From 3e913fa65e9e5c1d687372b89b5467edb3e77973 Mon Sep 17 00:00:00 2001
From: Russ Allbery <eagle@eyrie.org>
Date: Wed, 16 Jul 2014 16:20:10 -0700
Subject: Go back to recording the ADMIN ACL in history

This turned out to not be necessary for testing since I was already
using sqlite3 to load an unversioned schema.  Remove the offending
line and restore the old code with some cleanup.

Change-Id: I282b6f3b4754e4899222be6366b77a47f0cb7189
Reviewed-on: https://gerrit.stanford.edu/1575
Reviewed-by: Russ Allbery <rra@stanford.edu>
Tested-by: Russ Allbery <rra@stanford.edu>
---
 perl/lib/Wallet/Admin.pm | 18 ++++--------------
 1 file changed, 4 insertions(+), 14 deletions(-)

(limited to 'perl/lib/Wallet/Admin.pm')

diff --git a/perl/lib/Wallet/Admin.pm b/perl/lib/Wallet/Admin.pm
index 8481979..33e2a7d 100644
--- a/perl/lib/Wallet/Admin.pm
+++ b/perl/lib/Wallet/Admin.pm
@@ -98,20 +98,10 @@ sub initialize {
     $self->default_data;
 
     # Create a default admin ACL.
-    eval {
-        my $guard = $self->{schema}->txn_scope_guard;
-        $self->{schema}->resultset ('Acl')->populate ([
-            [ qw/ac_id ac_name/ ],
-            [ 1, 'ADMIN'        ],
-        ]);
-        $self->{schema}->resultset ('AclEntry')->populate ([
-            [ qw/ae_id ae_scheme ae_identifier/ ],
-            [ 1, 'krb5', $user                  ],
-        ]);
-        $guard->commit;
-    };
-    if ($@) {
-        $self->error ("cannot add ADMIN ACL: $@");
+    my $schema = $self->{schema};
+    my $acl = Wallet::ACL->create ('ADMIN', $schema, $user, 'localhost');
+    unless ($acl->add ('krb5', $user, $user, 'localhost')) {
+        $self->error ($acl->error);
         return;
     }
     return 1;
-- 
cgit v1.2.3