| | 72 | == Creating Roles and ACLs == |
| | 73 | Roles and ACLs are normally created during [DeveloperGuidelines/PrePopulate Prepopulate]. |
| | 74 | |
| | 75 | e.g. |
| | 76 | * https://github.com/flavour/eden/blob/master/private/templates/IFRC/auth_roles.csv |
| | 77 | |
| | 78 | If you need to add ACLs after pre-pop (e.g. on a live production server): |
| | 79 | * Have an auth_roles.csv with just the title row & the new ACLs which you wish to add, e.g.: |
| | 80 | {{{ |
| | 81 | "uid","role","controller","function","uacl" |
| | 82 | "inv_super","Warehouse Super Editor","inv","req_match","READ" |
| | 83 | }}} |
| | 84 | * Have a tasks.cfg with just the line to import the roles: |
| | 85 | {{{ |
| | 86 | *,import_role,auth_roles.csv |
| | 87 | }}} |
| | 88 | * Copy both of these files to a folder on the server (e.g. /tmp) |
| | 89 | * Open a web2py shell: |
| | 90 | {{{ |
| | 91 | w2p |
| | 92 | }}} |
| | 93 | * Type these commands into that shell: |
| | 94 | {{{ |
| | 95 | auth.override = True |
| | 96 | s3db.load_all_models() |
| | 97 | bi = s3base.S3BulkImporter() |
| | 98 | s3.import_role = bi.import_role |
| | 99 | protected = s3mgr.PROTECTED |
| | 100 | s3mgr.PROTECTED = [] |
| | 101 | request.env.request_method = "GET" |
| | 102 | path = os.path.join("/","tmp") |
| | 103 | bi.perform_tasks(path) |
| | 104 | db.commit() |
| | 105 | }}} |
