You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficcontrol.apache.org by mi...@apache.org on 2017/05/24 02:40:07 UTC
[02/14] incubator-trafficcontrol git commit: Applying review comments
by mitchell852
Applying review comments by mitchell852
(cherry picked from commit 0dcee94a32d78da1561038407710662783bed327)
Project: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/commit/b7eb8db4
Tree: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/tree/b7eb8db4
Diff: http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/diff/b7eb8db4
Branch: refs/heads/master
Commit: b7eb8db4ea053fee085496bd59d80c95ce6c8fb5
Parents: c324141
Author: naamashoresh <na...@qwilt.com>
Authored: Thu May 4 14:47:10 2017 +0300
Committer: Jeremy Mitchell <mi...@gmail.com>
Committed: Tue May 23 20:39:02 2017 -0600
----------------------------------------------------------------------
...0406000001_create_capabilities_and_roles.sql | 2 +
traffic_ops/app/db/seeds.sql | 484 +++++++++----------
traffic_ops/app/lib/API/ApiCapability.pm | 22 +-
traffic_ops/app/lib/API/Capability.pm | 73 ++-
traffic_ops/app/lib/TrafficOpsRoutes.pm | 7 +-
traffic_ops/app/t/api/1.2/api_capabilities.t | 2 +-
6 files changed, 294 insertions(+), 296 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/b7eb8db4/traffic_ops/app/db/migrations/20170406000001_create_capabilities_and_roles.sql
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/migrations/20170406000001_create_capabilities_and_roles.sql b/traffic_ops/app/db/migrations/20170406000001_create_capabilities_and_roles.sql
index 23b730b..fbedbed 100644
--- a/traffic_ops/app/db/migrations/20170406000001_create_capabilities_and_roles.sql
+++ b/traffic_ops/app/db/migrations/20170406000001_create_capabilities_and_roles.sql
@@ -37,6 +37,7 @@ CREATE TABLE api_capability (
route text NOT NULL,
capability text NOT NULL,
CONSTRAINT fk_capability FOREIGN KEY (capability) REFERENCES capability(name) ON DELETE RESTRICT,
+ UNIQUE (http_method, route, capability),
last_updated timestamp with time zone DEFAULT now()
);
@@ -48,6 +49,7 @@ CREATE TABLE role_capability (
CONSTRAINT fk_role_id FOREIGN KEY (role_id) REFERENCES role(id) ON DELETE CASCADE,
cap_name text NOT NULL,
CONSTRAINT fk_cap_name FOREIGN KEY (cap_name) REFERENCES capability(name) ON DELETE RESTRICT,
+ UNIQUE (role_id, cap_name),
last_updated timestamp with time zone DEFAULT now()
);
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/b7eb8db4/traffic_ops/app/db/seeds.sql
----------------------------------------------------------------------
diff --git a/traffic_ops/app/db/seeds.sql b/traffic_ops/app/db/seeds.sql
index f372c20..f6071b8 100644
--- a/traffic_ops/app/db/seeds.sql
+++ b/traffic_ops/app/db/seeds.sql
@@ -75,252 +75,252 @@ insert into role (name, description, priv_level) values ('root', 'Role for full
insert into tenant (name, active, parent_id) values ('root', true, null) ON CONFLICT DO NOTHING;
-- capabilities
-insert into capability (name, description) values ('all-read', 'Full read access') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('all-write', 'Full write access') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('asn-read', 'View ASN configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('asn-write', 'Create, edit or delete ASN configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('basic-read', 'Basic read operations. Every user should have this capability') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('basic-write', 'Basic write operations. Every user should have this capability') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cache-config-files-read', 'View the generated cache configuration files') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cache-group-read', 'View cache-group configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cache-group-write', 'Create, edit or delete cache-group configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cache-stats-read', 'View Cache statistics read access') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-config-snapshot-read', 'View config snapshot at CDN level') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-config-snapshot-write', 'Config snapshot write access at CDN level') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-health-read', 'View CDN health') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-read', 'View CDN configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-write', 'Create, edit or delete CDN configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-security-keys-read', 'View CDN DNSSEC keys') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-security-keys-write', 'Create, edit or delete CDN DNSSEC keys') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-stats-read', 'View CDN statistics') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('cdn-stats-write', 'Create, edit or delete CDN statistics') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('change-log-read', 'View change-log') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('change-log-write', 'Create change-log entries') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('division-read', 'View division configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('division-write', 'Create, edit or delete division configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-cache-read', 'View delivery-service cache assignment') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-cache-read', 'Create, edit or delete delivery-service cache assignment') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-health-read', 'View delivery-service health') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-read', 'View delivery-service configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-write', 'Create, edit or delete delivery-service configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-security-keys-read', 'View delivery-service security keys') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-security-keys-write', 'Create, edit or delete delivery-service security keys') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-stats-read', 'View delivery-service statistics') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-steering-read', 'View delivery-service steering configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('ds-steering-write', 'Create, edit or delete delivery-service steering configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('federation-routing-read', 'View federation routing') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('federation-routing-write', 'Create, edit or delete federation routing') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('job-read', 'View jobs') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('job-write', 'Create, edit or delete jobs') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('params-read', 'View parameters') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('params-write', 'Create, edit or delete parameters') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('phys-location-read', 'View physical location configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('phys-location-write', 'Create, edit or delete physical location configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('profile-read', 'View profiles') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('profile-write', 'Create, edit or delete profiles') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('queue-updates-write', 'Queue updates to caches') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('region-read', 'View region configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('region-write', 'Create, edit or delete region configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('role-read', 'View role configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('role-write', 'Create, edit or delete role configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('security-keys-read', 'View security keys') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('security-keys-write', 'Create, edit or delete security keys') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('server-pull-updates-read', 'Read server update indication') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('server-pull-updates-write', 'Write server update indication') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('server-read', 'View server configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('server-write', 'Create, edit or delete server configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('static-dns-read', 'View static DNS configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('static-dns-write', 'Create, edit or delete static DNS configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('status-read', 'View the list of defined statuses') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('to-extension-read', 'View Traffic Ops extensions') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('to-extension-write', 'Create, edit or delete Traffic Ops extensions') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('type-read', 'View types configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('type-write', 'Create, edit or delete type configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('user-read', 'View user configuration') ON CONFLICT DO NOTHING;
-insert into capability (name, description) values ('user-write', 'Create, edit or delete user configuration') ON CONFLICT DO NOTHING;
+insert into capability (name, description) values ('all-read', 'Full read access') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('all-write', 'Full write access') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('asn-read', 'View ASN configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('asn-write', 'Create, edit or delete ASN configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('basic-read', 'Basic read operations. Every user should have this capability') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('basic-write', 'Basic write operations. Every user should have this capability') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cache-config-files-read', 'View the generated cache configuration files') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cache-group-read', 'View cache-group configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cache-group-write', 'Create, edit or delete cache-group configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cache-stats-read', 'View Cache statistics read access') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-config-snapshot-read', 'View config snapshot at CDN level') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-config-snapshot-write', 'Config snapshot write access at CDN level') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-health-read', 'View CDN health') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-read', 'View CDN configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-write', 'Create, edit or delete CDN configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-security-keys-read', 'View CDN DNSSEC keys') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-security-keys-write', 'Create, edit or delete CDN DNSSEC keys') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-stats-read', 'View CDN statistics') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('cdn-stats-write', 'Create, edit or delete CDN statistics') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('change-log-read', 'View change-log') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('change-log-write', 'Create change-log entries') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('division-read', 'View division configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('division-write', 'Create, edit or delete division configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-cache-read', 'View delivery-service cache assignment') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-cache-read', 'Create, edit or delete delivery-service cache assignment') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-health-read', 'View delivery-service health') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-read', 'View delivery-service configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-write', 'Create, edit or delete delivery-service configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-security-keys-read', 'View delivery-service security keys') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-security-keys-write', 'Create, edit or delete delivery-service security keys') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-stats-read', 'View delivery-service statistics') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-steering-read', 'View delivery-service steering configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('ds-steering-write', 'Create, edit or delete delivery-service steering configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('federation-routing-read', 'View federation routing') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('federation-routing-write', 'Create, edit or delete federation routing') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('job-read', 'View jobs') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('job-write', 'Create, edit or delete jobs') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('params-read', 'View parameters') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('params-write', 'Create, edit or delete parameters') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('phys-location-read', 'View physical location configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('phys-location-write', 'Create, edit or delete physical location configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('profile-read', 'View profiles') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('profile-write', 'Create, edit or delete profiles') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('queue-updates-write', 'Queue updates to caches') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('region-read', 'View region configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('region-write', 'Create, edit or delete region configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('role-read', 'View role configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('role-write', 'Create, edit or delete role configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('security-keys-read', 'View security keys') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('security-keys-write', 'Create, edit or delete security keys') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('server-pull-updates-read', 'Read server update indication') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('server-pull-updates-write', 'Write server update indication') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('server-read', 'View server configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('server-write', 'Create, edit or delete server configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('static-dns-read', 'View static DNS configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('static-dns-write', 'Create, edit or delete static DNS configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('status-read', 'View the list of defined statuses') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('to-extension-read', 'View Traffic Ops extensions') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('to-extension-write', 'Create, edit or delete Traffic Ops extensions') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('type-read', 'View types configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('type-write', 'Create, edit or delete type configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('user-read', 'View user configuration') ON CONFLICT (name) DO NOTHING;
+insert into capability (name, description) values ('user-write', 'Create, edit or delete user configuration') ON CONFLICT (name) DO NOTHING;
-- roles_capabilities
-insert into role_capability (role_id, cap_name) values (10, 'all-read') ON CONFLICT DO NOTHING;
-insert into role_capability (role_id, cap_name) values (10, 'all-write') ON CONFLICT DO NOTHING;
+insert into role_capability (role_id, cap_name) values ((select id from role where name='root'), 'all-read') ON CONFLICT (role_id, cap_name) DO NOTHING;
+insert into role_capability (role_id, cap_name) values ((select id from role where name='root'), 'all-write') ON CONFLICT (role_id, cap_name) DO NOTHING;
-- api_capabilities
-insert into api_capability (http_method, route, capability) values ('GET', '/', 'all-read') ON CONFLICT DO NOTHING;
-insert into api_capability (http_method, route, capability) values ('POST', '/', 'all-write') ON CONFLICT DO NOTHING;
-insert into api_capability (http_method, route, capability) values ('PUT', '/', 'all-write') ON CONFLICT DO NOTHING;
-insert into api_capability (http_method, route, capability) values ('PATCH', '/', 'all-write') ON CONFLICT DO NOTHING;
-insert into api_capability (http_method, route, capability) values ('DELETE', '/', 'all-write') ON CONFLICT DO NOTHING;
-
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/asns', 'asn-read') ON CONFLICT DO NOTHING; -- 4
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/asns/*', 'asn-read') ON CONFLICT DO NOTHING; -- 5
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/asns', 'asn-write') ON CONFLICT DO NOTHING; -- 6
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/asns/*', 'asn-write') ON CONFLICT DO NOTHING; -- 7
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/asns/*', 'asn-write') ON CONFLICT DO NOTHING; -- 8
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cache_stats', 'cache-stats-read') ON CONFLICT DO NOTHING; -- 11
-insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/daily_summary', 'cache-stats-read') ON CONFLICT DO NOTHING; -- 12
-insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/current_stats', 'cache-stats-read') ON CONFLICT DO NOTHING; -- 13
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups', 'cache-group-read') ON CONFLICT DO NOTHING; -- 16
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/list', 'cache-group-read') ON CONFLICT DO NOTHING; -- 17
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/trimmed', 'cache-group-read') ON CONFLICT DO NOTHING; -- 18
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/*', 'cache-group-read') ON CONFLICT DO NOTHING; -- 19
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups', 'cache-group-write') ON CONFLICT DO NOTHING; -- 20
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups/create', 'cache-group-write') ON CONFLICT DO NOTHING; -- 21
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cachegroups/*', 'cache-group-write') ON CONFLICT DO NOTHING; -- 22
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cachegroups/*/update', 'cache-group-write') ON CONFLICT DO NOTHING; -- 23
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/cachegroups/*', 'cache-group-write') ON CONFLICT DO NOTHING; -- 24
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/cachegroups/*/delete', 'cache-group-write') ON CONFLICT DO NOTHING; -- 25
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups/*/queue_update', 'queue-updates-write') ON CONFLICT DO NOTHING; -- 26
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups/*/queue_update', 'queue-updates-write') ON CONFLICT DO NOTHING; -- 27
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/*/parameters', 'params-read') ON CONFLICT DO NOTHING; -- 28
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns', 'cdn-read') ON CONFLICT DO NOTHING; -- 31
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*', 'cdn-read') ON CONFLICT DO NOTHING; -- 32
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*', 'cdn-read') ON CONFLICT DO NOTHING; -- 33
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns', 'cdn-write') ON CONFLICT DO NOTHING; -- 34
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cdns/*', 'cdn-write') ON CONFLICT DO NOTHING; -- 35
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/cdns/*', 'cdn-write') ON CONFLICT DO NOTHING; -- 36
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns/*/queue_update', 'queue-updates-write') ON CONFLICT DO NOTHING; -- 37
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns/*/queue_update', 'queue-updates-write') ON CONFLICT DO NOTHING; -- 38
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cdns/*/snapshot', 'cdn-config-snapshot-write') ON CONFLICT DO NOTHING; -- 40
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/snapshot/*', 'cdn-config-snapshot-write') ON CONFLICT DO NOTHING; -- 41
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/snapshot/*', 'cdn-config-snapshot-write') ON CONFLICT DO NOTHING; -- 42
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/configs', 'cdn-read') ON CONFLICT DO NOTHING; -- 44
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*/configs/routing', 'cdn-read') ON CONFLICT DO NOTHING; -- 45
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*/configs/monitoring', 'cdn-read') ON CONFLICT DO NOTHING; -- 46
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/domains', 'cdn-read') ON CONFLICT DO NOTHING; -- 47
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/health', 'cdn-health-read') ON CONFLICT DO NOTHING; -- 48
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*/health', 'cdn-health-read') ON CONFLICT DO NOTHING; -- 49
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/capacity', 'cdn-health-read') ON CONFLICT DO NOTHING; -- 50
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/routing', 'cdn-read') ON CONFLICT DO NOTHING; -- 51
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*/sslkeys', 'cdn-security-keys-read') ON CONFLICT DO NOTHING; -- 52
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/usage/overview', 'cdn-stats-read') ON CONFLICT DO NOTHING; -- 54
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/logs', 'change-log-read') ON CONFLICT DO NOTHING; -- 57
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/logs/*/days', 'change-log-read') ON CONFLICT DO NOTHING; -- 58
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/logs/newcount', 'change-log-read') ON CONFLICT DO NOTHING; -- 60
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices', 'ds-read') ON CONFLICT DO NOTHING; -- 69
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/list', 'ds-read') ON CONFLICT DO NOTHING; -- 70
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*', 'ds-read') ON CONFLICT DO NOTHING; -- 71
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/get', 'ds-read') ON CONFLICT DO NOTHING; -- 72
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices', 'ds-write') ON CONFLICT DO NOTHING; -- 73
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/*/deliveryservices/create', 'ds-write') ON CONFLICT DO NOTHING; -- 74
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/deliveryservices/*', 'ds-write') ON CONFLICT DO NOTHING; -- 75
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/*/deliveryservices/*/update', 'ds-write') ON CONFLICT DO NOTHING; -- 76
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/deliveryservices/*', 'ds-write') ON CONFLICT DO NOTHING; -- 77
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/health', 'ds-health-read') ON CONFLICT DO NOTHING; -- 78
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/capacity', 'ds-health-read') ON CONFLICT DO NOTHING; -- 79
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/routing', 'ds-read') ON CONFLICT DO NOTHING; -- 80
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/state', 'ds-read') ON CONFLICT DO NOTHING; -- 81
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservice_stats', 'ds-stats-read') ON CONFLICT DO NOTHING; -- 82
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/request', 'ds-read') ON CONFLICT DO NOTHING; -- 83
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/xmlId/*/sslkeys', 'ds-security-keys-read') ON CONFLICT DO NOTHING; -- 84
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/hostname/#hostname/sslkeys', 'ds-security-keys-read') ON CONFLICT DO NOTHING; -- 85
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/sslkeys/generate', 'ds-security-keys-write') ON CONFLICT DO NOTHING; -- 86
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/sslkeys/add', 'ds-security-keys-write') ON CONFLICT DO NOTHING; -- 87
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/xmlId/*/sslkeys/delete', 'ds-security-keys-write') ON CONFLICT DO NOTHING; -- 88
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/xmlId/*/urlkeys', 'ds-security-keys-read') ON CONFLICT DO NOTHING; -- 89
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/xmlId/*/urlkeys/generate', 'ds-security-keys-write') ON CONFLICT DO NOTHING; -- 90
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/regexes', 'ds-read') ON CONFLICT DO NOTHING; -- 91
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservice_matches', 'ds-read') ON CONFLICT DO NOTHING; -- 92
-insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/steering', 'ds-steering-read') ON CONFLICT DO NOTHING; -- 96
-insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/steering/*', 'ds-steering-read') ON CONFLICT DO NOTHING; -- 97
-insert into api_capability (http_method, route, capability) values ('POST', '/internal/api/*/steering', 'ds-steering-write') ON CONFLICT DO NOTHING; -- 98
-insert into api_capability (http_method, route, capability) values ('PUT', '/internal/api/*/steering/*', 'ds-steering-write') ON CONFLICT DO NOTHING; -- 99
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryserviceserver', 'ds-cache-read') ON CONFLICT DO NOTHING; -- 103
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/*/servers', 'ds-cache-write') ON CONFLICT DO NOTHING; -- 106
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices_regexes', 'ds-read') ON CONFLICT DO NOTHING; -- 109
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/regexes', 'ds-read') ON CONFLICT DO NOTHING; -- 110
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/regexes/*', 'ds-read') ON CONFLICT DO NOTHING; -- 111
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/*/regexes', 'ds-write') ON CONFLICT DO NOTHING; -- 112
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/deliveryservices/*/regexes/*', 'ds-write') ON CONFLICT DO NOTHING; -- 113
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/deliveryservices/*/regexes/*', 'ds-write') ON CONFLICT DO NOTHING; -- 114
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/divisions', 'division-read') ON CONFLICT DO NOTHING; -- 120
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/divisions/*', 'division-read') ON CONFLICT DO NOTHING; -- 121
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/divisions', 'division-write') ON CONFLICT DO NOTHING; -- 122
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/divisions/*', 'division-write') ON CONFLICT DO NOTHING; -- 123
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/divisions/*', 'division-write') ON CONFLICT DO NOTHING; -- 124
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*/dnsseckeys', 'cdn-security-keys-read') ON CONFLICT DO NOTHING; -- 127
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns/dnsseckeys/generate', 'cdn-security-keys-write') ON CONFLICT DO NOTHING; -- 128
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*/dnsseckeys/delete', 'cdn-security-keys-write') ON CONFLICT DO NOTHING; -- 129
-insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/cdns/dnsseckeys/refresh', 'cdn-security-keys-read') ON CONFLICT DO NOTHING; -- 130
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/to_extensions', 'to-extension-read') ON CONFLICT DO NOTHING; -- 134
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/to_extensions', 'to-extension-write') ON CONFLICT DO NOTHING; -- 135
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/to_extensions/*/delete', 'to-extension-write') ON CONFLICT DO NOTHING; -- 136
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/federations', 'federation-routing-read') ON CONFLICT DO NOTHING; -- 139
-insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/federations', 'federation-routing-read') ON CONFLICT DO NOTHING; -- 140
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/federations', 'federation-routing-write') ON CONFLICT DO NOTHING; -- 141
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/federations', 'federation-routing-write') ON CONFLICT DO NOTHING; -- 142
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/federations', 'federation-routing-write') ON CONFLICT DO NOTHING; -- 143
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/hwinfo', 'all-read') ON CONFLICT DO NOTHING; -- 148
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/parameters', 'params-read') ON CONFLICT DO NOTHING; -- 164
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/parameters/*', 'params-read') ON CONFLICT DO NOTHING; -- 168
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/parameters', 'params-write') ON CONFLICT DO NOTHING; -- 169
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/parameters/*', 'params-write') ON CONFLICT DO NOTHING; -- 170
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/parameters/*', 'params-write') ON CONFLICT DO NOTHING; -- 171
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/parameters/*/validate', 'params-write') ON CONFLICT DO NOTHING; -- 172
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/*/parameters', 'params-read') ON CONFLICT DO NOTHING; -- 173
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/name/*/parameters', 'params-read') ON CONFLICT DO NOTHING; -- 174a
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/parameters/profile', 'params-read') ON CONFLICT DO NOTHING; -- 174b
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles/name/*/parameters', 'params-write') ON CONFLICT DO NOTHING; -- 175
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles/*/parameters', 'params-write') ON CONFLICT DO NOTHING; -- 176
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profileparameters', 'params-read') ON CONFLICT DO NOTHING; -- 181
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profileparameters', 'params-write') ON CONFLICT DO NOTHING; -- 182
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/profileparameters/*/*', 'params-write') ON CONFLICT DO NOTHING; -- 183
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroupparameters', 'params-read') ON CONFLICT DO NOTHING; -- 186
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/phys_locations', 'phys-location-read') ON CONFLICT DO NOTHING; -- 191
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/phys_locations/trimmed', 'phys-location-read') ON CONFLICT DO NOTHING; -- 192
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/phys_locations/*', 'phys-location-read') ON CONFLICT DO NOTHING; -- 193
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/phys_locations', 'phys-location-write') ON CONFLICT DO NOTHING; -- 194
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/regions/*/phys_locations', 'phys-location-write') ON CONFLICT DO NOTHING; -- 195
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/phys_locations/*', 'phys-location-write') ON CONFLICT DO NOTHING; -- 196
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/phys_locations/*', 'phys-location-write') ON CONFLICT DO NOTHING; -- 197
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles', 'profile-read') ON CONFLICT DO NOTHING; -- 200
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/trimmed', 'profile-read') ON CONFLICT DO NOTHING; -- 201
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/*', 'profile-read') ON CONFLICT DO NOTHING; -- 202
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles', 'profile-write') ON CONFLICT DO NOTHING; -- 203
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/profiles/*', 'profile-write') ON CONFLICT DO NOTHING; -- 204
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/profiles/*', 'profile-write') ON CONFLICT DO NOTHING; -- 205
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles/name/*/copy/*', 'profile-write') ON CONFLICT DO NOTHING; -- 206
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/regions', 'region-read') ON CONFLICT DO NOTHING; -- 213
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/regions/*', 'region-read') ON CONFLICT DO NOTHING; -- 214
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/regions', 'region-write') ON CONFLICT DO NOTHING; -- 215
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/divisions/*/regions', 'region-write') ON CONFLICT DO NOTHING; -- 216
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/regions/*', 'region-write') ON CONFLICT DO NOTHING; -- 217
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/regions/*', 'region-write') ON CONFLICT DO NOTHING; -- 218
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/riak/ping', 'cdn-security-keys-write') ON CONFLICT DO NOTHING; -- 221
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/keys/ping', 'security-keys-write') ON CONFLICT DO NOTHING; -- 222
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/riak/bucket/#bucket/key/#key/values', 'security-keys-read') ON CONFLICT DO NOTHING; -- 223
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/riak/stats', 'security-keys-read') ON CONFLICT DO NOTHING; -- 224
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/roles', 'role-read') ON CONFLICT DO NOTHING; -- 227
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers', 'server-read') ON CONFLICT DO NOTHING; -- 230
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?dsId=*', 'server-read') ON CONFLICT DO NOTHING; -- 231
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?type=*', 'server-read') ON CONFLICT DO NOTHING; -- 232
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?status=*', 'server-read') ON CONFLICT DO NOTHING; -- 233
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?profileId=*', 'server-read') ON CONFLICT DO NOTHING; -- 234
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/*', 'server-read') ON CONFLICT DO NOTHING; -- 235
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servers', 'server-write') ON CONFLICT DO NOTHING; -- 237
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/servers/*', 'server-write') ON CONFLICT DO NOTHING; -- 238
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/servers/*', 'server-write') ON CONFLICT DO NOTHING; -- 239
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/details', 'server-read') ON CONFLICT DO NOTHING; -- 247
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/totals', 'server-read') ON CONFLICT DO NOTHING; -- 249
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/checks', 'server-read') ON CONFLICT DO NOTHING; -- 250a
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servercheck/aadata', 'server-read') ON CONFLICT DO NOTHING; -- 250b
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servercheck', 'server-write') ON CONFLICT DO NOTHING; -- 251
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servers/*/queue_update', 'queue-updates-write') ON CONFLICT DO NOTHING; -- 252
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servers/*/queue_update', 'queue-updates-write') ON CONFLICT DO NOTHING; -- 253
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/*/stats_summary', 'cdn-stats-read') ON CONFLICT DO NOTHING; -- 258
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/*/stats_summary?lastSummaryDate=true', 'cdn-stats-read') ON CONFLICT DO NOTHING; -- 259
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/*/stats_summary/create', 'cdn-stats-write') ON CONFLICT DO NOTHING; -- 260
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/statuses', 'status-read') ON CONFLICT DO NOTHING; -- 263
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/statuses/*', 'status-read') ON CONFLICT DO NOTHING; -- 264
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/staticdnsentries', 'static-dns-read') ON CONFLICT DO NOTHING; -- 270
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/system/info', 'basic-read') ON CONFLICT DO NOTHING; -- 275
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/types', 'type-read') ON CONFLICT DO NOTHING; -- 278
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/types/trimmed', 'type-read') ON CONFLICT DO NOTHING; -- 279
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/types/*', 'type-read') ON CONFLICT DO NOTHING; -- 280
-insert into api_capability (http_method, route, capability) values ('POST', '/api/*/types', 'type-write') ON CONFLICT DO NOTHING; -- 281
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/types/*', 'type-write') ON CONFLICT DO NOTHING; -- 282
-insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/types/*', 'type-write') ON CONFLICT DO NOTHING; -- 283
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/users', 'user-read') ON CONFLICT DO NOTHING; -- 289
-insert into api_capability (http_method, route, capability) values ('GET', '/api/*/users/*', 'user-read') ON CONFLICT DO NOTHING; -- 290
-insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/users/*', 'user-write') ON CONFLICT DO NOTHING; -- 292
+insert into api_capability (http_method, route, capability) values ('GET', '/', 'all-read') ON CONFLICT (http_method, route, capability) DO NOTHING;
+insert into api_capability (http_method, route, capability) values ('POST', '/', 'all-write') ON CONFLICT (http_method, route, capability) DO NOTHING;
+insert into api_capability (http_method, route, capability) values ('PUT', '/', 'all-write') ON CONFLICT (http_method, route, capability) DO NOTHING;
+insert into api_capability (http_method, route, capability) values ('PATCH', '/', 'all-write') ON CONFLICT (http_method, route, capability) DO NOTHING;
+insert into api_capability (http_method, route, capability) values ('DELETE', '/', 'all-write') ON CONFLICT (http_method, route, capability) DO NOTHING;
+
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/asns', 'asn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 4
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/asns/*', 'asn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 5
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/asns', 'asn-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 6
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/asns/*', 'asn-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 7
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/asns/*', 'asn-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 8
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cache_stats', 'cache-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 11
+insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/daily_summary', 'cache-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 12
+insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/current_stats', 'cache-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 13
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups', 'cache-group-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 16
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/list', 'cache-group-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 17
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/trimmed', 'cache-group-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 18
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/*', 'cache-group-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 19
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups', 'cache-group-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 20
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups/create', 'cache-group-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 21
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cachegroups/*', 'cache-group-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 22
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cachegroups/*/update', 'cache-group-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 23
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/cachegroups/*', 'cache-group-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 24
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/cachegroups/*/delete', 'cache-group-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 25
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups/*/queue_update', 'queue-updates-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 26
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cachegroups/*/queue_update', 'queue-updates-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 27
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroups/*/parameters', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 28
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 31
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 32
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 33
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns', 'cdn-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 34
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cdns/*', 'cdn-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 35
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/cdns/*', 'cdn-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 36
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns/*/queue_update', 'queue-updates-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 37
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns/*/queue_update', 'queue-updates-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 38
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/cdns/*/snapshot', 'cdn-config-snapshot-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 40
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/snapshot/*', 'cdn-config-snapshot-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 41
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/snapshot/*', 'cdn-config-snapshot-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 42
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/configs', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 44
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*/configs/routing', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 45
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*/configs/monitoring', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 46
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/domains', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 47
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/health', 'cdn-health-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 48
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/*/health', 'cdn-health-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 49
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/capacity', 'cdn-health-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 50
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/routing', 'cdn-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 51
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*/sslkeys', 'cdn-security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 52
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/usage/overview', 'cdn-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 54
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/logs', 'change-log-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 57
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/logs/*/days', 'change-log-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 58
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/logs/newcount', 'change-log-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 60
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 69
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/list', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 70
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 71
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/get', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 72
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 73
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/*/deliveryservices/create', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 74
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/deliveryservices/*', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 75
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/*/deliveryservices/*/update', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 76
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/deliveryservices/*', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 77
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/health', 'ds-health-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 78
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/capacity', 'ds-health-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 79
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/routing', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 80
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/state', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 81
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservice_stats', 'ds-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 82
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/request', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 83
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/xmlId/*/sslkeys', 'ds-security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 84
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/hostname/*/sslkeys', 'ds-security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 85
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/sslkeys/generate', 'ds-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 86
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/sslkeys/add', 'ds-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 87
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/xmlId/*/sslkeys/delete', 'ds-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 88
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/xmlId/*/urlkeys', 'ds-security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 89
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/xmlId/*/urlkeys/generate', 'ds-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 90
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/regexes', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 91
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservice_matches', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 92
+insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/steering', 'ds-steering-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 96
+insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/steering/*', 'ds-steering-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 97
+insert into api_capability (http_method, route, capability) values ('POST', '/internal/api/*/steering', 'ds-steering-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 98
+insert into api_capability (http_method, route, capability) values ('PUT', '/internal/api/*/steering/*', 'ds-steering-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 99
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryserviceserver', 'ds-cache-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 103
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/*/servers', 'ds-cache-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 106
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices_regexes', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 109
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/regexes', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 110
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/deliveryservices/*/regexes/*', 'ds-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 111
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/deliveryservices/*/regexes', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 112
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/deliveryservices/*/regexes/*', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 113
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/deliveryservices/*/regexes/*', 'ds-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 114
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/divisions', 'division-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 120
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/divisions/*', 'division-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 121
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/divisions', 'division-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 122
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/divisions/*', 'division-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 123
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/divisions/*', 'division-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 124
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*/dnsseckeys', 'cdn-security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 127
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/cdns/dnsseckeys/generate', 'cdn-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 128
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cdns/name/*/dnsseckeys/delete', 'cdn-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 129
+insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/cdns/dnsseckeys/refresh', 'cdn-security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 130
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/to_extensions', 'to-extension-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 134
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/to_extensions', 'to-extension-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 135
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/to_extensions/*/delete', 'to-extension-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 136
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/federations', 'federation-routing-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 139
+insert into api_capability (http_method, route, capability) values ('GET', '/internal/api/*/federations', 'federation-routing-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 140
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/federations', 'federation-routing-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 141
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/federations', 'federation-routing-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 142
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/federations', 'federation-routing-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 143
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/hwinfo', 'all-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 148
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/parameters', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 164
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/parameters/*', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 168
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/parameters', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 169
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/parameters/*', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 170
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/parameters/*', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 171
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/parameters/*/validate', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 172
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/*/parameters', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 173
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/name/*/parameters', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 174a
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/parameters/profile', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 174b
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles/name/*/parameters', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 175
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles/*/parameters', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 176
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profileparameters', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 181
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profileparameters', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 182
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/profileparameters/*/*', 'params-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 183
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/cachegroupparameters', 'params-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 186
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/phys_locations', 'phys-location-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 191
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/phys_locations/trimmed', 'phys-location-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 192
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/phys_locations/*', 'phys-location-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 193
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/phys_locations', 'phys-location-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 194
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/regions/*/phys_locations', 'phys-location-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 195
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/phys_locations/*', 'phys-location-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 196
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/phys_locations/*', 'phys-location-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 197
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles', 'profile-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 200
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/trimmed', 'profile-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 201
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/profiles/*', 'profile-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 202
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles', 'profile-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 203
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/profiles/*', 'profile-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 204
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/profiles/*', 'profile-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 205
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/profiles/name/*/copy/*', 'profile-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 206
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/regions', 'region-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 213
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/regions/*', 'region-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 214
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/regions', 'region-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 215
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/divisions/*/regions', 'region-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 216
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/regions/*', 'region-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 217
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/regions/*', 'region-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 218
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/riak/ping', 'cdn-security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 221
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/keys/ping', 'security-keys-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 222
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/riak/bucket/#bucket/key/#key/values', 'security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 223
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/riak/stats', 'security-keys-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 224
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/roles', 'role-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 227
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 230
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?dsId=*', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 231
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?type=*', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 232
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?status=*', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 233
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers?profileId=*', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 234
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/*', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 235
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servers', 'server-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 237
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/servers/*', 'server-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 238
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/servers/*', 'server-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 239
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/details', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 247
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/totals', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 249
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servers/checks', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 250a
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/servercheck/aadata', 'server-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 250b
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servercheck', 'server-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 251
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servers/*/queue_update', 'queue-updates-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 252
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/servers/*/queue_update', 'queue-updates-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 253
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/*/stats_summary', 'cdn-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 258
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/*/stats_summary?lastSummaryDate=true', 'cdn-stats-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 259
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/*/stats_summary/create', 'cdn-stats-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 260
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/statuses', 'status-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 263
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/statuses/*', 'status-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 264
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/staticdnsentries', 'static-dns-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 270
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/system/info', 'basic-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 275
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/types', 'type-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 278
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/types/trimmed', 'type-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 279
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/types/*', 'type-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 280
+insert into api_capability (http_method, route, capability) values ('POST', '/api/*/types', 'type-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 281
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/types/*', 'type-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 282
+insert into api_capability (http_method, route, capability) values ('DELETE', '/api/*/types/*', 'type-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 283
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/users', 'user-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 289
+insert into api_capability (http_method, route, capability) values ('GET', '/api/*/users/*', 'user-read') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 290
+insert into api_capability (http_method, route, capability) values ('PUT', '/api/*/users/*', 'user-write') ON CONFLICT (http_method, route, capability) DO NOTHING; -- 292
-- types
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/b7eb8db4/traffic_ops/app/lib/API/ApiCapability.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/API/ApiCapability.pm b/traffic_ops/app/lib/API/ApiCapability.pm
index 2e2ca73..2ee71ab 100644
--- a/traffic_ops/app/lib/API/ApiCapability.pm
+++ b/traffic_ops/app/lib/API/ApiCapability.pm
@@ -27,13 +27,19 @@ my $finfo = __FILE__ . ":";
my %valid_http_methods = map { $_ => 1 } ('GET', 'POST', 'PUT', 'PATCH', 'DELETE');
-sub all {
- my $self = shift;
+sub index {
+ my $self = shift;
+ my $capability = $self->param('capability');
+
+ my %criteria;
+ if ( defined $capability ) {
+ $criteria{'me.capability'} = $capability;
+ }
my @data;
my $orderby = "capability";
$orderby = $self->param('orderby') if ( defined $self->param('orderby') );
- my $rs_data = $self->db->resultset("ApiCapability")->search( undef, { order_by => $orderby } );
+ my $rs_data = $self->db->resultset("ApiCapability")->search( \%criteria, { prefetch => ['capability'], order_by => $orderby } );
while ( my $row = $rs_data->next ) {
push(
@data, {
@@ -68,15 +74,7 @@ sub renderResults {
$self->success( \@data );
}
-sub capName {
- my $self = shift;
- my $capability = $self->param('name');
-
- my $rs_data = $self->db->resultset("ApiCapability")->search( 'me.capability' => $capability );
- $self->renderResults( $rs_data ) ;
-}
-
-sub index {
+sub show {
my $self = shift;
my $id = $self->param('id');
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/b7eb8db4/traffic_ops/app/lib/API/Capability.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/API/Capability.pm b/traffic_ops/app/lib/API/Capability.pm
index 695434b..6a3212a 100644
--- a/traffic_ops/app/lib/API/Capability.pm
+++ b/traffic_ops/app/lib/API/Capability.pm
@@ -23,7 +23,7 @@ use Data::Dumper;
my $finfo = __FILE__ . ":";
-sub all {
+sub index {
my $self = shift;
my @data;
my $orderby = "name";
@@ -33,9 +33,9 @@ sub all {
while ( my $row = $rs_data->next ) {
push(
@data, {
- "name" => $row->name,
- "description" => $row->description,
- "lastUpdated" => $row->last_updated
+ "name" => $row->name,
+ "description" => $row->description,
+ "lastUpdated" => $row->last_updated
}
);
}
@@ -46,14 +46,14 @@ sub name {
my $self = shift;
my $name = $self->param('name');
- my $rs_data = $self->db->resultset("Capability")->search( 'me.name' => $name );
+ my $rs_data = $self->db->resultset("Capability")->search( 'me.name' => $name );
my @data = ();
while ( my $row = $rs_data->next ) {
push(
@data, {
- "name" => $row->name,
- "description" => $row->description,
- "lastUpdated" => $row->last_updated
+ "name" => $row->name,
+ "description" => $row->description,
+ "lastUpdated" => $row->last_updated
}
);
}
@@ -61,7 +61,7 @@ sub name {
}
sub create {
- my $self = shift;
+ my $self = shift;
my $params = $self->req->json;
if ( !&is_oper($self) ) {
@@ -72,47 +72,47 @@ sub create {
return $self->alert("Parameters must be in JSON format.");
}
- my $name = $params->{name} if defined($params->{name});
- my $description = $params->{description} if defined($params->{description});
+ my $name = $params->{name} if defined( $params->{name} );
+ my $description = $params->{description} if defined( $params->{description} );
if ( !defined($name) or $name eq "" ) {
- return $self->alert( "Name is required." );
+ return $self->alert("Name is required.");
}
if ( !defined($description) or $description eq "" ) {
- return $self->alert( "Description is required." );
+ return $self->alert("Description is required.");
}
# check if capability exists
my $rs_data = $self->db->resultset("Capability")->search( { 'name' => { 'like', $name } } )->single();
- if (defined($rs_data)) {
- return $self->alert( "Capability '$name' already exists." );
+ if ( defined($rs_data) ) {
+ return $self->alert("Capability '$name' already exists.");
}
my $values = {
- name => $name,
- description => $description
+ name => $name,
+ description => $description
};
my $insert = $self->db->resultset('Capability')->create($values);
- my $rs = $insert->insert();
+ my $rs = $insert->insert();
if ($rs) {
my $response;
- $response->{name} = $rs->name;
- $response->{description} = $rs->description;
+ $response->{name} = $rs->name;
+ $response->{description} = $rs->description;
&log( $self, "Created Capability: '$response->{name}', '$response->{description}'", "APICHANGE" );
return $self->success( $response, "Capability was created." );
}
else {
- return $self->alert( "Capability creation failed." );
+ return $self->alert("Capability creation failed.");
}
}
sub update {
- my $self = shift;
- my $name = $self->param('name');
+ my $self = shift;
+ my $name = $self->param('name');
my $params = $self->req->json;
if ( !&is_oper($self) ) {
@@ -123,7 +123,7 @@ sub update {
return $self->alert("Parameters must be in JSON format.");
}
- my $description = $params->{description} if defined($params->{description});
+ my $description = $params->{description} if defined( $params->{description} );
my $capability = $self->db->resultset('Capability')->find( { name => $name } );
if ( !defined($capability) or $capability eq "" ) {
@@ -131,26 +131,24 @@ sub update {
}
if ( !defined($description) or $description eq "" ) {
- return $self->alert( "Description is required." );
+ return $self->alert("Description is required.");
}
- my $values = {
- description => $description
- };
+ my $values = { description => $description };
my $rs = $capability->update($values);
if ($rs) {
my $response;
- $response->{name} = $rs->name;
- $response->{description} = $rs->description;
- $response->{lastUpdated} = $rs->last_updated;
+ $response->{name} = $rs->name;
+ $response->{description} = $rs->description;
+ $response->{lastUpdated} = $rs->last_updated;
&log( $self, "Updated Capability: '$response->{name}', '$response->{description}'", "APICHANGE" );
return $self->success( $response, "Capability was updated." );
}
else {
- return $self->alert( "Capability update failed." );
+ return $self->alert("Capability update failed.");
}
}
@@ -168,17 +166,18 @@ sub delete {
}
# make sure no api_capability refers to this capability
- my $rs_data = $self->db->resultset("ApiCapability")->find( {'me.capability' => $name} );
- if (defined($rs_data)) {
+ my $rs_data = $self->db->resultset("ApiCapability")->find( { 'me.capability' => $name } );
+ if ( defined($rs_data) ) {
my $reference_id = $rs_data->id;
- return $self->alert( "Capability \'$name\' is refered by an api_capability mapping: $reference_id. Deletion failed." );
+ return $self->alert("Capability \'$name\' is refered by an api_capability mapping: $reference_id. Deletion failed.");
}
my $rs = $capability->delete();
if ($rs) {
return $self->success_message("Capability deleted.");
- } else {
- return $self->alert( "Capability deletion failed." );
+ }
+ else {
+ return $self->alert("Capability deletion failed.");
}
}
http://git-wip-us.apache.org/repos/asf/incubator-trafficcontrol/blob/b7eb8db4/traffic_ops/app/lib/TrafficOpsRoutes.pm
----------------------------------------------------------------------
diff --git a/traffic_ops/app/lib/TrafficOpsRoutes.pm b/traffic_ops/app/lib/TrafficOpsRoutes.pm
index e808b29..034edd9 100644
--- a/traffic_ops/app/lib/TrafficOpsRoutes.pm
+++ b/traffic_ops/app/lib/TrafficOpsRoutes.pm
@@ -683,7 +683,7 @@ sub api_routes {
# -- CAPABILITIES
# Supports ?orderby=key
- $r->get("/api/$version/capabilities")->over( authenticated => 1 )->to( 'Capability#all', namespace => $namespace );
+ $r->get("/api/$version/capabilities")->over( authenticated => 1 )->to( 'Capability#index', namespace => $namespace );
$r->get("/api/$version/capabilities/:name")->over( authenticated => 1 )->to( 'Capability#name', namespace => $namespace );
$r->put("/api/$version/capabilities/:name")->over( authenticated => 1 )->to( 'Capability#update', namespace => $namespace );
$r->post("/api/$version/capabilities")->over( authenticated => 1 )->to( 'Capability#create', namespace => $namespace );
@@ -691,9 +691,8 @@ sub api_routes {
# -- API-CAPABILITIES
# Supports ?orderby=key
- $r->get("/api/$version/api_capabilities")->over( authenticated => 1 )->to( 'ApiCapability#all', namespace => $namespace );
- $r->get("/api/$version/api_capabilities/:id")->over( authenticated => 1 )->to( 'ApiCapability#index', namespace => $namespace );
- $r->get("/api/$version/api_capabilities/capability/:name")->over( authenticated => 1 )->to( 'ApiCapability#capName', namespace => $namespace );
+ $r->get("/api/$version/api_capabilities")->over( authenticated => 1 )->to( 'ApiCapability#index', namespace => $namespace );
+ $r->get("/api/$version/api_capabilities/:id")->over( authenticated => 1 )->to( 'ApiCapability#show', namespace => $namespace );
$r->put("/api/$version/api_capabilities/:id")->over( authenticated => 1 )->to( 'ApiCapability#update', namespace => $namespace );
$r->post("/api/$version/api_capabilities")->over( authenticated => 1 )->to( 'ApiCapability#create', namespace => $namespace );
$r->delete("/api/$version/api_capabilities/:id")->over( authenticated => 1 )->to( 'ApiCapability#delete', namespace => $namespace );