slapos_erp5: Clean up security

088ae63e · Rafael Monnerat · c7e7347f · 088ae63e · 088ae63e · 088ae63e
Commit 088ae63e authored Feb 11, 2021 by Rafael Monnerat
11 changed files
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/account_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/account_module.xml
@@ -4,9 +4,6 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
-  <role id='R-MEMBER'>
-   <item>Auditor</item>
-  </role>
  <role id='R-SHADOW-PERSON'>
   <item>Auditor</item>
  </role>
@@ -19,8 +16,5 @@
  <local_role_group_id id='shadow'>
    <principal id='R-SHADOW-PERSON'>Auditor</principal>
  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-MEMBER'>Auditor</principal>
-  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/data_set_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/data_set_module.xml
@@ -4,25 +4,11 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
-  <role id='R-COMPUTER'>
-   <item>Author</item>
-  </role>
-  <role id='R-INSTANCE'>
-   <item>Author</item>
-  </role>
-  <role id='R-MEMBER'>
-   <item>Author</item>
-  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='group'>
    <principal id='G-COMPANY'>Auditor</principal>
    <principal id='G-COMPANY'>Author</principal>
  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-COMPUTER'>Author</principal>
-    <principal id='R-INSTANCE'>Author</principal>
-    <principal id='R-MEMBER'>Author</principal>
-  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/document_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/document_module.xml
@@ -4,25 +4,11 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
-  <role id='R-COMPUTER'>
-   <item>Author</item>
-  </role>
-  <role id='R-INSTANCE'>
-   <item>Author</item>
-  </role>
-  <role id='R-MEMBER'>
-   <item>Author</item>
-  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='group'>
    <principal id='G-COMPANY'>Auditor</principal>
    <principal id='G-COMPANY'>Author</principal>
  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-COMPUTER'>Author</principal>
-    <principal id='R-INSTANCE'>Author</principal>
-    <principal id='R-MEMBER'>Author</principal>
-  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/image_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/image_module.xml
@@ -4,25 +4,11 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
-  <role id='R-COMPUTER'>
-   <item>Author</item>
-  </role>
-  <role id='R-INSTANCE'>
-   <item>Author</item>
-  </role>
-  <role id='R-MEMBER'>
-   <item>Author</item>
-  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='group'>
    <principal id='G-COMPANY'>Auditor</principal>
    <principal id='G-COMPANY'>Author</principal>
  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-COMPUTER'>Author</principal>
-    <principal id='R-INSTANCE'>Author</principal>
-    <principal id='R-MEMBER'>Author</principal>
-  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/invitation_token_module.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/invitation_token_module.xml
+<local_roles_item>
+ <local_roles>
+  <role id='G-COMPANY'>
+   <item>Auditor</item>
+   <item>Author</item>
+  </role>
+ </local_roles>
+ <local_role_group_ids>
+  <local_role_group_id id='group'>
+    <principal id='G-COMPANY'>Auditor</principal>
+    <principal id='G-COMPANY'>Author</principal>
+  </local_role_group_id>
+ </local_role_group_ids>
+</local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_contributions.xml
+++ b/master/bt5/slapos_erp5/LocalRolesTemplateItem/portal_contributions.xml
@@ -4,25 +4,11 @@
   <item>Auditor</item>
   <item>Author</item>
  </role>
-  <role id='R-COMPUTER'>
-   <item>Author</item>
-  </role>
-  <role id='R-INSTANCE'>
-   <item>Author</item>
-  </role>
-  <role id='R-MEMBER'>
-   <item>Author</item>
-  </role>
 </local_roles>
 <local_role_group_ids>
  <local_role_group_id id='group'>
    <principal id='G-COMPANY'>Auditor</principal>
    <principal id='G-COMPANY'>Author</principal>
  </local_role_group_id>
-  <local_role_group_id id='user'>
-    <principal id='R-COMPUTER'>Author</principal>
-    <principal id='R-INSTANCE'>Author</principal>
-    <principal id='R-MEMBER'>Author</principal>
-  </local_role_group_id>
 </local_role_group_ids>
 </local_roles_item>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Contract%20Invitation%20Token.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Contract%20Invitation%20Token.xml
+<type_roles>
+  <role id='Assignor'>
+   <property id='title'>Group company</property>
+   <multi_property id='categories'>local_role_group/group</multi_property>
+   <multi_property id='category'>group/company</multi_property>
+   <multi_property id='base_category'>group</multi_property>
+  </role>
+</type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Contribution%20Tool.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Contribution%20Tool.xml
@@ -5,11 +5,4 @@
   <multi_property id='category'>group/company</multi_property>
   <multi_property id='base_category'>group</multi_property>
  </role>
-  <role id='Author'>
-   <property id='title'>Security for Shacache (Author)</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='category'>role/member</multi_property>
-   <multi_property id='category'>role/computer</multi_property>
-   <multi_property id='category'>role/instance</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/File.xml
+++ b/master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/File.xml
@@ -5,11 +5,4 @@
   <multi_property id='category'>group/company</multi_property>
   <multi_property id='base_category'>group</multi_property>
  </role>
-  <role id='Auditor'>
-   <property id='title'>Shacache Security (Auditor)</property>
-   <property id='description'>Any user which has a valid assignment where the role is instance must have Auditor role.</property>
-   <multi_property id='category'>role/computer</multi_property>
-   <multi_property id='category'>role/member</multi_property>
-   <multi_property id='category'>role/instance</multi_property>
-  </role>
 </type_roles>
\ No newline at end of file
--- a/master/bt5/slapos_erp5/bt/template_local_role_list
+++ b/master/bt5/slapos_erp5/bt/template_local_role_list
@@ -41,6 +41,7 @@ event_module/slapos_crm_web_message_template
 hosting_subscription_module
 image_module
 inventory_module
+invitation_token_module
 knowledge_pad_module
 meeting_module
 notification_message_module

--- a/master/bt5/slapos_erp5/bt/template_portal_type_role_list
+++ b/master/bt5/slapos_erp5/bt/template_portal_type_role_list
@@ -27,6 +27,7 @@ Computer Network
 Computer Network Module
 Computer Partition
 Consumption Document Module
+Contract Invitation Token
 Contribution Tool
 Credential Update Module
 Credit Card