diff --git a/entity/PermissionAction_entity/PermissionAction_entity.aod b/entity/PermissionAction_entity/PermissionAction_entity.aod
index 6092f3cce0d86a0052ed44fb3a540fe7329b45ad..b79ba7a62cda9b68c901884c4b9d74b49c750411 100644
--- a/entity/PermissionAction_entity/PermissionAction_entity.aod
+++ b/entity/PermissionAction_entity/PermissionAction_entity.aod
@@ -34,6 +34,7 @@
</entityProvider>
<entityConsumer>
<name>PermissionDetails</name>
+ <onValidation>%aditoprj%/entity/PermissionAction_entity/entityfields/permissiondetails/onValidation.js</onValidation>
<dependency>
<name>dependency</name>
<entityName>PermissionDetail_entity</entityName>
diff --git a/entity/PermissionAction_entity/entityfields/permissiondetails/onValidation.js b/entity/PermissionAction_entity/entityfields/permissiondetails/onValidation.js
new file mode 100644
index 0000000000000000000000000000000000000000..17a9427ed7ea706af5dc3efde8f40d9f1c2b0353
--- /dev/null
+++ b/entity/PermissionAction_entity/entityfields/permissiondetails/onValidation.js
@@ -0,0 +1,35 @@
+import("system.logging");
+import("Sql_lib");
+import("system.db");
+import("system.vars");
+import("system.translate");
+import("system.result");
+import("Permission_lib");
+
+var alias = SqlUtils.getSystemAlias();
+var actionTitle = vars.get("$field.ACTION");
+var permissionId = vars.get("$param.PermissionId_param");
+var permCondInput = vars.get("$param.PermissionCondition_param");
+
+//var deletedRows = vars.get("$field." + pConsumerField + ".deletedRows");
+var deletedRows = vars.get("$field.PermissionDetails.deletedRows");
+logging.log("deleted rows: " + deletedRows);
+
+if (actionTitle == "null" || actionTitle == undefined || actionTitle == null || actionTitle == "") {
+ result.string(translate.text("Empty actions are not allowed!"));
+} else if (PermissionUtil.existsPermission(permissionId)) {
+ // existing permission
+ // check if action is already in DB
+ var actionsInDb = PermissionUtil.getPermissionAction(permissionId);
+ var sqlStr = "select COND from ASYS_PERMISSION where ASYS_PERMISSIONID='" + permissionId + "'";
+ var permCondDb = db.cell(sqlStr, alias);
+
+ for each (var action in actionsInDb) {
+ if (PermissionUtil.resolvePermissionActionId(action) == actionTitle && permCondInput == permCondDb) {
+ result.string(translate.text("Action '" + actionTitle + "' already linked to this permission!"));
+ break;
+ }
+ }
+} else {
+ result.string(true);
+}
\ No newline at end of file
diff --git a/entity/PermissionAction_entity/onValidation.js b/entity/PermissionAction_entity/onValidation.js
index ea8413e93c72ca687f519b7f4a739581d30ba0f5..be4d539d44a1e2492d85480020e1b3fdba5968ac 100644
--- a/entity/PermissionAction_entity/onValidation.js
+++ b/entity/PermissionAction_entity/onValidation.js
@@ -1,30 +1,9 @@
-import("Sql_lib");
-import("system.db");
import("system.vars");
import("system.translate");
import("system.result");
-import("Permission_lib");
-var alias = SqlUtils.getSystemAlias();
var actionTitle = vars.get("$field.ACTION");
-var permissionId = vars.get("$param.PermissionId_param");
-var permCondInput = vars.get("$param.PermissionCondition_param");
if (actionTitle == "null" || actionTitle == undefined || actionTitle == null || actionTitle == "") {
result.string(translate.text("Empty actions are not allowed!"));
-} else if (PermissionUtil.existsPermission(permissionId)) {
- // existing permission
- // check if action is already in DB
- var actionsInDb = PermissionUtil.getPermissionAction(permissionId);
- var sqlStr = "select COND from ASYS_PERMISSION where ASYS_PERMISSIONID='" + permissionId + "'";
- var permCondDb = db.cell(sqlStr, alias);
-
- for each (var action in actionsInDb) {
- if (PermissionUtil.resolvePermissionActionId(action) == actionTitle && permCondInput == permCondDb) {
- result.string(translate.text("Action '" + actionTitle + "' already linked to this permission!"));
- break;
- }
- }
-} else {
- result.string(true);
}
\ No newline at end of file
diff --git a/entity/PermissionDetail_entity/PermissionDetail_entity.aod b/entity/PermissionDetail_entity/PermissionDetail_entity.aod
index a4e15eebbe0dc95786588fb321ed810e7f452154..4905d05f3b0a5357a66bba2e5848a2897daa4be7 100644
--- a/entity/PermissionDetail_entity/PermissionDetail_entity.aod
+++ b/entity/PermissionDetail_entity/PermissionDetail_entity.aod
@@ -175,6 +175,7 @@
</entityConsumer>
<entityConsumer>
<name>PermissionActions</name>
+ <onValidation>%aditoprj%/entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js</onValidation>
<dependency>
<name>dependency</name>
<entityName>PermissionAction_entity</entityName>
diff --git a/entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js b/entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js
new file mode 100644
index 0000000000000000000000000000000000000000..5d4bdb1dbbd2d33d5697b4d6e420bb7201b7b238
--- /dev/null
+++ b/entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js
@@ -0,0 +1,88 @@
+import("system.logging");
+import("Sql_lib");
+import("system.db");
+import("system.vars");
+import("system.translate");
+import("system.result");
+import("Permission_lib");
+
+var allowedNumberOfActionsForRecordPermission = 3;
+var allowedNumberOfActionsForEntityPermissions = 2;
+var allowedNumberOfActionsForFieldPermissions = 2;
+
+var entityTitle = vars.get("$field.ENTITY");
+var roleTitle = vars.get("$field.ROLE");
+var fieldTitle = vars.get("$field.FIELD");
+var accesstype = vars.get("$field.ACCESSTYPE");
+var permCondInput = vars.get("$field.CONDITION");
+var permCondType = vars.get("$field.CONDTYPE");
+var permissionId = PermissionUtil.getPermission(roleTitle, entityTitle, fieldTitle, accesstype, permCondInput, permCondType);
+var actionsInDb = PermissionUtil.getPermissionAction(permissionId);
+
+var actionsAsStringArray = vars.get("$field.ACTION").split(","); // only useful while working with already existing permissions
+
+var deletedRows = vars.get("$field.PermissionActions.deletedRows");
+var changedRows = vars.get("$field.PermissionActions.changedRows");
+var insertedRows = vars.get("$field.PermissionActions.insertedRows");
+
+logging.log("del rows: " + deletedRows.toSource());
+logging.log("cha rows: " + changedRows.toSource());
+logging.log("ins rows: " + insertedRows.toSource());
+
+if (PermissionUtil.existsPermission(permissionId)) {
+ // old permission
+ // insert nur möglich, wenn gleiche action auch gelöscht wurde, oder zuvor nicht da war
+ for each (let row in insertedRows) {
+ var actionGotJustDelted = false;
+ if (PermissionUtil.actionExists(row.ACTION, permissionId)) {
+ for each (let delRow in deletedRows) {
+ if (row.ACTION == delRow.ACTION) {
+ actionGotJustDelted = true;
+ }
+ }
+ if (!actionGotJustDelted) {
+ result.string(translate.text("Action '" + row.ACTION + "' already linked to this permission."));
+ }
+ }
+ }
+
+ for each (let row in changedRows) {
+ if (PermissionUtil.actionExists(row.ACTION, permissionId) && actionsAsStringArray.indexOf(row.ACTION) == -1) {
+ result.string(translate.text("Action '" + row.ACTION + "' already linked to this permission."));
+ }
+ }
+} else {
+ // new permission
+ if (insertedRows.length > 1) {
+ for (let i = 0; i < insertedRows.length-1; i++) {
+ for (let j = i + 1; j < insertedRows.length; j++) {
+ if (insertedRows[i].ACTION == insertedRows[j].ACTION) {
+ result.string(translate.text("No duplicates allowed: action '" + insertedRows[i].ACTION + "'"));
+ }
+ }
+ }
+ }
+
+}
+
+if (insertedRows.length > 0) {
+ switch (accesstype) {
+ case "E":
+ if (actionsInDb.length >= allowedNumberOfActionsForEntityPermissions && !actionGotJustDelted) {
+ result.string(translate.text("Only " + allowedNumberOfActionsForEntityPermissions + " actions allowed for this type of permission."));
+ }
+ break;
+ case "R":
+ if (actionsInDb.length >= allowedNumberOfActionsForRecordPermission && !actionGotJustDelted) {
+ result.string(translate.text("Only " + allowedNumberOfActionsForRecordPermission + " actions allowed for this type of permission."));
+ }
+ break;
+ case "F":
+ if (actionsInDb.length >= allowedNumberOfActionsForFieldPermissions && !actionGotJustDelted) {
+ result.string(translate.text("Only " + allowedNumberOfActionsForFieldPermissions + " actions allowed for this type of permission."));
+ }
+ break;
+ default:
+ result.string(translate.text("This error should never appear - contact administrator."));
+ }
+}
\ No newline at end of file
diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index d5b1425935b6eb7eeef19f148ddb419b8671781d..1d8f9942319398d67bcabdfc7751299a6eb594d9 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -12,125 +12,125 @@ function PermissionUtil () {}
{ //block where variables declared with let are available to avoid unexpected side-effects
-let alias = SqlUtils.getSystemAlias();
+ let alias = SqlUtils.getSystemAlias();
-/**
+ /**
* Returns the ids of all subordinated permission sets of a given parent permission set.
*
* @param {String} pPermissionSetId the id of the parent permission set
*
* @result {String[]} array with the ids of every subordinated permission set. The result can never be null.
*/
-PermissionUtil.getAllChildPermissionSets = function (pPermissionSetId)
-{
- return db.array(db.COLUMN, SqlCondition.begin()
- .and("ASYS_PERMISSIONSET_ID = '" + pPermissionSetId + "'")
- .buildSql("select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET")
- , alias);
-}
+ PermissionUtil.getAllChildPermissionSets = function (pPermissionSetId)
+ {
+ return db.array(db.COLUMN, SqlCondition.begin()
+ .and("ASYS_PERMISSIONSET_ID = '" + pPermissionSetId + "'")
+ .buildSql("select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET")
+ , alias);
+ }
-/**
+ /**
* Returns the id of the subordinated permission set with accesstype 'record' of a given permission set.
*
* @param {String} pPermissionSetId the id of the parent permission set
*
* @result {String} id of subordinated permission set. The result can never be null.
*/
-PermissionUtil.getChildRecordPermissionSet = function (pPermissionSetId)
-{
- return db.array(db.COLUMN, SqlCondition.begin()
- .and("ASYS_PERMISSIONSET_ID = '" + pPermissionSetId + "'")
- .and("ACCESSTYPE = 'R'")
- .buildSql("select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET")
- , alias);
-}
+ PermissionUtil.getChildRecordPermissionSet = function (pPermissionSetId)
+ {
+ return db.array(db.COLUMN, SqlCondition.begin()
+ .and("ASYS_PERMISSIONSET_ID = '" + pPermissionSetId + "'")
+ .and("ACCESSTYPE = 'R'")
+ .buildSql("select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET")
+ , alias);
+ }
-/**
+ /**
* Returns all subordinated permissions of a given permission set.
*
* @param {String} pPermissionSetId the id of the parent permission set
*
* @result {String[]} array with the ids of every subordinated permission. The result can never be null.
*/
-PermissionUtil.getAllChildPermissions = function (pPermissionSetId)
-{
- return db.array(db.COLUMN, SqlCondition.begin()
- .and("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = '" + pPermissionSetId + "'")
- .buildSql("select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSION"
- + " join ASYS_PERMISSIONSET on ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = ASYS_PERMISSION.ASYS_PERMISSIONSET_ID")
- , alias);
-}
+ PermissionUtil.getAllChildPermissions = function (pPermissionSetId)
+ {
+ return db.array(db.COLUMN, SqlCondition.begin()
+ .and("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = '" + pPermissionSetId + "'")
+ .buildSql("select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSION"
+ + " join ASYS_PERMISSIONSET on ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = ASYS_PERMISSION.ASYS_PERMISSIONSET_ID")
+ , alias);
+ }
-/**
+ /**
* Returns all subordinated permission actions of a given permission set.
*
* @param {String} pPermissionSetId the id of the parent permission set
*
* @result {String[]} array with the ids of every subordinated permission action. The result can never be null.
*/
-PermissionUtil.getAllChildPermissionActions = function (pPermissionSetId)
-{
- return db.array(db.COLUMN, SqlCondition.begin()
- .and("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = '" + pPermissionSetId + "'")
- .buildSql("select ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION"
- + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONID = ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID")
- , alias);
-}
+ PermissionUtil.getAllChildPermissionActions = function (pPermissionSetId)
+ {
+ return db.array(db.COLUMN, SqlCondition.begin()
+ .and("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = '" + pPermissionSetId + "'")
+ .buildSql("select ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION"
+ + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONID = ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID")
+ , alias);
+ }
-/**
+ /**
* Returns all subordinated permission actions of a given permission.
*
* @param {String} pPermissionId the id of the parent permission
*
* @result {String[]} array with the ids of every subordinated permission action. The result can never be null.
*/
-PermissionUtil.getAllChildPermissionActions = function (pPermissionId)
-{
- return db.array(db.COLUMN, SqlCondition.begin()
- .and("ASYS_PERMISSION_ID = '" + pPermissionId + "'")
- .buildSql("select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION")
- , alias);
-}
+ PermissionUtil.getAllChildPermissionActions = function (pPermissionId)
+ {
+ return db.array(db.COLUMN, SqlCondition.begin()
+ .and("ASYS_PERMISSION_ID = '" + pPermissionId + "'")
+ .buildSql("select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION")
+ , alias);
+ }
-/**
+ /**
* Returns the action a given permission action id.
*
* @param {String} pPermissionActionId the id of the action
*
* @result {String} action name as readable string of the given permission action id. Never 'null', empty string if there is no result.
*/
-PermissionUtil.resolvePermissionActionId = function (pPermissionActionId)
-{
- return db.cell(SqlCondition.begin()
- .and("ASYS_PERMISSIONACTIONID = '" + pPermissionActionId + "'")
- .buildSql("select ASYS_PERMISSIONACTION.ACTION from ASYS_PERMISSIONACTION")
- , alias);
-}
+ PermissionUtil.resolvePermissionActionId = function (pPermissionActionId)
+ {
+ return db.cell(SqlCondition.begin()
+ .and("ASYS_PERMISSIONACTIONID = '" + pPermissionActionId + "'")
+ .buildSql("select ASYS_PERMISSIONACTION.ACTION from ASYS_PERMISSIONACTION")
+ , alias);
+ }
-/**
+ /**
* Converts a given array to an object with properties permissionid, entity, role, field, cond, action, accesstype.
*
* @param {String[]} pArr the array which should be converted to an object.
*
* @result {{}} converted object
*/
-PermissionUtil.convertArrToObj = function(pArr) {
- var ret = pArr.map(function(x) {
- return {
- "permissionid": x[0],
- "entity": x[1],
- "role": x[2],
- "field": x[3],
- "cond": x[4],
- "action": x[5],
- "accesstype": x[6],
- "condtype": x[7]
- }
- });
- return ret;
-}
+ PermissionUtil.convertArrToObj = function(pArr) {
+ var ret = pArr.map(function(x) {
+ return {
+ "permissionid": x[0],
+ "entity": x[1],
+ "role": x[2],
+ "field": x[3],
+ "cond": x[4],
+ "action": x[5],
+ "accesstype": x[6],
+ "condtype": x[7]
+ }
+ });
+ return ret;
+ }
-/**
+ /**
* Returns the first index at which a given permissionid can be found in the array, or -1 if it is not present.
*
* @param {String} pPermId the id of the permission
@@ -139,16 +139,16 @@ PermissionUtil.convertArrToObj = function(pArr) {
*
* @result {int} returns the position (index) of the searched permission in the table, otherwise returns -1 if not found
*/
-PermissionUtil.indexOfPermId = function(pPermTable, pPermId) {
- var notFound = -1;
- for (var i = 0; i < pPermTable.length; i++) {
- if(pPermTable[i].permissionid == pPermId)
- return i;
+ PermissionUtil.indexOfPermId = function(pPermTable, pPermId) {
+ var notFound = -1;
+ for (var i = 0; i < pPermTable.length; i++) {
+ if(pPermTable[i].permissionid == pPermId)
+ return i;
+ }
+ return notFound;
}
- return notFound;
-}
-/**
+ /**
* Checks a permission if the given actions are different to the actions in the database.
*
* @param {String} pPermId permission id to which the actions are linked to
@@ -157,14 +157,14 @@ PermissionUtil.indexOfPermId = function(pPermTable, pPermId) {
*
* @result {String[]} returns the different elements
*/
-PermissionUtil.getActionDiff = function(pPermId, pActionNew) {
- var sqlStr = "select ACTION from ASYS_PERMISSIONACTION where ASYS_PERMISSION_ID = '" + pPermId + "'";
- var actionOld = db.array(db.COLUMN, sqlStr, alias);
+ PermissionUtil.getActionDiff = function(pPermId, pActionNew) {
+ var sqlStr = "select ACTION from ASYS_PERMISSIONACTION where ASYS_PERMISSION_ID = '" + pPermId + "'";
+ var actionOld = db.array(db.COLUMN, sqlStr, alias);
- return arrDiff(actionOld, pActionNew);
-}
+ return arrDiff(actionOld, pActionNew);
+ }
-/**
+ /**
* Checks if the given string is different to the string of a column in the given database table.
*
* @param {String} pId the id
@@ -177,13 +177,13 @@ PermissionUtil.getActionDiff = function(pPermId, pActionNew) {
*
* @result {Boolean} returns true if different, otherwise false
*/
-PermissionUtil.isDiff = function(pId, pString, pDbCol, pDbTable) {
- var sqlStr = "select " + pDbCol + " from " + pDbTable + " where " + pDbTable + "ID = '" + pId + "'";
- var stringDb = db.cell(sqlStr, alias);
- return stringDb != pString ? true : false;
-}
+ PermissionUtil.isDiff = function(pId, pString, pDbCol, pDbTable) {
+ var sqlStr = "select " + pDbCol + " from " + pDbTable + " where " + pDbTable + "ID = '" + pId + "'";
+ var stringDb = db.cell(sqlStr, alias);
+ return stringDb != pString ? true : false;
+ }
-/**
+ /**
* Updates the value of the column in table if the values are different.
*
* @param {String} pId the id
@@ -196,114 +196,114 @@ PermissionUtil.isDiff = function(pId, pString, pDbCol, pDbTable) {
*
* @result {Integer} number of records that were updated
*/
-PermissionUtil.updateIfDiff = function(pId, pValue, pDbCol, pDbTable) {
- if (PermissionUtil.isDiff(pId, pValue, pDbCol, pDbTable)) {
- var cols = [pDbCol];
- var vals = [pValue];
- var cond = SqlCondition.begin().and(pDbTable + "ID = '" + pId + "'").build();
- return db.updateData(pDbTable, cols, null, vals, cond, alias);
- }
- return 0;
-}
+ PermissionUtil.updateIfDiff = function(pId, pValue, pDbCol, pDbTable) {
+ if (PermissionUtil.isDiff(pId, pValue, pDbCol, pDbTable)) {
+ var cols = [pDbCol];
+ var vals = [pValue];
+ var cond = SqlCondition.begin().and(pDbTable + "ID = '" + pId + "'").build();
+ return db.updateData(pDbTable, cols, null, vals, cond, alias);
+ }
+ return 0;
+ }
-/**
+ /**
* Gets the number of permissions which are linked to the given entity.
*
* @param {String} pEntityName The name of the entity
*
* @result {Integer} returns the number of permissions linked to the entity.
*/
-PermissionUtil.getNumberOfPermissions = function(pEntityName) {
- var table = "ASYS_PERMISSIONSET";
- var sqlStr = "select COUNT(*) from " + table + " where ENTITY_ID = '" + pEntityName + "'";
- return db.cell(sqlStr, alias);
-}
+ PermissionUtil.getNumberOfPermissions = function(pEntityName) {
+ var table = "ASYS_PERMISSIONSET";
+ var sqlStr = "select COUNT(*) from " + table + " where ENTITY_ID = '" + pEntityName + "'";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Gets the default permission of the root permission set.
*
* @param {String} pPermId the id of the permission
*
* @result {String} returns the id of the default permission of the root permission set. Never 'null', empty string if there is no result.
*/
-PermissionUtil.getRootPermission = function(pPermId) {
- var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION where ASYS_PERMISSIONID = '" + pPermId + "'";
- var parentPermSet = db.array(db.ROW, sqlStr, alias);
+ PermissionUtil.getRootPermission = function(pPermId) {
+ var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION where ASYS_PERMISSIONID = '" + pPermId + "'";
+ var parentPermSet = db.array(db.ROW, sqlStr, alias);
- while (parentPermSet[0] != "") {
- sqlStr = "select ASYS_PERMISSIONSET_ID, ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + parentPermSet[0] + "'";
- parentPermSet = db.array(db.ROW, sqlStr, alias);
- }
+ while (parentPermSet[0] != "") {
+ sqlStr = "select ASYS_PERMISSIONSET_ID, ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + parentPermSet[0] + "'";
+ parentPermSet = db.array(db.ROW, sqlStr, alias);
+ }
- sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSIONSET_ID = '" + parentPermSet[1] + "'";
- return db.cell(sqlStr, alias);
-}
+ sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSIONSET_ID = '" + parentPermSet[1] + "'";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Gets the default field permission of the root field permission set.
*
* @param {String} pPermId the id of the field permission
*
* @result {String} returns the id of the default field permission of the root field permission set. Never 'null', empty string if there is no result.
*/
-PermissionUtil.getRootFieldPermission = function(pPermId) {
- var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION where ASYS_PERMISSIONID = '" + pPermId + "'";
- var parentFieldPermSet = db.array(db.ROW, sqlStr, alias);
+ PermissionUtil.getRootFieldPermission = function(pPermId) {
+ var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION where ASYS_PERMISSIONID = '" + pPermId + "'";
+ var parentFieldPermSet = db.array(db.ROW, sqlStr, alias);
- sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSIONSET_ID = '" + parentFieldPermSet + "' and cond is null";
- return db.cell(sqlStr, alias);
-}
+ sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSIONSET_ID = '" + parentFieldPermSet + "' and cond is null";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Gets the default permission of a given permission set.
*
* @param {String} pPermSetId the id of the permission set
*
* @result {String} returns the id of the default permission of a given permission set. Never 'null', empty string if there is no result.
*/
-PermissionUtil.getDefaultPermission = function(pPermSetId) {
- var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pPermSetId + "'";
- var entityName = db.cell(sqlStr, alias);
- var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+ PermissionUtil.getDefaultPermission = function(pPermSetId) {
+ var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pPermSetId + "'";
+ var entityName = db.cell(sqlStr, alias);
+ var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
- sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
- + " where ASYS_PERMISSIONSET_ID = '" + pPermSetId + "'"
- + " and (COND is null or COND like '%" + noCond + "%')";
- return db.cell(sqlStr, alias);
-}
+ sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
+ + " where ASYS_PERMISSIONSET_ID = '" + pPermSetId + "'"
+ + " and (COND is null or COND like '%" + noCond + "%')";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Gets the conditional permissions of a given permission set.
*
* @param {String} pPermSetId the id of the permission set
*
* @result {String[]} returns the ids of the conditional permissions of a given permission set. The result can never be null.
*/
-PermissionUtil.getConditionalPermission = function(pPermSetId) {
- var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pPermSetId + "'";
- var entityName = db.cell(sqlStr, alias);
- var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+ PermissionUtil.getConditionalPermission = function(pPermSetId) {
+ var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pPermSetId + "'";
+ var entityName = db.cell(sqlStr, alias);
+ var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
- sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
- + " where ASYS_PERMISSIONSET_ID = '" + pPermSetId + "'"
- + " and COND is not null and COND not like '" + noCond + "'";
- return db.table(sqlStr, alias);
-}
+ sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
+ + " where ASYS_PERMISSIONSET_ID = '" + pPermSetId + "'"
+ + " and COND is not null and COND not like '" + noCond + "'";
+ return db.table(sqlStr, alias);
+ }
-/**
+ /**
* Gets the permission actions of a given permission.
*
* @param {String} pPermId the id of the permission
*
* @result {String[]} returns the ids of linked actions of a given permission. The result can never be null.
*/
-PermissionUtil.getPermissionAction = function(pPermId) {
- var sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION"
- + " where ASYS_PERMISSION_ID = '" + pPermId + "'"
- return db.table(sqlStr, alias);
-}
+ PermissionUtil.getPermissionAction = function(pPermId) {
+ var sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION"
+ + " where ASYS_PERMISSION_ID = '" + pPermId + "'"
+ return db.table(sqlStr, alias);
+ }
-/**
+ /**
* Gets the permission set id of a given role-entity-accesstype-combination.
*
* @param {String} pRole the name of the role
@@ -316,16 +316,16 @@ PermissionUtil.getPermissionAction = function(pPermId) {
*
* @result {String} returns the id of the matching permission set. The result can never be null.
*/
-PermissionUtil.getPermissionSet = function(pRole, pEntity, pAccessType, pField) {
- var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET"
- + " where ROLE_ID = '" + pRole + "' and ENTITY_ID = '" + pEntity + "' and ACCESSTYPE = '" + pAccessType + "'";
- if (pField != null && pField != "" && pField != undefined) {
- sqlStr += " and FIELD_ID = '" + pField + "'";
+ PermissionUtil.getPermissionSet = function(pRole, pEntity, pAccessType, pField) {
+ var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET"
+ + " where ROLE_ID = '" + pRole + "' and ENTITY_ID = '" + pEntity + "' and ACCESSTYPE = '" + pAccessType + "'";
+ if (pField != null && pField != "" && pField != undefined) {
+ sqlStr += " and FIELD_ID = '" + pField + "'";
+ }
+ return db.cell(sqlStr, alias);
}
- return db.cell(sqlStr, alias);
-}
-/**
+ /**
* Gets the root permission set of a entity-role-combination.
*
* @param {String} pRole the id of a role
@@ -334,76 +334,76 @@ PermissionUtil.getPermissionSet = function(pRole, pEntity, pAccessType, pField)
*
* @result {String} returns the id of the root permission set of the given entity-role-combination. Never 'null', empty string if there is no result.
*/
-PermissionUtil.getRootPermissionSet = function(pRole, pEntity) {
- var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET"
- + " where ROLE_ID = '" + pRole + "' and ENTITY_ID = '" + pEntity +"' and ACCESSTYPE = 'E'";
- return db.cell(sqlStr, alias);
-}
+ PermissionUtil.getRootPermissionSet = function(pRole, pEntity) {
+ var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET"
+ + " where ROLE_ID = '" + pRole + "' and ENTITY_ID = '" + pEntity +"' and ACCESSTYPE = 'E'";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Gets the parent permission set of a permission.
*
* @param {String} pPermId the id of the permission
*
* @result {String} returns the id of the parent permission set of the given permission. Never 'null', empty string if there is no result.
*/
-PermissionUtil.getParentPermissionSet = function(pPermId) {
- var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION"
- + " where ASYS_PERMISSIONID = '" + pPermId + "'";
- return db.cell(sqlStr, alias);
-}
+ PermissionUtil.getParentPermissionSet = function(pPermId) {
+ var sqlStr = "select ASYS_PERMISSIONSET_ID from ASYS_PERMISSION"
+ + " where ASYS_PERMISSIONID = '" + pPermId + "'";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Checks if the given permission has any children left.
*
* @param {String} pPermSetId the id of the permission set
*
* @result {Boolean} returns true if permission set has no children, otherwise false
*/
-PermissionUtil.permSetIsEmpty = function(pPermSetId) {
- var subSets = PermissionUtil.getAllChildPermissionSets(pPermSetId);
- var subPerms = PermissionUtil.getAllChildPermissions(pPermSetId);
- var subActions = PermissionUtil.getAllChildPermissionActions(pPermSetId);
+ PermissionUtil.permSetIsEmpty = function(pPermSetId) {
+ var subSets = PermissionUtil.getAllChildPermissionSets(pPermSetId);
+ var subPerms = PermissionUtil.getAllChildPermissions(pPermSetId);
+ var subActions = PermissionUtil.getAllChildPermissionActions(pPermSetId);
- if (subActions.length == 0 && subPerms == 0 && subSets == 0)
- return true;
- return false;
-}
+ if (subActions.length == 0 && subPerms == 0 && subSets == 0)
+ return true;
+ return false;
+ }
-/**
+ /**
* Returns all permissions of the given permission sets.
*
* @param {String[]} pPermSetIds the ids of the permission sets
*
* @result {String[]} returns ids of all permissions. The result can never be null.
*/
-PermissionUtil.getAllPermissions = function(pPermSetIds) {
- return db.table("select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONSET_ID in ('" + pPermSetIds.join("','") + "')", alias);
-}
+ PermissionUtil.getAllPermissions = function(pPermSetIds) {
+ return db.table("select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONSET_ID in ('" + pPermSetIds.join("','") + "')", alias);
+ }
-/**
+ /**
* Returns all permission actions of the given permissions.
*
* @param {String[]} pPermIds the ids of the permissions
*
* @result {String[]} returns ids of all permission actions. The result can never be null.
*/
-PermissionUtil.getAllPermissionActions = function(pPermIds) {
- return db.table("select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID in ('" + pPermIds.join("','") + "')", alias);
-}
+ PermissionUtil.getAllPermissionActions = function(pPermIds) {
+ return db.table("select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID in ('" + pPermIds.join("','") + "')", alias);
+ }
-/**
+ /**
* Returns the condition type of the given permissions.
*
* @param {String} pPermId the id of the permission
*
* @result {String} returns the value of condition type (true or false). Never 'null', empty string if there is no result.
*/
-PermissionUtil.getPermissionCondType = function(pPermId) {
- return db.cell("select CONDTYPE from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONID = '" + pPermId + "'", alias);
-}
+ PermissionUtil.getPermissionCondType = function(pPermId) {
+ return db.cell("select CONDTYPE from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONID = '" + pPermId + "'", alias);
+ }
-/**
+ /**
* Inserts a new instance of a permission set into ASYS_PERMISSIONSET.
*
* @param {String} pParentPermSet The parent permission set, empty if root node
@@ -418,16 +418,16 @@ PermissionUtil.getPermissionCondType = function(pPermId) {
*
* @result {Integer} returns the id of the inserted permission set
*/
-PermissionUtil.insertNewPermissionSet = function(pParentPermSet, pEntity, pRole, pField, pAccessType) {
- var table = "ASYS_PERMISSIONSET";
- var cols = db.getColumns(table, alias);
- var permsetid = util.getNewUUID();
- var vals = [pAccessType, permsetid, pParentPermSet, pEntity, pField, pRole];
- db.insertData(table, cols, null, vals, alias);
- return permsetid;
-}
+ PermissionUtil.insertNewPermissionSet = function(pParentPermSet, pEntity, pRole, pField, pAccessType) {
+ var table = "ASYS_PERMISSIONSET";
+ var cols = db.getColumns(table, alias);
+ var permsetid = util.getNewUUID();
+ var vals = [pAccessType, permsetid, pParentPermSet, pEntity, pField, pRole];
+ db.insertData(table, cols, null, vals, alias);
+ return permsetid;
+ }
-/**
+ /**
* Inserts a new instance of a permission into ASYS_PERMISSION.
*
* @param {String} pParentPermSet The parent permission set, mandatory
@@ -440,21 +440,21 @@ PermissionUtil.insertNewPermissionSet = function(pParentPermSet, pEntity, pRole,
*
* @result {Integer} returns the id of the inserted permission
*/
-PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType, pPermId) {
- var table = "ASYS_PERMISSION";
- var cols = db.getColumns(table, alias);
- var permId;
- if (pPermId != null && pPermId != "" && pPermId != undefined) {
- permId = pPermId;
- } else {
- permId = util.getNewUUID();
- }
- var vals = [permId, pParentPermSet, pCond, pCondType];
- db.insertData(table, cols, null, vals, alias);
- return permId;
-}
+ PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType, pPermId) {
+ var table = "ASYS_PERMISSION";
+ var cols = db.getColumns(table, alias);
+ var permId;
+ if (pPermId != null && pPermId != "" && pPermId != undefined) {
+ permId = pPermId;
+ } else {
+ permId = util.getNewUUID();
+ }
+ var vals = [permId, pParentPermSet, pCond, pCondType];
+ db.insertData(table, cols, null, vals, alias);
+ return permId;
+ }
-/**
+ /**
* Inserts a new instance of a permission action into ASYS_PERMISSIONACTION.
*
* @param {String} pParentPerm The parent permission, mandatory
@@ -465,31 +465,11 @@ PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType,
*
* @result {Integer} returns the id of the inserted permission action, returns null if insert was not possible
*/
-PermissionUtil.insertNewPermissionAction = function(pParentPerm, pAction, pActionId) {
- var table = "ASYS_PERMISSIONACTION";
- var cols = db.getColumns(table, alias);
- var permactionid;
-
- var actions = PermissionUtil.getPermissionAction(pParentPerm);
- var sqlStr = "select ACCESSTYPE from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + PermissionUtil.getParentPermissionSet(pParentPerm) + "'";
- var accesstype = db.cell(sqlStr, alias);
- var insertIsAllowed = true;
-
- switch (accesstype) {
- case "R":
- if (actions.length >= 3) {
- insertIsAllowed = false;
- }
- break;
- default:
- if (actions.length >= 2) {
- insertIsAllowed = false;
- }
- break;
- }
-
- if (insertIsAllowed) {
- sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTIONID = '" + pActionId + "'"; // if same id is already in db -> create new UID
+ PermissionUtil.insertNewPermissionAction = function(pParentPerm, pAction, pActionId) {
+ var table = "ASYS_PERMISSIONACTION";
+ var cols = db.getColumns(table, alias);
+ var permactionid;
+ var sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTIONID = '" + pActionId + "'"; // if same id is already in db -> create new UID
if (pActionId != null & pActionId != "" && pActionId != undefined && db.cell(sqlStr, alias) == "") {
permactionid = pActionId;
@@ -497,42 +477,76 @@ PermissionUtil.insertNewPermissionAction = function(pParentPerm, pAction, pActio
permactionid = util.getNewUUID();
}
var vals = [pAction, permactionid, pParentPerm];
- db.insertData(table, cols, null, vals, alias);
+ if (db.insertData(table, cols, null, vals, alias) == 0) {
+ return null;
+ }
return permactionid;
}
- return null;
-}
-/**
+ /**
* Returns the cond type of a permission.
*
* @param {String} pPerm The permission, mandatory
*
* @result {Integer} returns the cond type of a permission
*/
-PermissionUtil.getCondType = function(pPerm) {
- var table = "ASYS_PERMISSION";
- var sqlStr = "select CONDTYPE from " + table + " where ASYS_PERMISSIONID = '" + pPerm + "'";
- return db.cell(sqlStr, alias);
-}
+ PermissionUtil.getCondType = function(pPerm) {
+ var table = "ASYS_PERMISSION";
+ var sqlStr = "select CONDTYPE from " + table + " where ASYS_PERMISSIONID = '" + pPerm + "'";
+ return db.cell(sqlStr, alias);
+ }
-/**
+ /**
* Returns true if the permission exists, otherwise false.
*
* @param {String} pPermId The permission id
*
* @result {Boolean} true if permission exists, otherwise false
*/
-PermissionUtil.existsPermission = function(pPermId) {
- var table = "ASYS_PERMISSION";
- var sqlStr = "select COUNT(*) from " + table + " where ASYS_PERMISSIONID = '" + pPermId + "'";
- if (db.cell(sqlStr, alias) != "0") {
- return true;
+ PermissionUtil.existsPermission = function(pPermId) {
+ var table = "ASYS_PERMISSION";
+ var sqlStr = "select COUNT(*) from " + table + " where ASYS_PERMISSIONID = '" + pPermId + "'";
+ if (db.cell(sqlStr, alias) != "0") {
+ return true;
+ }
+ return false;
+ }
+
+ /**
+ * Returns true if the action exists, otherwise false.
+ *
+ * @param {String} pActionId The id of the action
+ *
+ * @result {Boolean} true if action exists, otherwise false
+ */
+ PermissionUtil.actionExists = function(pActionId) {
+ var table = "ASYS_PERMISSIONACTION";
+ var sqlStr = "select COUNT(*) from " + table + " where ASYS_PERMISSION_ID = '" + pActionId + "'";
+ if (db.cell(sqlStr, alias) != "0") {
+ return true;
+ }
+ return false;
}
- return false;
-}
-/**
+ /**
+ * Returns true if the action exists, otherwise false.
+ *
+ * @param {String} pAction The title of the action (e.g. view, create, read, update, delete)
+ *
+ * @param {String} pPermId The ID of the permission to which the action is linked
+ *
+ * @result {Boolean} true if action exists, otherwise false
+ */
+ PermissionUtil.actionExists = function(pAction, pPermId) {
+ var table = "ASYS_PERMISSIONACTION";
+ var sqlStr = "select COUNT(*) from " + table + " where ACTION = '" + pAction + "' and ASYS_PERMISSION_ID = '" + pPermId + "'";
+ if (db.cell(sqlStr, alias) != "0") {
+ return true;
+ }
+ return false;
+ }
+
+ /**
* Returns permissionid of the permission with fitting parameters, otherwise returns empty string
*
* @param {String} pRole Name of the role
@@ -550,47 +564,47 @@ PermissionUtil.existsPermission = function(pPermId) {
* @result {String} Returns the id of the permission with fitting parameters, otherwise returns empty string, can never be null
*
*/
-PermissionUtil.getPermission = function(pRole, pEntity, pField, pAccesstype, pCondition, pCondtype) {
- var sqlStr = "";
- var sqlExt = "";
- var noCond = "{\"entity\":\"" + pEntity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+ PermissionUtil.getPermission = function(pRole, pEntity, pField, pAccesstype, pCondition, pCondtype) {
+ var sqlStr = "";
+ var sqlExt = "";
+ var noCond = "{\"entity\":\"" + pEntity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
- if (checkInput([pCondition])) {
- if (pCondition == noCond) {
- sqlExt += " and (COND like '%" + pCondition + "%' or COND is null)";
- } else {
- sqlExt += " and COND like '%" + pCondition + "%'";
+ if (checkInput([pCondition])) {
+ if (pCondition == noCond) {
+ sqlExt += " and (COND like '%" + pCondition + "%' or COND is null)";
+ } else {
+ sqlExt += " and COND like '%" + pCondition + "%'";
+ }
}
- }
- if (checkInput([pField])) {
- sqlExt += " and FIELD_ID = '" + pField + "'";
- }
+ if (checkInput([pField])) {
+ sqlExt += " and FIELD_ID = '" + pField + "'";
+ }
- if (checkInput([pCondtype])) {
- sqlExt += " and CONDTYPE = '" + pCondtype + "'";
- }
+ if (checkInput([pCondtype])) {
+ sqlExt += " and CONDTYPE = '" + pCondtype + "'";
+ }
- sqlStr = "select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSIONSET"
- + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID"
- + " where ENTITY_ID = '" + pEntity + "' and ROLE_ID = '" + pRole + "'"
- + " and ACCESSTYPE = '" + pAccesstype + "'" + sqlExt;
- var permId = db.cell(sqlStr, alias);
- return permId;
-}
+ sqlStr = "select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSIONSET"
+ + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID"
+ + " where ENTITY_ID = '" + pEntity + "' and ROLE_ID = '" + pRole + "'"
+ + " and ACCESSTYPE = '" + pAccesstype + "'" + sqlExt;
+ var permId = db.cell(sqlStr, alias);
+ return permId;
+ }
-/**
+ /**
* Deletes a permission action from ASYS_PERMISSIONACTION.
*
* @param {String} pPermActionId The permission action id which should be deleted, mandatory
*
* @result {Integer} returns the number of deleted records
*/
-PermissionUtil.deletePermissionAction = function(pPermActionId) {
- var table = "ASYS_PERMISSIONACTION";
- var cond = " ASYS_PERMISSIONACTIONID = '" + pPermActionId + "'";
- return db.deleteData(table, cond, alias);
-}
+ PermissionUtil.deletePermissionAction = function(pPermActionId) {
+ var table = "ASYS_PERMISSIONACTION";
+ var cond = " ASYS_PERMISSIONACTIONID = '" + pPermActionId + "'";
+ return db.deleteData(table, cond, alias);
+ }
} //end of block