From 053bc2694b1599afe5a1d9cfa86e38415195e726 Mon Sep 17 00:00:00 2001
From: Simon Leipold <s.leipold@adito.de>
Date: Fri, 21 Jun 2019 13:48:24 +0200
Subject: [PATCH] 1039740 Permissions - fixed overview for entities without
permissions and added isSmall for PermissionDetail
---
.../entityfields/accesstype/valueProcess.js | 8 +-
.../recordcontainers/jdito/onInsert.js | 8 ++
.../recordcontainers/jdito/contentProcess.js | 9 +-
.../PermissionDetailEdit_view.aod | 1 +
process/Permission_lib/process.js | 117 ++++++++++++++----
5 files changed, 114 insertions(+), 29 deletions(-)
diff --git a/entity/PermissionDetail_entity/entityfields/accesstype/valueProcess.js b/entity/PermissionDetail_entity/entityfields/accesstype/valueProcess.js
index 9ebb27717c..82036f5ff9 100644
--- a/entity/PermissionDetail_entity/entityfields/accesstype/valueProcess.js
+++ b/entity/PermissionDetail_entity/entityfields/accesstype/valueProcess.js
@@ -1,3 +1,4 @@
+import("system.logging");
import("system.vars");
import("system.result");
import("Permission_lib");
@@ -9,13 +10,16 @@ var permId = vars.get("$field.UID");
var rootPermSet = PermissionUtil.getRootPermissionSet(role, entity);
var rootPerm = PermissionUtil.getDefaultPermission(rootPermSet);
-if (rootPermSet == "") {
+if (PermissionUtil.getCondType(rootPerm) == "false") {
+ // condtype="false" is used to display that this entity has the usePermissions flag set but has no permissions linked -> no access on any level
+ result.string("E");
+} else if (rootPermSet == "") {
result.string("E");
} else if (rootPerm == permId) {
result.string("E");
} else {
result.string("R");
-}
+}
if (field != undefined && field != null && field != "") {
result.string("F");
diff --git a/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js b/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js
index be3e4af943..3a8117c203 100644
--- a/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js
+++ b/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js
@@ -41,6 +41,14 @@ if (checkInput([role, entity, accesstype, condtype, action])) {
permissionsetid = PermissionUtil.insertNewPermissionSet(rootpermissionset, entity, role, field, accesstype)
}
+ // deletes permissions with CONDTYPE = 'false' - condtype=false if a permission is used to display that a entity has no permissions
+ var childPermissions = PermissionUtil.getAllChildPermissions(permissionsetid);
+ for each (var permid in childPermissions) {
+ if (PermissionUtil.getCondType(permid) == "false") {
+ PermissionUtil.deletePermission(permid);
+ }
+ }
+
// check if a new permissions is needed or an existing one can be used
var existingPermId = permExists(role, entity, field, accesstype, condtype, condition);
if (existingPermId != "") {
diff --git a/entity/PermissionOverview_entity/recordcontainers/jdito/contentProcess.js b/entity/PermissionOverview_entity/recordcontainers/jdito/contentProcess.js
index ef9f7289ab..ff906bb09a 100644
--- a/entity/PermissionOverview_entity/recordcontainers/jdito/contentProcess.js
+++ b/entity/PermissionOverview_entity/recordcontainers/jdito/contentProcess.js
@@ -1,3 +1,4 @@
+import("system.logging");
import("system.project");
import("system.vars");
import("system.result");
@@ -9,14 +10,20 @@ var roleTitle = "";
var entityTitle = "";
var sqlCond = "";
var sqlStr = "";
+var roleInternalEveryone = "INTERNAL_EVERYONE";
var entitiesMetaData = project.getDataModels(project.DATAMODEL_KIND_ENTITY);
-var entitiesUsePermFlagSet = [];
+var entitiesUsePermFlagSet = []; // array, which contains ids of entities with usePermission flag set
// gets all names of the entites which have the 'usePermission'-flag set (positive list)
for each (let entityMetaData in entitiesMetaData) {
if (entityMetaData[6] == "true") {
entitiesUsePermFlagSet.push(entityMetaData[0])
+ if (PermissionUtil.getNumberOfPermissions(entityMetaData[0]) == 0) {
+ // no permissions found for the given entity -> create permissionset for role INTERNAL_EVERYONE with five X's for view, create, read, edit, delete
+ var noAccessPermissionSetIdEntity = PermissionUtil.insertNewPermissionSet("", entityMetaData[0], roleInternalEveryone, "", "E");
+ PermissionUtil.insertNewPermission(noAccessPermissionSetIdEntity, "", "false"); // false is an indicator for PermissionDetails so the user can create a new PermissionSet on access level "E"
+ }
}
}
diff --git a/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod b/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod
index 35a7399482..e08ef01d52 100644
--- a/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod
+++ b/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod
@@ -2,6 +2,7 @@
<neonView xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.1.1" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/neonView/1.1.1">
<name>PermissionDetailEdit_view</name>
<majorModelMode>DISTRIBUTED</majorModelMode>
+ <isSmall v="true" />
<layout>
<boxLayout>
<name>layout</name>
diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index 0c0713045e..999846f31b 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -17,7 +17,7 @@ var alias = "_____SYSTEMALIAS";
*
* @param {String} pPermissionSetId the id of the parent permission set
*
- * @result {String[]} array with the ids of every subordinated permission set
+ * @result {String[]} array with the ids of every subordinated permission set. The result can never be null.
*/
PermissionUtil.getAllChildPermissionSets = function (pPermissionSetId)
{
@@ -32,7 +32,7 @@ PermissionUtil.getAllChildPermissionSets = function (pPermissionSetId)
*
* @param {String} pPermissionSetId the id of the parent permission set
*
- * @result {String} id of subordinated permission set
+ * @result {String} id of subordinated permission set. The result can never be null.
*/
PermissionUtil.getChildRecordPermissionSet = function (pPermissionSetId)
{
@@ -48,7 +48,7 @@ PermissionUtil.getChildRecordPermissionSet = function (pPermissionSetId)
*
* @param {String} pPermissionSetId the id of the parent permission set
*
- * @result {String[]} array with the ids of every subordinated permission
+ * @result {String[]} array with the ids of every subordinated permission. The result can never be null.
*/
PermissionUtil.getAllChildPermissions = function (pPermissionSetId)
{
@@ -64,7 +64,7 @@ PermissionUtil.getAllChildPermissions = function (pPermissionSetId)
*
* @param {String} pPermissionSetId the id of the parent permission set
*
- * @result {String[]} array with the ids of every subordinated permission action
+ * @result {String[]} array with the ids of every subordinated permission action. The result can never be null.
*/
PermissionUtil.getAllChildPermissionActions = function (pPermissionSetId)
{
@@ -80,7 +80,7 @@ PermissionUtil.getAllChildPermissionActions = function (pPermissionSetId)
*
* @param {String} pPermissionId the id of the parent permission
*
- * @result {String[]} array with the ids of every subordinated permission action
+ * @result {String[]} array with the ids of every subordinated permission action. The result can never be null.
*/
PermissionUtil.getAllChildPermissionActions = function (pPermissionId)
{
@@ -95,7 +95,7 @@ PermissionUtil.getAllChildPermissionActions = function (pPermissionId)
*
* @param {String} pPermissionActionId the id of the action
*
- * @result {String} action name as readable string of the given permission action id
+ * @result {String} action name as readable string of the given permission action id. Never 'null', empty string if there is no result.
*/
PermissionUtil.resolvePermissionActionId = function (pPermissionActionId)
{
@@ -204,12 +204,25 @@ PermissionUtil.updateIfDiff = function(pId, pValue, pDbCol, pDbTable) {
return 0;
}
+/**
+ * Gets the number of permissions which are linked to the given entity.
+ *
+ * @param {String} pEntityName The name of the entity
+ *
+ * @result {Integer} returns the number of permissions linked to the entity.
+ */
+PermissionUtil.getNumberOfPermissions = function(pEntityName) {
+ var table = "ASYS_PERMISSIONSET";
+ var sqlStr = "select COUNT(*) from " + table + " where ENTITY_ID = '" + pEntityName + "'";
+ return db.cell(sqlStr, alias);
+}
+
/**
* Gets the default permission of the root permission set.
*
* @param {String} pPermId the id of the permission
*
- * @result {String} returns the id of the default permission of the root permission set
+ * @result {String} returns the id of the default permission of the root permission set. Never 'null', empty string if there is no result.
*/
PermissionUtil.getRootPermission = function(pPermId) {
var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION where ASYS_PERMISSIONID = '" + pPermId + "'";
@@ -229,7 +242,7 @@ PermissionUtil.getRootPermission = function(pPermId) {
*
* @param {String} pPermId the id of the field permission
*
- * @result {String} returns the id of the default field permission of the root field permission set
+ * @result {String} returns the id of the default field permission of the root field permission set. Never 'null', empty string if there is no result.
*/
PermissionUtil.getRootFieldPermission = function(pPermId) {
var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION where ASYS_PERMISSIONID = '" + pPermId + "'";
@@ -244,7 +257,7 @@ PermissionUtil.getRootFieldPermission = function(pPermId) {
*
* @param {String} pPermSetId the id of the permission set
*
- * @result {String} returns the id of the default permission of a given permission set
+ * @result {String} returns the id of the default permission of a given permission set. Never 'null', empty string if there is no result.
*/
PermissionUtil.getDefaultPermission = function(pPermSetId) {
var sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
@@ -258,7 +271,7 @@ PermissionUtil.getDefaultPermission = function(pPermSetId) {
*
* @param {String} pPermSetId the id of the permission set
*
- * @result {String[]} returns the ids of the conditional permissions of a given permission set
+ * @result {String[]} returns the ids of the conditional permissions of a given permission set. The result can never be null.
*/
PermissionUtil.getConditionalPermission = function(pPermSetId) {
var sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
@@ -272,7 +285,7 @@ PermissionUtil.getConditionalPermission = function(pPermSetId) {
*
* @param {String} pPermId the id of the permission
*
- * @result {String[]} returns the ids of linked actions of a given permission
+ * @result {String[]} returns the ids of linked actions of a given permission. The result can never be null.
*/
PermissionUtil.getPermissionAction = function(pPermId) {
var sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION"
@@ -287,7 +300,7 @@ PermissionUtil.getPermissionAction = function(pPermId) {
*
* @param {String} pEntity the id of an entity
*
- * @result {String} returns the id of the root permission set of the given entity-role-combination
+ * @result {String} returns the id of the root permission set of the given entity-role-combination. Never 'null', empty string if there is no result.
*/
PermissionUtil.getRootPermissionSet = function(pRole, pEntity) {
var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET"
@@ -300,7 +313,7 @@ PermissionUtil.getRootPermissionSet = function(pRole, pEntity) {
*
* @param {String} pPermId the id of the permission
*
- * @result {String} returns the id of the parent permission set of the given permission
+ * @result {String} returns the id of the parent permission set of the given permission. Never 'null', empty string if there is no result.
*/
PermissionUtil.getParentPermissionSet = function(pPermId) {
var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION"
@@ -328,7 +341,7 @@ PermissionUtil.permSetIsEmpty = function(pPermSetId) {
/**
* Returns all PermissionSets, Permissions and PermissionActions.
*
- * @result {String[]) all PermissionSets, Permissions and PermissionActions
+ * @result {String[]) all PermissionSets, Permissions and PermissionActions. The result can never be null.
*/
PermissionUtil.getCompleteStructure = function() {
return db.table("select ASYS_PERMISSIONSET.ENTITY_ID, ASYS_PERMISSIONSET.ROLE_ID, ASYS_PERMISSIONSET.FIELD_ID, ASYS_PERMISSIONSET.ACCESSTYPE, ASYS_PERMISSION.COND, ASYS_PERMISSION.CONDTYPE, ASYS_PERMISSIONACTION.ACTION from ASYS_PERMISSIONSET"
@@ -341,7 +354,7 @@ PermissionUtil.getCompleteStructure = function() {
*
* @param {String[]} pPermSetIds the ids of the permission sets
*
- * @result {String[]} returns ids of all permissions
+ * @result {String[]} returns ids of all permissions. The result can never be null.
*/
PermissionUtil.getAllPermissions = function(pPermSetIds) {
return db.table("select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONSET_ID in ('" + pPermSetIds.join("','") + "')", alias);
@@ -352,7 +365,7 @@ PermissionUtil.getAllPermissions = function(pPermSetIds) {
*
* @param {String[]} pPermIds the ids of the permissions
*
- * @result {String[]} returns ids of all permission actions
+ * @result {String[]} returns ids of all permission actions. The result can never be null.
*/
PermissionUtil.getAllPermissionActions = function(pPermIds) {
return db.table("select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID in ('" + pPermIds.join("','") + "')", alias);
@@ -363,7 +376,7 @@ PermissionUtil.getAllPermissionActions = function(pPermIds) {
*
* @param {String} pPermId the id of the permission
*
- * @result {String} returns the value of condition type (true or false)
+ * @result {String} returns the value of condition type (true or false). Never 'null', empty string if there is no result.
*/
PermissionUtil.getPermissionCondType = function(pPermId) {
return db.cell("select CONDTYPE from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONID = '" + pPermId + "'", alias);
@@ -396,13 +409,13 @@ PermissionUtil.containsDuplicateActions = function(pPermId, pActionNew) {
*
* @param {String} pParentPermSet The parent permission set, empty if root node
*
- * @param {String} pEntity The entity to which the PermissionSet is linked
+ * @param {String} pEntity The entity to which the PermissionSet is linked, mandatory
*
- * @param {String} pRole The Role to which the PermissionSet is linked
+ * @param {String} pRole The Role to which the PermissionSet is linked, mandatory
*
- * @param {String} pField The Field to which the PermissionSet is linked
+ * @param {String} pField The Field to which the PermissionSet is linked, empty if no field permission
*
- * @param {String} pAccessType Entity, Record or Field (E, R, F)
+ * @param {String} pAccessType Entity, Record or Field (E, R, F), mandatory
*
* @result {Integer} returns the id of the inserted permission set
*/
@@ -418,11 +431,11 @@ PermissionUtil.insertNewPermissionSet = function(pParentPermSet, pEntity, pRole,
/**
* Inserts a new instance of a permission into ASYS_PERMISSION.
*
- * @param {String} pParentPermSet The parent permission set
+ * @param {String} pParentPermSet The parent permission set, mandatory
*
- * @param {String} pCond The entity to which the PermissionSet is linked
+ * @param {String} pCond The condition of the permission, empty if no condition
*
- * @param {String} pCondType The Role to which the PermissionSet is linked
+ * @param {String} pCondType The Condition Type of the permission, should nearly always be "true"
*
* @result {Integer} returns the id of the inserted permission
*/
@@ -438,9 +451,9 @@ PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType)
/**
* Inserts a new instance of a permission action into ASYS_PERMISSIONACTION.
*
- * @param {String} pParentPerm The parent permission
+ * @param {String} pParentPerm The parent permission, mandatory
*
- * @param {String} pAction Action (view, create,...)
+ * @param {String} pAction Action (view, create,...), mandatory
*
* @result {Integer} returns the id of the inserted permission action
*/
@@ -453,6 +466,58 @@ PermissionUtil.insertNewPermissionAction = function(pParentPerm, pAction) {
return permactionid;
}
+/**
+ * Returns the cond type of a permission.
+ *
+ * @param {String} pPerm The permission, mandatory
+ *
+ * @result {Integer} returns the cond type of a permission
+ */
+PermissionUtil.getCondType = function(pPerm) {
+ var table = "ASYS_PERMISSION";
+ var sqlStr = "select CONDTYPE from " + table + " where ASYS_PERMISSIONID = '" + pPerm + "'";
+ return db.cell(sqlStr, alias);
+}
+
+/**
+ * Deletes a permissionset from ASYS_PERMISSIONSET.
+ *
+ * @param {String} pPermSetId The permission set id which should be deleted, mandatory
+ *
+ * @result {Integer} returns the number of deleted records
+ */
+PermissionUtil.deletePermissionSet = function(pPermSetId) {
+ var table = "ASYS_PERMISSIONSET";
+ var cond = " ASYS_PERMISSIONSETID = '" + pPermSetId + "'";
+ return db.deleteData(table, cond, alias);
+}
+
+/**
+ * Deletes a permission from ASYS_PERMISSION.
+ *
+ * @param {String} pPermId The permission id which should be deleted, mandatory
+ *
+ * @result {Integer} returns the number of deleted records
+ */
+PermissionUtil.deletePermission = function(pPermId) {
+ var table = "ASYS_PERMISSION";
+ var cond = " ASYS_PERMISSIONID = '" + pPermId + "'";
+ return db.deleteData(table, cond, alias);
+}
+
+/**
+ * Deletes a permission action from ASYS_PERMISSIONACTION.
+ *
+ * @param {String} pPermActionId The permission action id which should be deleted, mandatory
+ *
+ * @result {Integer} returns the number of deleted records
+ */
+PermissionUtil.deletePermissionAction = function(pPermActionId) {
+ var table = "ASYS_PERMISSIONACTION";
+ var cond = " ASYS_PERMISSIONACTIONID = '" + pPermActionId + "'";
+ return db.deleteData(table, cond, alias);
+}
+
// arrDiff calculates different elements of two arrays and returns them as array, otherwise empty array
function arrDiff (arr1, arr2) {
var helperArr = [], diff = [];
--
GitLab