Skip to content
Snippets Groups Projects
Commit 491c2684 authored by S.Leipold's avatar S.Leipold
Browse files

Permissions - roleTitle instead of roleName gets now displayed in treetable...

Permissions - roleTitle instead of roleName gets now displayed in treetable and preview - conditional permissions are no longer child elements of default permissions
parent 9718f113
No related branches found
No related tags found
No related merge requests found
Showing
with 77 additions and 80 deletions
......@@ -16,7 +16,6 @@
<title>Action</title>
<dropDownProcess>%aditoprj%/entity/PermissionAction_entity/entityfields/action/dropDownProcess.js</dropDownProcess>
<stateProcess>%aditoprj%/entity/PermissionAction_entity/entityfields/action/stateProcess.js</stateProcess>
<displayValueProcess>%aditoprj%/entity/PermissionAction_entity/entityfields/action/displayValueProcess.js</displayValueProcess>
</entityField>
<entityField>
<name>UID</name>
......
import("system.result");
import("system.vars");
var action = vars.get("$field.ACTION");
result.string(action);
\ No newline at end of file
import("system.tools");
import("system.neon");
import("system.vars");
import("system.result");
......@@ -5,12 +6,11 @@ import("Permission_lib");
var operatingState = vars.get("$sys.operatingstate");
var field = vars.get("$field.FIELD");
var role = vars.get("$field.ROLE");
var roleName = vars.get("$field.ROLE");
var entity = vars.get("$field.ENTITY");
var accesstype = vars.get("$field.ACCESSTYPE");
var rootPermSet = PermissionUtil.getSetRoot(role, entity);
if (operatingState == neon.OPERATINGSTATE_SEARCH || neon.OPERATINGSTATE_VIEW) {
if (operatingState == neon.OPERATINGSTATE_SEARCH || operatingState == neon.OPERATINGSTATE_VIEW) {
switch (accesstype) {
case "E":
result.string("Entität");
......@@ -24,10 +24,13 @@ if (operatingState == neon.OPERATINGSTATE_SEARCH || neon.OPERATINGSTATE_VIEW) {
}
} else {
// editing/creating a new permission
// if there is no permission set for a given role-entity-combination -> permission has to be Entity
// if there is no permission set for a given role-entity-combination or only one with condtype 0 -> permission has to be Entity
// otherwise Record
// if $field.FIELD is filled, then its a permission on Field access level
if (rootPermSet == "") {
var rootPermSet = PermissionUtil.getSetRoot(roleName, entity);
var rootPerm = PermissionUtil.getPermissionWithoutCond(rootPermSet);
if (rootPermSet == "" || PermissionUtil.getCondType(rootPerm) == 0) {
result.string("Entität");
} else {
result.string("Datensatz");
......
......@@ -3,10 +3,10 @@ import("system.result");
import("Permission_lib");
var field = vars.get("$field.FIELD");
var role = vars.get("$field.ROLE");
var roleName = vars.get("$field.ROLE");
var entity = vars.get("$field.ENTITY");
var permId = vars.get("$field.UID");
var rootPermSet = PermissionUtil.getSetRoot(role, entity);
var rootPermSet = PermissionUtil.getSetRoot(roleName, entity);
var rootPerm = PermissionUtil.getPermissionWithoutCond(rootPermSet);
if (PermissionUtil.getCondType(rootPerm) == 0) {
......
......@@ -5,33 +5,35 @@ import("system.result");
import("Permission_lib");
var alias = SqlUtils.getSystemAlias();
var rootPermId;
var rootPermId = "";
var entity = vars.get("$field.ENTITY");
var role = vars.get("$field.ROLE");
var cond = vars.get("$field.CONDITION");
var field = vars.get("$field.FIELD");
var accesstype = vars.get("$field.ACCESSTYPE");
var emptyCond = PermissionUtil.getEmptyCondString(entity);
var permSetId = PermissionUtil.getSet(vars.get("$field.ROLE"), entity, vars.get("$field.ACCESSTYPE"), field);
var permSetId = PermissionUtil.getSet(role, entity, accesstype, field);
var fieldWhereCond = " and ASYS_PERMISSIONSET.FIELD_ID is null"
if (field != "") {
fieldWhereCond = " and ASYS_PERMISSIONSET.FIELD_ID = '" + field + "'"
}
if (permSetId != "") {
// check if default or conditional permission has to be returned
// default permission
if (cond == "" || cond == emptyCond) {
rootPermId = PermissionUtil.getPermissionWithoutCond(permSetId);
} else {
permsWithCond = PermissionUtil.getPermissionWithCond(permSetId);
for each (let perm in permsWithCond) {
let sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION join ASYS_PERMISSIONSET on ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = ASYS_PERMISSION.ASYS_PERMISSIONSET_ID where cast(ASYS_PERMISSION.COND as varchar(" + cond.length + ")) = '" + cond + "' and ASYS_PERMISSIONSET.FIELD_ID = '" + field + "'";
rootPermId = db.cell(sqlStr, alias);
break;
}
} else { // conditional permission
let sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION join ASYS_PERMISSIONSET on ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = ASYS_PERMISSION.ASYS_PERMISSIONSET_ID where cast(ASYS_PERMISSION.COND as varchar(" + cond.length + ")) = '" + cond + "'" + fieldWhereCond + " and ASYS_PERMISSIONSET.ROLE_ID='" + role + "' and ASYS_PERMISSIONSET.ENTITY_ID='" + entity + "'";
rootPermId = db.cell(sqlStr, alias);
}
// return valid permId
if (rootPermId != "")
if (rootPermId != "") {
result.string(rootPermId);
else
} else {
result.string(vars.get("$field.UID"));
}
} else {
result.string(vars.get("$field.UID"));
}
\ No newline at end of file
import("system.tools");
import("Sql_lib");
import("system.db");
import("system.vars");
......@@ -11,11 +12,12 @@ var allowedNumberOfActionsForFieldPermissions = 2;
var entityName = vars.get("$field.ENTITY");
var roleTitle = vars.get("$field.ROLE");
var roleName = PermissionUtil.resolveRoleTitle(roleTitle);
var fieldTitle = vars.get("$field.FIELD");
var accesstype = vars.get("$field.ACCESSTYPE");
var permCondInput = vars.get("$field.CONDITION");
var permCondType = vars.get("$field.CONDTYPE");
var permId = PermissionUtil.getPermission(roleTitle, entityName, fieldTitle, accesstype, permCondInput, permCondType);
var permId = PermissionUtil.getPermission(roleName, entityName, fieldTitle, accesstype, permCondInput, permCondType);
var actionsInDb = PermissionUtil.getActions([permId]);
var actionsAsStringArray = vars.get("$field.ACTION").split(","); // only useful while working with already existing permissions
var emptyCond = PermissionUtil.getEmptyCondString(entityName);
......@@ -53,7 +55,7 @@ if (PermissionUtil.permissionExists(permId)) {
}
// if conditional permission: check if action is already linked to default permission
if (!isDefaultPermission) {
if (PermissionUtil.actionExists(row.ACTION, PermissionUtil.getPermissionWithoutCond(PermissionUtil.getSet(roleTitle, entityName, accesstype, fieldTitle)))) {
if (PermissionUtil.actionExists(row.ACTION, PermissionUtil.getPermissionWithoutCond(PermissionUtil.getSet(roleName, entityName, accesstype, fieldTitle)))) {
result.string(translate.text("Action '" + row.ACTION + "' is already linked to the default permission."));
}
}
......@@ -67,7 +69,7 @@ if (PermissionUtil.permissionExists(permId)) {
} else {
// new permission
if (insertedRows.length > 0) {
var defaultPerm = PermissionUtil.getPermission(roleTitle, entityName, fieldTitle, accesstype, emptyCond);
var defaultPerm = PermissionUtil.getPermission(roleName, entityName, fieldTitle, accesstype, emptyCond);
if (PermissionUtil.permissionExists(defaultPerm)) {
var defaultActions = PermissionUtil.getActions([defaultPerm]);
for each (let entry in insertedRows) {
......
import("Permission_lib");
import("system.vars");
import("system.result");
import("system.neon");
......@@ -8,10 +9,7 @@ var role = "";
if (vars.exists("$param.RoleTitle_param") && recordstate == neon.OPERATINGSTATE_NEW) {
role = vars.get("$param.RoleTitle_param");
} else {
role = vars.get("$this.value");
role = PermissionUtil.resolveRoleTitle(vars.get("$this.value"));
}
if(role != undefined && role != null && role != "") {
res = role.split("_");
result.string(res[1]);
}
\ No newline at end of file
result.string(role);
\ No newline at end of file
import("Permission_lib");
import("system.vars");
import("system.result");
import("system.neon");
......@@ -8,7 +9,7 @@ var role = "";
if (vars.exists("$param.RoleTitle_param") && recordstate == neon.OPERATINGSTATE_NEW) {
role = vars.get("$param.RoleTitle_param");
} else {
role = vars.get("$this.value");
role = PermissionUtil.resolveRoleTitle(vars.get("$this.value"));
}
result.string(role);
\ No newline at end of file
import("system.tools");
import("Sql_lib");
import("system.util");
import("system.vars");
......@@ -6,7 +7,6 @@ import("system.result");
import("Permission_lib");
import("system.project");
var selectedPermission = vars.get("$local.idvalues");
var sqlStr;
var whereCond = " where";
var alias = SqlUtils.getSystemAlias();
......@@ -14,10 +14,8 @@ var entitiesMetaData = project.getDataModels(project.DATAMODEL_KIND_ENTITY);
var entityStructure;
var entitiesUsePermFlagSet = [];
var fieldsUsePermFlagSet = [];
var emptyCond = PermissionUtil.getEmptyCondString(vars.get("$field.ENTITY"));
// gets all names of the entites which have the 'usePermission'-flag set (positive list)
// gets all names of the fields which have the 'usePermission'-flag set (positive list)
// gets all names of entites and fields which have the 'usePermission'-flag set (positive list)
for each (let entityMetaData in entitiesMetaData) {
if (entityMetaData[6] == "true") {
entitiesUsePermFlagSet.push(entityMetaData[0])
......@@ -50,6 +48,13 @@ sqlStr =
+ " order by ASYS_PERMISSION.ASYS_PERMISSIONID";
var sqlRes = db.table(sqlStr, alias);
// converting roleName to roleTitle: roleTitle gets displayed in treetable, roleName is still in db (ASYS_PERMISSIONSET.ROLE_ID)
var allRoles = tools.getAllRoles();
for (let i = 0; i < sqlRes.length; i++) {
sqlRes[i][2] = allRoles[sqlRes[i][2]][0];
}
var permissionTable = PermissionUtil.convertArrToObj(sqlRes);
var permissionTableOrigin = permissionTable; // used to build tree
......@@ -77,6 +82,7 @@ for (let i = 0; i < permissionTable.length - 1; i++) {
}
var res = [];
var selectedPermission = vars.get("$local.idvalues");
if (selectedPermission == null) { // no permission selected, return all permission entrys
for each (let entry in groupedPermissionTable) { // iterates over all grouped permissions
......@@ -111,17 +117,9 @@ result.object(res);
function prepareResultArray(pEntry, pRes) {
var parentPermission = "";
var emptyCond = PermissionUtil.getEmptyCondString(pEntry.entity);
if (pEntry.accesstype != "E") {
if (pEntry.cond == "" || pEntry.cond == emptyCond) { // default permission
parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSetOfSet(PermissionUtil.getParentSet(pEntry.permissionid)));
} else { // conditional permission
parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSet(pEntry.permissionid));
if (parentPermission == "") {
parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSetOfSet(PermissionUtil.getParentSet(pEntry.permissionid)));
}
}
parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSetOfSet(PermissionUtil.getParentSet(pEntry.permissionid)));
}
pRes.push([pEntry.permissionid, pEntry.entity, pEntry.role, pEntry.field, pEntry.cond,
sortActions(pEntry.action.split(","), pEntry.accesstype).join(","), pEntry.accesstype, pEntry.condtype, parentPermission]);
......@@ -185,7 +183,7 @@ function sortResultsByCondition(a, b) {
var emptyCondA = PermissionUtil.getEmptyCondString(a[1]);
var emptyCondB = PermissionUtil.getEmptyCondString(b[1]);
if (a[4] == "" || a[4] == emptyCond) return -1;
if (a[4] == "" || a[4] == emptyCondA) return -1;
else if (b[4] == "" || b[4] == emptyCondB) return -1;
else if (a[4] != "" && a[4] != emptyCondA) return 1;
else if (b[4] != "" && b[4] != emptyCondB) return 1;
......
......@@ -44,26 +44,8 @@ switch (accessType) {
db.deleteData("ASYS_PERMISSIONSET", sqlCondDelPermSet, alias); // delete all permission sets
break;
default:
if (PermissionUtil.getCond(permId) == "" || PermissionUtil.getCond(permId) == emptyCond) { // check if permission is default or conditional permission
// default permission -> also have to delete sub permissions
let allPerms = PermissionUtil.getPermissionWithCond(PermissionUtil.getParentSet(permId));
allPerms.push(permId);
let allActions = PermissionUtil.getActions(allPerms);
sqlCondDelAction = SqlCondition.begin()
.and("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID in ('" + allActions.join("','") + "')")
.build();
sqlCondDelPerm = SqlCondition.begin()
.and("ASYS_PERMISSION.ASYS_PERMISSIONID in ('" + allPerms.join("','") + "')")
.build();
db.deleteData("ASYS_PERMISSIONACTION", sqlCondDelAction, alias); // delete all actions of the selected permission
db.deleteData("ASYS_PERMISSION", sqlCondDelPerm, alias); // delete the selected permission
} else {
// conditional permission -> only delete this permission
db.deleteData("ASYS_PERMISSIONACTION", sqlCondDelAction, alias); // delete all actions of the selected permission
db.deleteData("ASYS_PERMISSION", sqlCondDelPerm, alias); // delete the selected permission
}
db.deleteData("ASYS_PERMISSIONACTION", sqlCondDelAction, alias); // delete all actions of the selected permission
db.deleteData("ASYS_PERMISSION", sqlCondDelPerm, alias); // delete the selected permission
break;
}
......
......@@ -7,7 +7,7 @@ var lang = vars.get("$sys.clientlanguage");//e.g. "de"
var country = vars.get("$sys.clientcountry");//e.g. "DE"
locale = country ? lang + "_" + country : lang;
var selectedRole = vars.get("$local.idvalues");
var roles = tools.getAllRoles();
var allRoles = tools.getAllRoles();
var res = [];
var excludeRoles = {};
......@@ -19,11 +19,11 @@ if (vars.exists("$param.ExcludeRoles_param") && vars.get("$param.ExcludeRoles_pa
}, excludeRoles);
}
for (let rolename in roles) {
let role = roles[rolename];
if (!excludeRoles[rolename]) {
let numberOfUsersInSelectedRole = tools.getUsersWithRole(rolename).length;
res.push([rolename, role[0], role[1], role[2], numberOfUsersInSelectedRole + " " + translate.text("User", locale)]);
for each (let role in allRoles) {
var roleName = role[3];
if (!excludeRoles[roleName]) {
let numberOfUsersInSelectedRole = tools.getUsersWithRole(roleName).length;
res.push([roleName, role[0], role[1], role[2], numberOfUsersInSelectedRole + " " + translate.text("User", locale)]);
}
}
......
import("system.logging");
import("system.tools");
import("system.SQLTYPES");
import("system.util");
import("system.db");
......@@ -87,9 +87,9 @@ function PermissionUtil () {}
}
/**
* Converts a given array to an object with properties permissionid, entity, role, field, cond, action, accesstype.
* Converts a given array to an object with properties permissionid, entity, role, field, cond, action, accesstype, condtype.
*
* @param {String[]} pArr the array which should be converted to an object.
* @param {String[]} pArr the array which should be converted to an object. Order of array: permid, entity, role, field, cond, action, accesstype, condtype.
*
* @result {{}} converted object
*/
......@@ -564,6 +564,24 @@ function PermissionUtil () {}
return db.deleteData(table, cond, alias);
}
/**
* Converts a title of a role to the unqiue name of a role.
*
* @param {String} pRoleTitle title of a role, mandatory
*
* @result {String} returns name of a role, empty string if no fitting role name exists
*/
PermissionUtil.resolveRoleTitle = function(pRoleTitle) {
var allRoles = tools.getAllRoles();
var roleName = "";
for each (role in allRoles) {
if (role[0] == pRoleTitle) {
roleName = role[3];
}
}
return roleName;
}
} //end of block
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment