2 -- Run this script immediately after a normal installation
3 -- (assuming LP bug 782268 is rejected) in order to implement
4 -- the new permission groups.
7 -- Alter the permission hierarchy
9 UPDATE permission.grp_tree SET description = oils_i18n_gettext(10, 'Can do anything at the Branch level', 'pgt', 'description') WHERE id = 10;
11 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
12 (100, oils_i18n_gettext(100, 'Cataloging Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.cat_admin');
13 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
14 (101, oils_i18n_gettext(101, 'Circulation Administrator', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.circ_admin');
15 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
16 (102, oils_i18n_gettext(102, 'Serials', 'pgt', 'name'), 3,
17 oils_i18n_gettext(102, 'Serials (includes admin features)', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.serials');
18 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
19 (103, oils_i18n_gettext(103, 'System Administrator', 'pgt', 'name'), 3,
20 oils_i18n_gettext(103, 'Can do anything at the System level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.system_admin');
21 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
22 (104, oils_i18n_gettext(104, 'Global Administrator', 'pgt', 'name'), 3,
23 oils_i18n_gettext(104, 'Can do anything at the Consortium level', 'pgt', 'description'), '3 years', TRUE, 'group_application.user.staff.admin.global_admin');
24 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
25 (105, oils_i18n_gettext(105, 'Data Review', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.data_review');
26 INSERT INTO permission.grp_tree (id, name, parent, description, perm_interval, usergroup, application_perm) VALUES
27 (106, oils_i18n_gettext(106, 'Volunteers', 'pgt', 'name'), 3, NULL, '3 years', TRUE, 'group_application.user.staff.volunteers');
29 SELECT SETVAL('permission.grp_tree_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_tree));
32 -- Wipe out existing permissions
34 DELETE FROM permission.usr_grp_map WHERE usr <> 1;
36 -- Add basic user permissions to the Users group
38 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
40 pgt.id, perm.id, aout.depth, FALSE
42 permission.grp_tree pgt,
43 permission.perm_list perm,
44 actor.org_unit_type aout
46 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
47 pgt.name = 'Users' AND
48 aout.name = 'Consortium' AND
51 'CREATE_MY_CONTAINER',
56 'user_request.create');
59 -- Add basic user permissions to the Data Review group
61 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
63 pgt.id, perm.id, aout.depth, FALSE
65 permission.grp_tree pgt,
66 permission.perm_list perm,
67 actor.org_unit_type aout
69 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
70 pgt.name = 'Data Review' AND
71 aout.name = 'Consortium' AND
73 'CREATE_COPY_TRANSIT',
82 'VIEW_USER_FINES_SUMMARY',
83 'VIEW_USER_TRANSACTIONS',
87 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
89 pgt.id, perm.id, aout.depth, FALSE
91 permission.grp_tree pgt,
92 permission.perm_list perm,
93 actor.org_unit_type aout
95 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
96 pgt.name = 'Data Review' AND
97 aout.name = 'System' AND
101 'CREATE_IN_HOUSE_USE',
102 'CREATE_TRANSACTION',
109 -- Add basic staff permissions to the Staff group
111 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
113 pgt.id, perm.id, aout.depth, FALSE
115 permission.grp_tree pgt,
116 permission.perm_list perm,
117 actor.org_unit_type aout
119 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
120 pgt.name = 'Staff' AND
121 aout.name = 'Consortium' AND
124 'CREATE_CONTAINER_ITEM',
125 'CREATE_COPY_TRANSIT',
126 'CREATE_HOLD_NOTIFICATION',
127 'CREATE_TRANSACTION',
130 'DELETE_CONTAINER_ITEM',
131 'group_application.user',
132 'group_application.user.patron',
133 'REGISTER_WORKSTATION',
134 'REMOTE_Z3950_QUERY',
140 'VIEW_COPY_CHECKOUT_HISTORY',
143 'VIEW_HOLD_NOTIFICATION',
149 'VIEW_VOLUME_NOTES');
151 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
153 pgt.id, perm.id, aout.depth, FALSE
155 permission.grp_tree pgt,
156 permission.perm_list perm,
157 actor.org_unit_type aout
159 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
160 pgt.name = 'Staff' AND
161 aout.name = 'System' AND
168 'VIEW_PERMIT_CHECKOUT',
170 'VIEW_USER_FINES_SUMMARY',
171 'VIEW_USER_TRANSACTIONS');
173 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
175 pgt.id, perm.id, aout.depth, FALSE
177 permission.grp_tree pgt,
178 permission.perm_list perm,
179 actor.org_unit_type aout
181 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
182 pgt.name = 'Staff' AND
183 aout.name = 'Branch' AND
188 'COPY_TRANSIT_RECEIVE',
190 'CREATE_IN_HOUSE_USE',
192 'RENEW_HOLD_OVERRIDE',
198 -- Add basic cataloguing permissions to the Catalogers group
200 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
202 pgt.id, perm.id, aout.depth, FALSE
204 permission.grp_tree pgt,
205 permission.perm_list perm,
206 actor.org_unit_type aout
208 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
209 pgt.name = 'Catalogers' AND
210 aout.name = 'Consortium' AND
213 'CREATE_BIB_IMPORT_QUEUE',
214 'CREATE_IMPORT_ITEM',
217 'DELETE_BIB_IMPORT_QUEUE',
218 'DELETE_IMPORT_ITEM',
221 'IMPORT_ACQ_LINEITEM_BIB_RECORD',
223 'MERGE_AUTH_RECORDS',
225 'UPDATE_AUTHORITY_IMPORT_QUEUE',
226 'UPDATE_AUTHORITY_RECORD_NOTE',
227 'UPDATE_BIB_IMPORT_QUEUE',
231 'VIEW_AUTHORITY_RECORD_NOTES');
233 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
235 pgt.id, perm.id, aout.depth, FALSE
237 permission.grp_tree pgt,
238 permission.perm_list perm,
239 actor.org_unit_type aout
241 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
242 pgt.name = 'Catalogers' AND
243 aout.name = 'System' AND
247 'CREATE_MFHD_RECORD',
249 'CREATE_VOLUME_NOTE',
252 'DELETE_MFHD_RECORD',
254 'DELETE_VOLUME_NOTE',
255 'MARK_ITEM_AVAILABLE',
257 'MARK_ITEM_CHECKED_OUT',
259 'MARK_ITEM_IN_PROCESS',
260 'MARK_ITEM_IN_TRANSIT',
263 'MARK_ITEM_ON_HOLDS_SHELF',
264 'MARK_ITEM_ON_ORDER',
265 'MARK_ITEM_RESHELVING',
268 'UPDATE_IMPORT_ITEM',
269 'UPDATE_MFHD_RECORD',
271 'UPDATE_VOLUME_NOTE',
272 'VIEW_SERIAL_SUBSCRIPTION');
275 -- Add advanced cataloguing permissions to the Cataloging Admin group
277 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
279 pgt.id, perm.id, aout.depth, TRUE
281 permission.grp_tree pgt,
282 permission.perm_list perm,
283 actor.org_unit_type aout
285 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
286 pgt.name = 'Cataloging Admin' AND
287 aout.name = 'Consortium' AND
289 'ADMIN_IMPORT_ITEM_ATTR_DEF',
290 'ADMIN_MERGE_PROFILE',
291 'CREATE_AUTHORITY_IMPORT_IMPORT_DEF',
292 'CREATE_BIB_IMPORT_FIELD_DEF',
294 'CREATE_IMPORT_ITEM_ATTR_DEF',
295 'CREATE_IMPORT_TRASH_FIELD',
296 'CREATE_MERGE_PROFILE',
297 'DELETE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
299 'DELETE_IMPORT_ITEM_ATTR_DEF',
300 'DELETE_IMPORT_TRASH_FIELD',
301 'DELETE_MERGE_PROFILE',
302 'UPDATE_AUTHORITY_IMPORT_IMPORT_FIELD_DEF',
303 'UPDATE_BIB_IMPORT_IMPORT_FIELD_DEF',
304 'UPDATE_IMPORT_ITEM_ATTR_DEF',
305 'UPDATE_IMPORT_TRASH_FIELD',
306 'UPDATE_MERGE_PROFILE');
308 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
310 pgt.id, perm.id, aout.depth, TRUE
312 permission.grp_tree pgt,
313 permission.perm_list perm,
314 actor.org_unit_type aout
316 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
317 pgt.name = 'Cataloging Admin' AND
318 aout.name = 'System' AND
320 'CREATE_COPY_STAT_CAT',
321 'CREATE_COPY_STAT_CAT_ENTRY',
322 'CREATE_COPY_STAT_CAT_ENTRY_MAP',
324 'SHARE_REPORT_FOLDER',
325 'UPDATE_COPY_LOCATION',
326 'UPDATE_COPY_STAT_CAT',
327 'UPDATE_COPY_STAT_CAT_ENTRY',
328 'VIEW_REPORT_OUTPUT');
331 -- Add basic circulation permissions to the Circulators group
333 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
335 pgt.id, perm.id, aout.depth, FALSE
337 permission.grp_tree pgt,
338 permission.perm_list perm,
339 actor.org_unit_type aout
341 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
342 pgt.name = 'Circulators' AND
343 aout.name = 'Branch' AND
345 'ADMIN_BOOKING_RESERVATION',
346 'ADMIN_BOOKING_RESOURCE',
347 'ADMIN_BOOKING_RESOURCE_ATTR',
348 'ADMIN_BOOKING_RESOURCE_ATTR_MAP',
349 'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
350 'ADMIN_BOOKING_RESOURCE_TYPE',
352 'MARK_ITEM_AVAILABLE',
354 'MARK_ITEM_CHECKED_OUT',
356 'MARK_ITEM_IN_PROCESS',
357 'MARK_ITEM_IN_TRANSIT',
360 'MARK_ITEM_ON_HOLDS_SHELF',
361 'MARK_ITEM_ON_ORDER',
362 'MARK_ITEM_RESHELVING',
365 'REMOVE_USER_GROUP_LINK',
366 'SET_CIRC_CLAIMS_RETURNED',
367 'SET_CIRC_CLAIMS_RETURNED.override',
371 'UPDATE_PATRON_CLAIM_NEVER_CHECKED_OUT_COUNT',
372 'UPDATE_PATRON_CLAIM_RETURN_COUNT',
373 'UPDATE_PAYMENT_NOTE',
374 'UPDATE_PICKUP_LIB FROM_TRANSIT',
375 'UPDATE_PICKUP_LIB_FROM_HOLDS_SHELF',
376 'VIEW_GROUP_PENALTY_THRESHOLD',
377 'VIEW_STANDING_PENALTY',
381 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
383 pgt.id, perm.id, aout.depth, FALSE
385 permission.grp_tree pgt,
386 permission.perm_list perm,
387 actor.org_unit_type aout
389 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
390 pgt.name = 'Circulators' AND
391 aout.name = 'System' AND
393 'ABORT_REMOTE_TRANSIT',
395 'CAPTURE_RESERVATION',
396 'CIRC_CLAIMS_RETURNED.override',
397 'CIRC_EXCEEDS_COPY_RANGE.override',
398 'CIRC_OVERRIDE_DUE_DATE',
399 'CIRC_PERMIT_OVERRIDE',
400 'COPY_ALERT_MESSAGE.override',
401 'COPY_BAD_STATUS.override',
402 'COPY_CIRC_NOT_ALLOWED.override',
403 'COPY_IS_REFERENCE.override',
404 'COPY_NEEDED_FOR_HOLD.override',
405 'COPY_NOT_AVAILABLE.override',
406 'COPY_STATUS_LOST.override',
407 'COPY_STATUS_MISSING.override',
408 'CREATE_DUPLICATE_HOLDS',
409 'CREATE_USER_GROUP_LINK',
411 'HOLD_EXISTS.override',
412 'HOLD_ITEM_CHECKED_OUT.override',
414 'ITEM_AGE_PROTECTED.override',
415 'ITEM_ON_HOLDS_SHELF.override',
416 'MAX_RENEWALS_REACHED.override',
417 'OVERRIDE_HOLD_HAS_LOCAL_COPY',
418 'PATRON_EXCEEDS_CHECKOUT_COUNT.override',
419 'PATRON_EXCEEDS_FINES.override',
420 'PATRON_EXCEEDS_OVERDUE_COUNT.override',
421 'RETRIEVE_RESERVATION_PULL_LIST',
425 -- Add advanced circulation permissions to the Circulation Admin group
427 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
429 pgt.id, perm.id, aout.depth, TRUE
431 permission.grp_tree pgt,
432 permission.perm_list perm,
433 actor.org_unit_type aout
435 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
436 pgt.name = 'Circulation Admin' AND
437 aout.name = 'Branch' AND
441 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
443 pgt.id, perm.id, aout.depth, TRUE
445 permission.grp_tree pgt,
446 permission.perm_list perm,
447 actor.org_unit_type aout
449 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
450 pgt.name = 'Circulation Admin' AND
451 aout.name = 'Consortium' AND
453 'ADMIN_MAX_FINE_RULE',
454 'CREATE_CIRC_DURATION',
455 'DELETE_CIRC_DURATION',
456 'UPDATE_CIRC_DURATION',
457 'UPDATE_NET_ACCESS_LEVEL',
458 'VIEW_CIRC_MATRIX_MATCHPOINT',
459 'VIEW_HOLD_MATRIX_MATCHPOINT');
461 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
463 pgt.id, perm.id, aout.depth, TRUE
465 permission.grp_tree pgt,
466 permission.perm_list perm,
467 actor.org_unit_type aout
469 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
470 pgt.name = 'Circulation Admin' AND
471 aout.name = 'System' AND
473 'ADMIN_BOOKING_RESERVATION',
474 'ADMIN_BOOKING_RESERVATION_ATTR_MAP',
475 'ADMIN_BOOKING_RESERVATION_ATTR_VALUE_MAP',
476 'ADMIN_BOOKING_RESOURCE',
477 'ADMIN_BOOKING_RESOURCE_ATTR',
478 'ADMIN_BOOKING_RESOURCE_ATTR_MAP',
479 'ADMIN_BOOKING_RESOURCE_ATTR_VALUE',
480 'ADMIN_BOOKING_RESOURCE_TYPE',
481 'ADMIN_COPY_LOCATION_ORDER',
482 'ADMIN_HOLD_CANCEL_CAUSE',
486 'COPY_TRANSIT_RECEIVE',
488 'CREATE_BILLING_TYPE',
489 'CREATE_NON_CAT_TYPE',
490 'CREATE_PATRON_STAT_CAT',
491 'CREATE_PATRON_STAT_CAT_ENTRY',
492 'CREATE_PATRON_STAT_CAT_ENTRY_MAP',
493 'CREATE_USER_GROUP_LINK',
494 'DELETE_BILLING_TYPE',
495 'DELETE_NON_CAT_TYPE',
496 'DELETE_PATRON_STAT_CAT',
497 'DELETE_PATRON_STAT_CAT_ENTRY',
498 'DELETE_PATRON_STAT_CAT_ENTRY_MAP',
500 'group_application.user.staff',
502 'MARK_ITEM_AVAILABLE',
504 'MARK_ITEM_CHECKED_OUT',
506 'MARK_ITEM_IN_PROCESS',
507 'MARK_ITEM_IN_TRANSIT',
510 'MARK_ITEM_ON_HOLDS_SHELF',
511 'MARK_ITEM_ON_ORDER',
512 'MARK_ITEM_RESHELVING',
514 'money.collections_tracker.create',
515 'money.collections_tracker.delete',
519 'REMOVE_USER_GROUP_LINK',
520 'SET_CIRC_CLAIMS_RETURNED',
521 'SET_CIRC_CLAIMS_RETURNED.override',
526 'UPDATE_NON_CAT_TYPE',
527 'UPDATE_PATRON_CLAIM_NEVER_CHECKED_OUT_COUNT',
528 'UPDATE_PATRON_CLAIM_RETURN_COUNT',
529 'UPDATE_PICKUP_LIB_FROM_HOLDS_SHELF',
530 'UPDATE_PICKUP_LIB_FROM_TRANSIT',
532 'VIEW_REPORT_OUTPUT',
533 'VIEW_STANDING_PENALTY',
538 -- Add basic sys admin permissions to the Local Administrator group
540 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
542 pgt.id, perm.id, aout.depth, TRUE
544 permission.grp_tree pgt,
545 permission.perm_list perm,
546 actor.org_unit_type aout
548 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
549 pgt.name = 'Local Administrator' AND
550 aout.name = 'Branch' AND
555 -- Add administration permissions to the System Administrator group
557 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
559 pgt.id, perm.id, aout.depth, TRUE
561 permission.grp_tree pgt,
562 permission.perm_list perm,
563 actor.org_unit_type aout
565 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
566 pgt.name = 'System Administrator' AND
567 aout.name = 'System' AND
571 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
573 pgt.id, perm.id, aout.depth, FALSE
575 permission.grp_tree pgt,
576 permission.perm_list perm,
577 actor.org_unit_type aout
579 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
580 pgt.name = 'System Administrator' AND
581 aout.name = 'Consortium' AND
582 perm.code ~ '^VIEW_TRIGGER';
585 -- Add administration permissions to the Global Administrator group
587 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
589 pgt.id, perm.id, aout.depth, TRUE
591 permission.grp_tree pgt,
592 permission.perm_list perm,
593 actor.org_unit_type aout
595 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
596 pgt.name = 'Global Administrator' AND
597 aout.name = 'Consortium' AND
602 -- Add basic acquisitions permissions to the Acquisitions group
604 SELECT SETVAL('permission.grp_perm_map_id_seq'::TEXT, (SELECT MAX(id) FROM permission.grp_perm_map));
606 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
608 pgt.id, perm.id, aout.depth, FALSE
610 permission.grp_tree pgt,
611 permission.perm_list perm,
612 actor.org_unit_type aout
614 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
615 pgt.name = 'Acquisitions' AND
616 aout.name = 'Consortium' AND
619 'CREATE_BIB_IMPORT_QUEUE',
620 'CREATE_IMPORT_ITEM',
624 'CREATE_PURCHASE_ORDER',
625 'DELETE_BIB_IMPORT_QUEUE',
626 'DELETE_IMPORT_ITEM',
629 'DELETE_VOLUME_NOTE',
631 'IMPORT_ACQ_LINEITEM_BIB_RECORD',
635 'MANAGE_FUNDING_SOURCE',
637 'MARK_ITEM_AVAILABLE',
639 'MARK_ITEM_CHECKED_OUT',
641 'MARK_ITEM_IN_PROCESS',
642 'MARK_ITEM_IN_TRANSIT',
645 'MARK_ITEM_ON_HOLDS_SHELF',
646 'MARK_ITEM_ON_ORDER',
647 'MARK_ITEM_RESHELVING',
648 'RECEIVE_PURCHASE_ORDER',
650 'UPDATE_BIB_IMPORT_QUEUE',
653 'UPDATE_FUND_ALLOCATION',
654 'UPDATE_FUNDING_SOURCE',
655 'UPDATE_IMPORT_ITEM',
659 'user_request.delete',
660 'user_request.update',
662 'VIEW_ACQ_FUND_ALLOCATION_PERCENT',
663 'VIEW_ACQ_FUNDING_SOURCE',
665 'VIEW_FUND_ALLOCATION',
666 'VIEW_FUNDING_SOURCE',
672 'VIEW_PURCHASE_ORDER',
673 'VIEW_REPORT_OUTPUT');
676 -- Add acquisitions administration permissions to the Acquisitions Admin group
678 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
680 pgt.id, perm.id, aout.depth, TRUE
682 permission.grp_tree pgt,
683 permission.perm_list perm,
684 actor.org_unit_type aout
686 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
687 pgt.name = 'Acquisitions Administrator' AND
688 aout.name = 'Consortium' AND
690 'ACQ_XFER_MANUAL_DFUND_AMOUNT',
691 'ADMIN_ACQ_CANCEL_CAUSE',
693 'ADMIN_ACQ_CLAIM_EVENT_TYPE',
694 'ADMIN_ACQ_CLAIM_TYPE',
695 'ADMIN_ACQ_DISTRIB_FORMULA',
696 'ADMIN_ACQ_FISCAL_YEAR',
698 'ADMIN_ACQ_FUND_ALLOCATION_PERCENT',
699 'ADMIN_ACQ_FUND_TAG',
700 'ADMIN_ACQ_LINE_ITEM_ALERT_TEXT',
701 'ADMIN_CLAIM_POLICY',
702 'ADMIN_CURRENCY_TYPE',
704 'ADMIN_FUNDING_SOURCE',
706 'ADMIN_INVOICE_METHOD',
707 'ADMIN_INVOICE_PAYMENT_METHOD',
708 'ADMIN_LINEITEM_MARC_ATTR_DEF',
710 'ADMIN_USER_REQUEST_TYPE',
711 'CREATE_ACQ_FUNDING_SOURCE',
713 'CREATE_FUND_ALLOCATION',
714 'CREATE_FUNDING_SOURCE',
715 'CREATE_INVOICE_ITEM_TYPE',
716 'CREATE_INVOICE_METHOD',
718 'DELETE_ACQ_FUNDING_SOURCE',
720 'DELETE_FUND_ALLOCATION',
721 'DELETE_FUNDING_SOURCE',
722 'DELETE_INVOICE_ITEM_TYPE',
723 'DELETE_INVOICE_METHOD',
726 'SHARE_REPORT_FOLDER',
727 'UPDATE_ACQ_FUNDING_SOURCE',
728 'UPDATE_INVOICE_ITEM_TYPE',
729 'UPDATE_INVOICE_METHOD');
732 -- Add serials permissions to the Serials group
734 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
736 pgt.id, perm.id, aout.depth, FALSE
738 permission.grp_tree pgt,
739 permission.perm_list perm,
740 actor.org_unit_type aout
742 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
743 pgt.name = 'Serials' AND
744 aout.name = 'System' AND
746 'ADMIN_ASSET_COPY_TEMPLATE',
747 'ADMIN_SERIAL_CAPTION_PATTERN',
748 'ADMIN_SERIAL_DISTRIBUTION',
749 'ADMIN_SERIAL_STREAM',
750 'ADMIN_SERIAL_SUBSCRIPTION',
755 -- Add basic staff permissions to the Volunteers group
757 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
759 pgt.id, perm.id, aout.depth, FALSE
761 permission.grp_tree pgt,
762 permission.perm_list perm,
763 actor.org_unit_type aout
765 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
766 pgt.name = 'Volunteers' AND
767 aout.name = 'Branch' AND
771 'CREATE_IN_HOUSE_USE',
775 'VIEW_COPY_CHECKOUT',
780 'VIEW_USER_FINES_SUMMARY',
781 'VIEW_USER_TRANSACTIONS');
783 INSERT INTO permission.grp_perm_map (grp, perm, depth, grantable)
785 pgt.id, perm.id, aout.depth, FALSE
787 permission.grp_tree pgt,
788 permission.perm_list perm,
789 actor.org_unit_type aout
791 pgt.id NOT IN (SELECT grp FROM permission.grp_perm_map m WHERE m.perm = perm.id ORDER BY 1) AND
792 pgt.name = 'Volunteers' AND
793 aout.name = 'Consortium' AND
795 'CREATE_COPY_TRANSIT',
796 'CREATE_TRANSACTION',
800 'VIEW_ORG_SETTINGS');