2019-05-24 06:04:58 +00:00
|
|
|
package bolt
|
|
|
|
|
|
|
|
|
|
import portainer "github.com/portainer/portainer/api"
|
|
|
|
|
|
|
|
|
|
// Init creates the default data set.
|
|
|
|
|
func (store *Store) Init() error {
|
|
|
|
|
groups, err := store.EndpointGroupService.EndpointGroups()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(groups) == 0 {
|
|
|
|
|
unassignedGroup := &portainer.EndpointGroup{
|
|
|
|
|
Name: "Unassigned",
|
|
|
|
|
Description: "Unassigned endpoints",
|
|
|
|
|
Labels: []portainer.Pair{},
|
|
|
|
|
UserAccessPolicies: portainer.UserAccessPolicies{},
|
|
|
|
|
TeamAccessPolicies: portainer.TeamAccessPolicies{},
|
|
|
|
|
Tags: []string{},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = store.EndpointGroupService.CreateEndpointGroup(unassignedGroup)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
roles, err := store.RoleService.Roles()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(roles) == 0 {
|
|
|
|
|
environmentAdministratorRole := &portainer.Role{
|
2019-11-12 23:41:42 +00:00
|
|
|
Name: "Endpoint administrator",
|
|
|
|
|
Description: "Full control of all resources in an endpoint",
|
2019-11-18 08:22:47 +00:00
|
|
|
Priority: 1,
|
2019-11-12 23:41:42 +00:00
|
|
|
Authorizations: portainer.DefaultEndpointAuthorizationsForEndpointAdministratorRole(),
|
2019-05-24 06:04:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = store.RoleService.CreateRole(environmentAdministratorRole)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
environmentReadOnlyUserRole := &portainer.Role{
|
2019-11-12 23:41:42 +00:00
|
|
|
Name: "Helpdesk",
|
|
|
|
|
Description: "Read-only access of all resources in an endpoint",
|
2019-11-18 08:22:47 +00:00
|
|
|
Priority: 2,
|
2019-11-12 23:41:42 +00:00
|
|
|
Authorizations: portainer.DefaultEndpointAuthorizationsForHelpDeskRole(false),
|
2019-05-24 06:04:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = store.RoleService.CreateRole(environmentReadOnlyUserRole)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
standardUserRole := &portainer.Role{
|
2019-11-12 23:41:42 +00:00
|
|
|
Name: "Standard user",
|
|
|
|
|
Description: "Full control of assigned resources in an endpoint",
|
2019-11-18 08:22:47 +00:00
|
|
|
Priority: 3,
|
2019-11-12 23:41:42 +00:00
|
|
|
Authorizations: portainer.DefaultEndpointAuthorizationsForStandardUserRole(false),
|
2019-05-24 06:04:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = store.RoleService.CreateRole(standardUserRole)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
readOnlyUserRole := &portainer.Role{
|
2019-11-12 23:41:42 +00:00
|
|
|
Name: "Read-only user",
|
|
|
|
|
Description: "Read-only access of assigned resources in an endpoint",
|
2019-11-18 08:22:47 +00:00
|
|
|
Priority: 4,
|
2019-11-12 23:41:42 +00:00
|
|
|
Authorizations: portainer.DefaultEndpointAuthorizationsForReadOnlyUserRole(false),
|
2019-05-24 06:04:58 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = store.RoleService.CreateRole(readOnlyUserRole)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
