEVEL',
458                         'VIEW_CIRC_MATRIX_MATCHPOINT',
459                         'VIEW_HOLD_MATRIX_MATCHPOINT');
460
461 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
462         SELECT
463                 pgt.id, perm.id, aout.depth, TRUE
464         FROM
465                 permission.grp_tree pgt,
466                 permission.perm_list perm,
467                 actor.org_unit_type aout
468         WHERE
469                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
470                 pgt.name = 'Circulation Admin' AND
471                 aout.name = 'System' AND
472                 perm.code IN (
473                         'ADMIN_BOOKING_RESERVATION',
474                         'ADMIN_BOOKING_RESERVATION_ATTR_MAP',
475                         'ADMIN_BOOKING_RESERVATION_ATTR_VALUE_MAP',
476                         'ADMIN_BOOKING_RESOURCE',
477                         'ADMIN_BOOKING_RESOURCE_ATTR',
478                         'ADMIN_BOOKING_RESOURCE_ATTR_MAP',
479                         'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
480                         'ADMIN_BOOKING_RESOURCE_TYPE',
481                         'ADMIN_COPY_LOCATION_ORDER',
482                         'ADMIN_HOLD_CANCEL_CAUSE',
483                         'ASSIGN_GROUP_PERM',
484                         'BAR_PATRON',
485                         'COPY_HOLDS',
486                         'COPY_TRANSIT_RECEIVE',
487                         'CREATE_BILL',
488                         'CREATE_BILLING_TYPE',
489                         'CREATE_NON_CAT_TYPE',
490                         'CREATE_PATRON_STAT_CAT',
491                         'CREATE_PATRON_STAT_CAT_ENTRY',
492                         'CREATE_PATRON_STAT_CAT_ENTRY_MAP',
493                         'CREATE_USER_GROUP_LINK',
494                         'DELETE_BILLING_TYPE',
495                         'DELETE_NON_CAT_TYPE',
496                         'DELETE_PATRON_STAT_CAT',
497                         'DELETE_PATRON_STAT_CAT_ENTRY',
498                         'DELETE_PATRON_STAT_CAT_ENTRY_MAP',
499                         'DELETE_TRANSIT',
500                         'group_application.user.staff',
501                         'MANAGE_BAD_DEBT',
502                         'MARK_ITEM_AVAILABLE',
503                         'MARK_ITEM_BINDERY',
504                         'MARK_ITEM_CHECKED_OUT',
505                         'MARK_ITEM_ILL',
506                         'MARK_ITEM_IN_PROCESS',
507                         'MARK_ITEM_IN_TRANSIT',
508                         'MARK_ITEM_LOST',
509                         'MARK_ITEM_MISSING',
510                         'MARK_ITEM_ON_HOLDS_SHELF',
511                         'MARK_ITEM_ON_ORDER',
512                         'MARK_ITEM_RESHELVING',
513                         'MERGE_USERS',
514                         'money.collections_tracker.create',
515                         'money.collections_tracker.delete',
516                         'OFFLINE_EXECUTE',
517                         'OFFLINE_UPLOAD',
518                         'OFFLINE_VIEW',
519                         'REMOVE_USER_GROUP_LINK',
520                         'SET_CIRC_CLAIMS_RETURNED',
521                         'SET_CIRC_CLAIMS_RETURNED.override',
522                         'SET_CIRC_LOST',
523                         'SET_CIRC_MISSING',
524                         'UNBAR_PATRON',
525                         'UPDATE_BILL_NOTE',
526                         'UPDATE_NON_CAT_TYPE',
527                         'UPDATE_PATRON_CLAIM_NEVER_CHECKED_OUT_COUNT',
528                         'UPDATE_PATRON_CLAIM_RETURN_COUNT',
529                         'UPDATE_PICKUP_LIB_FROM_HOLDS_SHELF',
530                         'UPDATE_PICKUP_LIB_FROM_TRANSIT',
531                         'UPDATE_USER',
532                         'VIEW_REPORT_OUTPUT',
533                         'VIEW_STANDING_PENALTY',
534                         'VOID_BILLING',
535                         'VOLUME_HOLDS');
536
537
538 -- Add basic sys admin permissions to the Local Administrator group
539
540 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
541         SELECT
542                 pgt.id, perm.id, aout.depth, TRUE
543         FROM
544                 permission.grp_tree pgt,
545                 permission.perm_list perm,
546                 actor.org_unit_type aout
547         WHERE
548                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
549                 pgt.name = 'Local Administrator' AND
550                 aout.name = 'Branch' AND
551                 perm.code IN (
552                         'EVERYTHING');
553
554
555 -- Add administration permissions to the System Administrator group
556
557 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
558         SELECT
559                 pgt.id, perm.id, aout.depth, TRUE
560         FROM
561                 permission.grp_tree pgt,
562                 permission.perm_list perm,
563                 actor.org_unit_type aout
564         WHERE
565                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
566                 pgt.name = 'System Administrator' AND
567                 aout.name = 'System' AND
568                 perm.code IN (
569                         'EVERYTHING');
570
571 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
572         SELECT
573                 pgt.id, perm.id, aout.depth, FALSE
574         FROM
575                 permission.grp_tree pgt,
576                 permission.perm_list perm,
577                 actor.org_unit_type aout
578         WHERE
579                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
580                 pgt.name = 'System Administrator' AND
581                 aout.name = 'Consortium' AND
582                 perm.code ~ '^VIEW_TRIGGER';
583
584
585 -- Add administration permissions to the Global Administrator group
586
587 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
588         SELECT
589                 pgt.id, perm.id, aout.depth, TRUE
590         FROM
591                 permission.grp_tree pgt,
592                 permission.perm_list perm,
593                 actor.org_unit_type aout
594         WHERE
595                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
596                 pgt.name = 'Global Administrator' AND
597                 aout.name = 'Consortium' AND
598                 perm.code IN (
599                         'EVERYTHING');
600
601
602 -- Add basic acquisitions permissions to the Acquisitions group
603
604 SELECT SETVAL('permission.grp_perm_map_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_perm_map));
605
606 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
607         SELECT
608                 pgt.id, perm.id, aout.depth, FALSE
609         FROM
610                 permission.grp_tree pgt,
611                 permission.perm_list perm,
612                 actor.org_unit_type aout
613         WHERE
614                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
615                 pgt.name = 'Acquisitions' AND
616                 aout.name = 'Consortium' AND
617                 perm.code IN (
618                         'ALLOW_ALT_TCN',
619                         'CREATE_BIB_IMPORT_QUEUE',
620                         'CREATE_IMPORT_ITEM',
621                         'CREATE_INVOICE',
622                         'CREATE_MARC',
623                         'CREATE_PICKLIST',
624                         'CREATE_PURCHASE_ORDER',
625                         'DELETE_BIB_IMPORT_QUEUE',
626                         'DELETE_IMPORT_ITEM',
627                         'DELETE_RECORD',
628                         'DELETE_VOLUME',
629                         'DELETE_VOLUME_NOTE',
630                         'GENERAL_ACQ',
631                         'IMPORT_ACQ_LINEITEM_BIB_RECORD',
632                         'IMPORT_MARC',
633                         'MANAGE_CLAIM',
634                         'MANAGE_FUND',
635                         'MANAGE_FUNDING_SOURCE',
636                         'MANAGE_PROVIDER',
637                         'MARK_ITEM_AVAILABLE',
638                         'MARK_ITEM_BINDERY',
639                         'MARK_ITEM_CHECKED_OUT',
640                         'MARK_ITEM_ILL',
641                         'MARK_ITEM_IN_PROCESS',
642                         'MARK_ITEM_IN_TRANSIT',
643                         'MARK_ITEM_LOST',
644                         'MARK_ITEM_MISSING',
645                         'MARK_ITEM_ON_HOLDS_SHELF',
646                         'MARK_ITEM_ON_ORDER',
647                         'MARK_ITEM_RESHELVING',
648                         'RECEIVE_PURCHASE_ORDER',
649                         'UPDATE_BATCH_COPY',
650                         'UPDATE_BIB_IMPORT_QUEUE',
651                         'UPDATE_COPY',
652                         'UPDATE_FUND',
653                         'UPDATE_FUND_ALLOCATION',
654                         'UPDATE_FUNDING_SOURCE',
655                         'UPDATE_IMPORT_ITEM',
656                         'UPDATE_MARC',
657                         'UPDATE_RECORD',
658                         'UPDATE_VOLUME',
659                         'user_request.delete',
660                         'user_request.update',
661                         'user_request.view',
662                         'VIEW_ACQ_FUND_ALLOCATION_PERCENT',
663                         'VIEW_ACQ_FUNDING_SOURCE',
664                         'VIEW_FUND',
665                         'VIEW_FUND_ALLOCATION',
666                         'VIEW_FUNDING_SOURCE',
667                         'VIEW_HOLDS',
668                         'VIEW_INVOICE',
669                         'VIEW_ORG_SETTINGS',
670                         'VIEW_PICKLIST',
671                         'VIEW_PROVIDER',
672                         'VIEW_PURCHASE_ORDER',
673                         'VIEW_REPORT_OUTPUT');
674
675
676 -- Add acquisitions administration permissions to the Acquisitions Admin group
677
678 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
679         SELECT
680                 pgt.id, perm.id, aout.depth, TRUE
681         FROM
682                 permission.grp_tree pgt,
683                 permission.perm_list perm,
684                 actor.org_unit_type aout
685         WHERE
686                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
687                 pgt.name = 'Acquisitions Administrator' AND
688                 aout.name = 'Consortium' AND
689                 perm.code IN (
690                         'ACQ_XFER_MANUAL_DFUND_AMOUNT',
691                         'ADMIN_ACQ_CANCEL_CAUSE',
692                         'ADMIN_ACQ_CLAIM',
693                         'ADMIN_ACQ_CLAIM_EVENT_TYPE',
694                         'ADMIN_ACQ_CLAIM_TYPE',
695                         'ADMIN_ACQ_DISTRIB_FORMULA',
696                         'ADMIN_ACQ_FISCAL_YEAR',
697                         'ADMIN_ACQ_FUND',
698                         'ADMIN_ACQ_FUND_ALLOCATION_PERCENT',
699                         'ADMIN_ACQ_FUND_TAG',
700                         'ADMIN_ACQ_LINE_ITEM_ALERT_TEXT',
701                         'ADMIN_CLAIM_POLICY',
702                         'ADMIN_CURRENCY_TYPE',
703                         'ADMIN_FUND',
704                         'ADMIN_FUNDING_SOURCE',
705                         'ADMIN_INVOICE',
706                         'ADMIN_INVOICE_METHOD',
707                         'ADMIN_INVOICE_PAYMENT_METHOD',
708                         'ADMIN_LINEITEM_MARC_ATTR_DEF',
709                         'ADMIN_PROVIDER',
710                         'ADMIN_USER_REQUEST_TYPE',
711                         'CREATE_ACQ_FUNDING_SOURCE',
712                         'CREATE_FUND',
713                         'CREATE_FUND_ALLOCATION',
714                         'CREATE_FUNDING_SOURCE',
715                         'CREATE_INVOICE_ITEM_TYPE',
716                         'CREATE_INVOICE_METHOD',
717                         'CREATE_PROVIDER',
718                         'DELETE_ACQ_FUNDING_SOURCE',
719                         'DELETE_FUND',
720                         'DELETE_FUND_ALLOCATION',
721                         'DELETE_FUNDING_SOURCE',
722                         'DELETE_INVOICE_ITEM_TYPE',
723                         'DELETE_INVOICE_METHOD',
724                         'DELETE_PROVIDER',
725                         'RUN_REPORTS',
726                         'SHARE_REPORT_FOLDER',
727                         'UPDATE_ACQ_FUNDING_SOURCE',
728                         'UPDATE_INVOICE_ITEM_TYPE',
729                         'UPDATE_INVOICE_METHOD');
730
731
732 -- Add serials permissions to the Serials group
733
734 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
735         SELECT
736                 pgt.id, perm.id, aout.depth, FALSE
737         FROM
738                 permission.grp_tree pgt,
739                 permission.perm_list perm,
740                 actor.org_unit_type aout
741         WHERE
742                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
743                 pgt.name = 'Serials' AND
744                 aout.name = 'System' AND
745                 perm.code IN (
746                         'ADMIN_ASSET_COPY_TEMPLATE',
747                         'ADMIN_SERIAL_CAPTION_PATTERN',
748                         'ADMIN_SERIAL_DISTRIBUTION',
749                         'ADMIN_SERIAL_STREAM',
750                         'ADMIN_SERIAL_SUBSCRIPTION',
751                         'ISSUANCE_HOLDS',
752                         'RECEIVE_SERIAL');
753
754
755 -- Add basic staff permissions to the Volunteers group
756
757 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
758         SELECT
759                 pgt.id, perm.id, aout.depth, FALSE
760         FROM
761                 permission.grp_tree pgt,
762                 permission.perm_list perm,
763                 actor.org_unit_type aout
764         WHERE
765                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
766                 pgt.name = 'Volunteers' AND
767                 aout.name = 'Branch' AND
768                 perm.code IN (
769                         'COPY_CHECKOUT',
770                         'CREATE_BILL',
771                         'CREATE_IN_HOUSE_USE',
772                         'CREATE_PAYMENT',
773                         'VIEW_BILLING_TYPE',
774                         'VIEW_CIRCS',
775                         'VIEW_COPY_CHECKOUT',
776                         'VIEW_HOLD',
777                         'VIEW_TITLE_HOLDS',
778                         'VIEW_TRANSACTION',
779                         'VIEW_USER',
780                         'VIEW_USER_FINES_SUMMARY',
781                         'VIEW_USER_TRANSACTIONS');
782
783 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
784         SELECT
785                 pgt.id, perm.id, aout.depth, FALSE
786         FROM
787                 permission.grp_tree pgt,
788                 permission.perm_list perm,
789                 actor.org_unit_type aout
790         WHERE
791                 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
792                 pgt.name = 'Volunteers' AND
793                 aout.name = 'Consortium' AND
794                 perm.code IN (
795                         'CREATE_COPY_TRANSIT',
796                         'CREATE_TRANSACTION',
797                         'CREATE_TRANSIT',
798                         'STAFF_LOGIN',
799                         'TRANSIT_COPY',
800                         'VIEW_ORG_SETTINGS');
801