Mercurial > hg > release > thermostat-1.2

changeset 1630:65101ac36963

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
[mq]: remove_agent_permission.patch
author Mario Torre <neugens.limasoftware@gmail.com>
date Thu, 11 Dec 2014 12:22:40 +0100
parents 4552784dedb6
children aa80de0bd1b0
files distribution/config/thermostat-roles.properties pom.xml
diffstat 2 files changed, 2 insertions(+), 20 deletions(-) [+]
line wrap: on
line diff
--- a/distribution/config/thermostat-roles.properties	Thu Dec 11 11:45:08 2014 +0100
+++ b/distribution/config/thermostat-roles.properties	Thu Dec 11 12:22:40 2014 +0100
@@ -28,8 +28,7 @@
 #
 # Example recursive role definition allowed-to-do-everything agent-users. You
 # can uncomment the following lines and assign your agent users this
-# "thermostat-agent" role. Be sure to also assign them role
-# "thermostat-agent-query-roles" below. 
+# "thermostat-agent" role.
 #thermostat-agent = thermostat-cmdc-verify, \
 #                   thermostat-login, \
 #                   thermostat-prepare-statement, \
@@ -39,12 +38,6 @@
 #                   thermostat-save-file, \
 #                   thermostat-write, \
 #                   thermostat-files-grant-write-filename-ALL
-# The thread-monitor feature requires agents to read thread headers before
-# it can determine if there need to get more headers put into the DB. Be
-# sure to grand a role like the following to your agent users.
-#thermostat-agent-query-roles = thermostat-query, \
-#                   thermostat-agents-grant-read-agentId-ALL, \
-#                   thermostat-vms-grant-read-vmId-ALL
 #
 # Example recursive role definition for allowed-to-see-everything client-users.
 # You may uncomment the following lines and assign your client users this
--- a/pom.xml	Thu Dec 11 11:45:08 2014 +0100
+++ b/pom.xml	Thu Dec 11 12:22:40 2014 +0100
@@ -120,7 +120,7 @@
         </dev.users.snippet>
         <dev.roles.snippet>
 # Roles for our two dev users
-${agent.dev.username}=thermostat-agent, thermostat-grant-write-files-all-agent, thermostat-agent-query-roles
+${agent.dev.username}=thermostat-agent, thermostat-grant-write-files-all-agent
 # client-tester needs thermostat-purge role for clean-data command to work
 client-tester=thermostat-grant-read-all-client, thermostat-cmdc, thermostat-purge
 # Agent recursive role
@@ -132,17 +132,6 @@
                    thermostat-realm, \
                    thermostat-save-file, \
                    thermostat-write
-# The thread-monitor feature requires agents to read thread headers before
-# it can determine if there need to get more headers put into the DB.
-# See ThreadHeaderHelper.checkAndSaveThreadHeader(). In particular this line:
-#  ThreadHeader inStorage = threadDao.getThread(template);
-# FIXME: We should have a way of granting an agent read privs only for
-#        records of this agent. In order to be able to do this, we'd have
-#        to know agentIds ahead of time, which we don't. It's generated at
-#        start-up.
-thermostat-agent-query-roles = thermostat-query, \
-                   thermostat-agents-grant-read-agentId-ALL, \
-                   thermostat-vms-grant-read-vmId-ALL
 # Grant agent to write any file
 thermostat-grant-write-files-all-agent = thermostat-files-grant-write-filename-ALL