Skip to content

Commit

Permalink
Add SECURE-SERVER:READ capability to operations role (#7712)
Browse files Browse the repository at this point in the history
  • Loading branch information
zrhoffman authored Aug 14, 2023
1 parent 9c4ba13 commit 2e7e28e
Show file tree
Hide file tree
Showing 3 changed files with 49 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with this
* work for additional information regarding copyright ownership. The ASF
* licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/

WITH role_id_query AS (
SELECT id FROM public.role WHERE name = 'operations'
)
DELETE FROM public.role_capability
WHERE role_id IN (
SELECT id FROM role_id_query
)
AND cap_name = 'SECURE-SERVER:READ';
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one or more
* contributor license agreements. See the NOTICE file distributed with this
* work for additional information regarding copyright ownership. The ASF
* licenses this file to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
* License for the specific language governing permissions and limitations under
* the License.
*/

WITH role_id_query AS (
SELECT id FROM public.role WHERE name = 'operations'
)
INSERT INTO public.role_capability ("role_id", cap_name)
SELECT id, 'SECURE-SERVER:READ'
FROM role_id_query;
1 change: 1 addition & 0 deletions traffic_ops/app/db/seeds.sql
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,7 @@ CROSS JOIN ( VALUES
('REGION:CREATE'),
('REGION:DELETE'),
('REGION:UPDATE'),
('SECURE-SERVER:READ'),
('SERVER-CAPABILITY:CREATE'),
('SERVER-CAPABILITY:DELETE'),
('SERVER-CAPABILITY:UPDATE'),
Expand Down

0 comments on commit 2e7e28e

Please sign in to comment.