diff --git a/access.db b/access.db
new file mode 100644
index 0000000000000000000000000000000000000000..7830a9bad0f09bb393476192f973c5f2531bb526
Binary files /dev/null and b/access.db differ
diff --git a/config/GratiaWeb b/config/GratiaWeb
old mode 100644
new mode 100755
diff --git a/setup/setup.py b/setup/setup.py
index c42bcebd0598e3c1f167bfdc4fdbb572e49e2a74..4b3d091cf810a2b96fa8590b95efa306e9b8a57a 100644
--- a/setup/setup.py
+++ b/setup/setup.py
@@ -48,7 +48,8 @@ setup(name="OSG-Measurements-Metrics",
data_files=[('/etc/init.d', ['config/GratiaWeb']),
('/etc/', ['config/wlcg_email.conf.rpmnew',
- 'config/DBParam.xml.rpmnew']),
+ 'config/DBParam.xml.rpmnew',
+ 'config/access.db']),
('/usr/share/GratiaWeb/', ['config/gip_schema',
'config/registration_schema']),
('/etc/cron.d/', ['config/gratia_data.cron']),
diff --git a/src/gratia/config/generic_secure_queries.xml b/src/gratia/config/generic_secure_queries.xml
index 70eeeee1c1fcc954973f9c381d07e5b1c35fbd52..2562cd0f46c7f91c2b57361e92c6df7ecb2c6015 100644
--- a/src/gratia/config/generic_secure_queries.xml
+++ b/src/gratia/config/generic_secure_queries.xml
@@ -65,7 +65,7 @@
<attribute name="title" />
<attribute name="column_names" />
<attribute name="column_units" />
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">site_ownership</attribute>
<attribute name="access">facility</attribute>
</query>
diff --git a/src/gratia/config/gratia_graphs.xml b/src/gratia/config/gratia_graphs.xml
index c4aa0cb58a783174f4654c0f7a66788860ff912a..62f1849f850d3c5dffd3905e98167d818def0b44 100644
--- a/src/gratia/config/gratia_graphs.xml
+++ b/src/gratia/config/gratia_graphs.xml
@@ -22,7 +22,7 @@
<class type="Grapher" name="gratia_bar_grapher">
<attribute name="display_name"> Bar Graphs </attribute>
<!--
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">site_ownership</attribute>
<attribute name="access">facility</attribute>
-->
@@ -36,21 +36,21 @@
<class type="Grapher" name="gratia_site_grapher">
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">site_ownership</attribute>
<attribute name="access">facility</attribute>
<queryobj> GratiaSiteBarQueries </queryobj>
</class>
<class type="Grapher" name="gratia_vo_grapher">
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">vo_ownership</attribute>
<attribute name="access">vo</attribute>
<queryobj> GratiaVoBarQueries </queryobj>
</class>
<class type="Grapher" name="gratia_user_grapher">
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">user_ownership</attribute>
<attribute name="access">user</attribute>
<queryobj> GratiaUserBarQueries </queryobj>
diff --git a/src/gratia/config/security.xml b/src/gratia/config/security.xml
index 366ba0ffbdfbddb3b9efd9530b747ebf5f01fa80..e7117bc4e9f9f46b40759531a03e35e49a2b943f 100644
--- a/src/gratia/config/security.xml
+++ b/src/gratia/config/security.xml
@@ -142,6 +142,33 @@
<attribute name="connection_manager"> RSVConnMan </attribute>
+ <query name="users">
+ <inputs>
+ <input name="dn" kind="sql"> Unknown </input>
+ <input name="access" kind="sql"> Unknown </input>
+ </inputs>
+ <sql>
+ SELECT
+ IF(:access=:dn, 1, 0)
+ </sql>
+ <results function="security_parser" />
+ </query>
+
+ <query name="list_users">
+ <inputs>
+ <input name="dn" kind="sql"> Unknown </input>
+ <input name="access" kind="sql"> Unknown </input>
+ </inputs>
+ <sql>
+ SELECT
+ dn
+ FROM (SELECT :dn as "dn") as foo
+ WHERE
+ dn=:access
+ </sql>
+ <results function="role_list" />
+ </query>
+
<query name="site_ownership">
<inputs>
<input name="dn" kind="sql"> Unknown </input>
diff --git a/src/gratia/config/text_queries.xml b/src/gratia/config/text_queries.xml
index 89f7e4e9dcde9c3551f9c767b5c71fac5edd47e2..c2c20312cc722a86d69dfe8c761403a759e41f43 100644
--- a/src/gratia/config/text_queries.xml
+++ b/src/gratia/config/text_queries.xml
@@ -38,7 +38,7 @@
</class>
<class type="XmlGenerator" name="user_xml">
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">users</attribute>
<attribute name="access">dn</attribute>
<queryobj> GratiaUserBarQueries </queryobj>
@@ -65,7 +65,7 @@
</class>
<class type="CsvGenerator" name="query_csv_secure">
- <attribute name="security">GratiaSecurity</attribute>
+ <attribute name="security">OIMSecurity</attribute>
<attribute name="authtype">site_ownership</attribute>
<attribute name="access">facility</attribute>
<queryobj> RSVSecureQueries </queryobj>