Roy Golan has uploaded a new change for review. Change subject: core: grant UserRole on admin internal for all-in-one use-case ......................................................................
core: grant UserRole on admin internal for all-in-one use-case This fix will let admin@internal user the user portal as a regular user. Super users don't have rights to use the user portal and there is no change in that behaviour. This fix address the all-in-one use-case specifically. Change-Id: Ib0b51c03b27ad8f9ab0c34c43503b035267ad540 Bug-Url: https://bugzilla.redhat.com/887282 Signed-off-by: Roy Golan <[email protected]> --- A backend/manager/dbscripts/upgrade/03_02_0150_add_admin_internal_user_role_system.sql 1 file changed, 26 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/79/10379/1 diff --git a/backend/manager/dbscripts/upgrade/03_02_0150_add_admin_internal_user_role_system.sql b/backend/manager/dbscripts/upgrade/03_02_0150_add_admin_internal_user_role_system.sql new file mode 100644 index 0000000..863a1a0 --- /dev/null +++ b/backend/manager/dbscripts/upgrade/03_02_0150_add_admin_internal_user_role_system.sql @@ -0,0 +1,26 @@ +-- grant admin user role on system +CREATE OR REPLACE FUNCTION __temp_grant_admin_internal_user_role_on_system() + RETURNS void AS +$BODY$ + DECLARE + v_user_id uuid ; + v_user_role_id uuid; +BEGIN + v_user_id := user_id from users where username = 'admin@internal'; + v_user_role_id := '00000000-0000-0000-0001-000000000001'; + + insert into permissions(id,role_id,ad_element_id,object_id,object_type_id) + select uuid_generate_v1(), v_user_role_id, v_user_id, getGlobalIds('system'), 1 + where not exists + (select 1 from permissions + where role_id = v_user_role_id and + ad_element_id = v_user_id and + object_id= getGlobalIds('system') and + object_type_id = 1); +END; $BODY$ + +LANGUAGE plpgsql; + +select __temp_grant_admin_internal_user_role_on_system(); +drop function __temp_grant_admin_internal_user_role_on_system(); + -- To view, visit http://gerrit.ovirt.org/10379 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ib0b51c03b27ad8f9ab0c34c43503b035267ad540 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Roy Golan <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
