DeforaNetworks/corteza
DeforaNetworks/corteza
3
0
Fork 0
Code

Change how system provision state is detected

Browse Source 
We can not check for roles as they are pre-inserted in the (db) migration
files - we count perm. rules for admins & everyone
This commit is contained in:
Denis Arh 2019-09-27 14:32:49 +02:00
parent ebf771f45f
commit 618f18f620
3 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
provision/system/src/0000_access_control.yaml
View File

@ -1,6 +1,3 @@
roles:
admins: Administrators
allow:
admins:
system:

2
provision/system/static.go
View File

@ -3,4 +3,4 @@
// Package contains static assets.
package system
var Asset = "PK\x03\x04\x14\x00\x08\x00\x00\x00\x00\x00!(\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x18\x00 \x000000_access_control.yamlUT\x05\x00\x01\x80Cm8roles:\n admins: Administrators\n\nallow:\n admins:\n system:\n - access\n - grant\n - settings.read\n - settings.manage\n - organisation.create\n - application.create\n - user.create\n - role.create\n - automation-script.create\n\n system:application:\n - read\n - update\n - delete\n\n system:user:\n - read\n - update\n - suspend\n - unsuspend\n - delete\n\n system:role:\n - read\n - update\n - delete\n - members.manage\n\n system:automation-script:\n - read\n - update\n - delete\nPK\x07\x08\xe5T\x99\x88J\x02\x00\x00J\x02\x00\x00PK\x01\x02\x14\x03\x14\x00\x08\x00\x00\x00\x00\x00!(\xe5T\x99\x88J\x02\x00\x00J\x02\x00\x00\x18\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4\x81\x00\x00\x00\x000000_access_control.yamlUT\x05\x00\x01\x80Cm8PK\x05\x06\x00\x00\x00\x00\x01\x00\x01\x00O\x00\x00\x00\x99\x02\x00\x00\x00\x00"
var Asset = "PK\x03\x04\x14\x00\x08\x00\x00\x00\x00\x00!(\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x18\x00 \x000000_access_control.yamlUT\x05\x00\x01\x80Cm8allow:\n admins:\n system:\n - access\n - grant\n - settings.read\n - settings.manage\n - organisation.create\n - application.create\n - user.create\n - role.create\n - automation-script.create\n\n system:application:\n - read\n - update\n - delete\n\n system:user:\n - read\n - update\n - suspend\n - unsuspend\n - delete\n\n system:role:\n - read\n - update\n - delete\n - members.manage\n\n system:automation-script:\n - read\n - update\n - delete\nPK\x07\x08\xd3\xa84K)\x02\x00\x00)\x02\x00\x00PK\x01\x02\x14\x03\x14\x00\x08\x00\x00\x00\x00\x00!(\xd3\xa84K)\x02\x00\x00)\x02\x00\x00\x18\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\xa4\x81\x00\x00\x00\x000000_access_control.yamlUT\x05\x00\x01\x80Cm8PK\x05\x06\x00\x00\x00\x00\x01\x00\x01\x00O\x00\x00\x00x\x02\x00\x00\x00\x00"

7
system/provision-config.go
View File

@ -9,6 +9,7 @@ import (
"go.uber.org/zap"
"github.com/cortezaproject/corteza-server/internal/auth"
"github.com/cortezaproject/corteza-server/internal/permissions"
"github.com/cortezaproject/corteza-server/pkg/cli"
impAux "github.com/cortezaproject/corteza-server/pkg/importer"
provision "github.com/cortezaproject/corteza-server/provision/system"
@ -43,10 +44,10 @@ func provisionConfig(ctx context.Context, cmd *cobra.Command, c *cli.Config) err
)
}
// Provision ONLY when there are no roles
// Provision ONLY when there are no rules for role admins / everyone
func isProvisioned(ctx context.Context) (bool, error) {
rr, err := service.DefaultRole.With(ctx).Find(&types.RoleFilter{})
return len(rr) > 0, err
return len(service.DefaultPermissions.FindRulesByRoleID(permissions.EveryoneRoleID)) > 0 &&
len(service.DefaultPermissions.FindRulesByRoleID(permissions.AdminRoleID)) > 0, nil
}
func makeDefaultApplications(ctx context.Context, cmd *cobra.Command, c *cli.Config) error {