From b4825892a61c9185a9d432c48bfe3c9f5f77ae05 Mon Sep 17 00:00:00 2001
From: Richard Millet <remillet@berkeley.edu>
Date: Thu, 23 Aug 2012 00:49:32 -0700
Subject: [PATCH] CSPACE-2844: Adding immutable flag to admin and reader roles
 when they are created the first time at startup/initialization time.

---
 .../services/authorization/importer/AuthorizationGen.java     | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java
index d21bebf39..351a4d6fa 100644
--- a/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java
+++ b/services/authorization-mgt/import/src/main/java/org/collectionspace/services/authorization/importer/AuthorizationGen.java
@@ -226,7 +226,7 @@ public class AuthorizationGen {
         if (result == null) {
     		// the role doesn't exist already, so we need to create it
     		String description = "Generated tenant " + type + " role.";
-	        result = AuthorizationCommon.createRole(tenantId, AuthorizationCommon.ROLE_TENANT_ADMINISTRATOR, description);
+	        result = AuthorizationCommon.createRole(tenantId, AuthorizationCommon.ROLE_TENANT_ADMINISTRATOR, description, true /*immutable*/);
         }
         
         return result;
@@ -239,7 +239,7 @@ public class AuthorizationGen {
         if (result == null) {
     		// the role doesn't exist already, so we need to create it
     		String description = "Generated tenant " + type + " role.";
-	        result = AuthorizationCommon.createRole(tenantId, AuthorizationCommon.ROLE_TENANT_READER, description);
+	        result = AuthorizationCommon.createRole(tenantId, AuthorizationCommon.ROLE_TENANT_READER, description, true /*immutable*/);
         }
         
         return result;
-- 
2.47.3