From 603a5c5a1ca431428b5a760bf752f80e5073205d Mon Sep 17 00:00:00 2001
From: "S.Leipold" <S.Leipold@sleipold.aditosoftware.local>
Date: Wed, 4 Dec 2019 13:27:40 +0100
Subject: [PATCH] #1048321 Berechtigungen greifen nicht bei Entity-Actions -
fixed a bug where creating permissions on entity actions was not possible
---
.../permissionid_param/valueProcess.js | 2 +-
process/Permission_lib/process.js | 35 ++++++++++++-------
2 files changed, 24 insertions(+), 13 deletions(-)
diff --git a/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js b/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js
index 046efd6e02..74184cabbc 100644
--- a/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js
+++ b/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js
@@ -18,7 +18,7 @@ var permSetId = PermissionUtil.getSet(roleName, entity, accesstype, field);
var fieldWhereCond = "ASYS_PERMISSIONSET.FIELD_ID is null";
if (field != "") {
- fieldWhereCond = newWhere("ASYS_PERMISSIONSET.FIELD_ID", field);
+ fieldWhereCond = "ASYS_PERMISSIONSET.FIELD_ID = '" + field + "'";
}
if (permSetId != "") {
diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index 4114e63799..bc56c73e0a 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -241,15 +241,20 @@ function PermissionUtil () {}
* @result {String} returns id of default permission of given set. Never 'null', empty string if there is no result.
*/
PermissionUtil.getPermissionWithoutCond = function(pSetId) {
- var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pSetId + "'";
- var entityName = db.cell(sqlStr, alias);
+ //var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pSetId + "'";
+ //var entityName = db.cell(sqlStr, alias);
+ //sqlStr and entityName got rewritten to sqlBuilder in entityName
+ var entityName = newSelect("ENTITY_ID", alias)
+ .from("ASYS_PERMISSIONSET")
+ .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", pSetId)
+ .cell();
var emptyCond = PermissionUtil.getEmptyCondString(entityName);
- sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
+ var sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
+ " where ASYS_PERMISSIONSET_ID = '" + pSetId + "'"
+ " and (COND is null"
+ " or " + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " = '" + emptyCond + "')";
-
+
return db.cell(sqlStr, alias);
}
@@ -455,19 +460,25 @@ function PermissionUtil () {}
"ASYS_PERMISSION_ID",
"ACTION"
];
- var actionId;
- var sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTIONID = '" + pActionId + "'";
-
- if (pActionId != null & pActionId != "" && pActionId != undefined && db.cell(sqlStr, alias) == "") {
- actionId = pActionId;
+ var newActionId;
+ //var sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTIONID = '" + pActionId + "'";
+ //sqlStr got rewritten to sqlBuilder in actionIdInDb
+ var actionIdInDb = newSelect("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", alias)
+ .from("ASYS_PERMISSIONACTION")
+ .where("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", pActionId)
+ .cell();
+
+ if (pActionId != null & pActionId != "" && pActionId != undefined && actionIdInDb == "") {
+ newActionId = pActionId;
} else {
- actionId = util.getNewUUID(); // if same id is already in db -> create new UID
+ newActionId = util.getNewUUID(); // if same id is already in db -> create new UID
}
- var vals = [actionId, pParentPermId, pAction];
+
+ var vals = [newActionId, pParentPermId, pAction];
if (db.insertData(table, cols, null, vals, alias) == 0) {
return null;
}
- return actionId;
+ return newActionId;
}
/**
--
GitLab