Commit cf665d1d authored by Francesc Guasch's avatar Francesc Guasch
Browse files

[#222] tables for granting permissions

parent e7f31ee8
/* any user should be allowed these */
INSERT INTO grant_types(name,description) VALUES('clone',"can clone public virtual machines.");
INSERT INTO grant_types(name,description) VALUES('change_settings',"can change the settings of owned virtual machines.");
INSERT INTO grant_types(name,description) VALUES('remove',"can remove any virtual machines owned by the user.");
INSERT INTO grant_types(name,description) VALUES('screenshot',"can take a screenshot of any virtual machine owned by the user.");
/* managers should be allowed these */
INSERT INTO grant_types(name,description) VALUES('create_domain',"can create virtual machines.");
INSERT INTO grant_types(name,description) VALUES('create_base',"can create bases.");
/* managers should be allowed these */
INSERT INTO grant_types(name,description) VALUES('change_settings_clones',"can change the settings of any virtual machines cloned from one base owned by the user.");
INSERT INTO grant_types(name,description) VALUES('remove_clone',"can remove clones from virtual machines owned by the user.");
INSERT INTO grant_types(name,description) VALUES('shutdown_clone',"can shutdown clones from virtual machines owned by the user.");
INSERT INTO grant_types(name,description) VALUES('hibernate_clone',"can hibernate clones from virtual machines owned by the user.");
/* operators should be allowed these */
INSERT INTO grant_types(name,description) VALUES('change_settings_all',"can change the settings of any virtual machines.");
INSERT INTO grant_types(name,description) VALUES('remove_clone_all',"can remove any clone.");
INSERT INTO grant_types(name,description) VALUES('hibernate_clone_all',"can hibernate any clone.");
/* admins should be allowed these */
INSERT INTO grant_types(name,description) VALUES('clone_all',"can clone any virtual machine.");
INSERT INTO grant_types(name,description) VALUES('remove_all',"can remove any virtual machine.");
INSERT INTO grant_types(name,description) VALUES('shutdown_all',"can shutdown any virtual machine.");
INSERT INTO grant_types(name,description) VALUES('hibernate_all',"can hibernate any virtual machine.");
INSERT INTO grant_types(name,description) VALUES('screenshot_all',"can take a screenshot of any virtual machine.");
INSERT INTO grant_types(name,description) VALUES('grant','can grant permissions to other users');
SQL:= ../sqlite/bases.sql ../sqlite/iso_images.sql ../sqlite/lxc_templates.sql ../sqlite/requests.sql ../sqlite/file_base_images.sql ../sqlite/domains_network.sql ../sqlite/messages.sql ../sqlite/networks.sql ../sqlite/domains.sql ../sqlite/users.sql ../sqlite/iptables.sql ../sqlite/domain_drivers_options.sql ../sqlite/domain_drivers_types.sql ../sqlite/vms.sql ../sqlite/base_xml.sql
SQL:= ../sqlite/bases.sql ../sqlite/iso_images.sql ../sqlite/lxc_templates.sql ../sqlite/requests.sql ../sqlite/file_base_images.sql ../sqlite/domains_network.sql ../sqlite/messages.sql ../sqlite/networks.sql ../sqlite/domains.sql ../sqlite/users.sql ../sqlite/iptables.sql ../sqlite/domain_drivers_options.sql ../sqlite/domain_drivers_types.sql ../sqlite/vms.sql ../sqlite/base_xml.sql ../sqlite/grant_types.sql ../sqlite/grants_user.sql
ALL: $(SQL)
......
CREATE TABLE `grant_types` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`name` char(32) NOT NULL,
`description` varchar(255) NOT NULL,
UNIQUE(`name`),
UNIQUE(`description`),
PRIMARY KEY (`id`)
);
CREATE TABLE `grants_user` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`id_user` int(11) NOT NULL,
`id_grant` int(11) NOT NULL,
`allowed` int(11) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE(`id_grant`,`id_user`)
);
CREATE TABLE `grant_types` (
`id` integer NOT NULL primary key AUTOINCREMENT,
`name` char(32) NOT NULL,
`description` varchar(255) NOT NULL,
UNIQUE (`name`),
UNIQUE (`description`)
);
CREATE TABLE `grants_user` (
`id` integer NOT NULL primary key AUTOINCREMENT,
`id_grant` integer not null,
`id_user` integer not null,
`allowed` integer not null default 0,
UNIQUE (`id_grant`,`id_user`)
);
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment