[Projekt: Entwicklung - Neon][TicketNr.: 1048120][Löschen einer Rolle entfernt...

[Projekt: Entwicklung - Neon][TicketNr.: 1048120][Löschen einer Rolle entfernt nicht die zugehörigen Permissions]

[Projekt: Entwicklung - Neon][TicketNr.: 1048120][Löschen einer Rolle entfernt...
[Projekt: Entwicklung - Neon][TicketNr.: 1048120][Löschen einer Rolle entfernt nicht die zugehörigen Permissions]
92250d00 · Simon Leipold · 69be15b6 · 92250d00 · 92250d00 · 92250d00
Commit 92250d00 authored 5 years ago by Simon Leipold
--- a/entity/RoleChildren_entity/RoleChildren_entity.aod
+++ b/entity/RoleChildren_entity/RoleChildren_entity.aod
@@ -3,7 +3,7 @@
  <name>RoleChildren_entity</name>
  <majorModelMode>DISTRIBUTED</majorModelMode>
  <title>Child</title>
-  <titlePlural>Children</titlePlural>
+  <titlePlural>Child Roles</titlePlural>
  <recordContainer>jDito</recordContainer>
  <entityFields>
    <entityProvider>

--- a/entity/Role_entity/Role_entity.aod
+++ b/entity/Role_entity/Role_entity.aod
@@ -139,6 +139,12 @@
        </entityParameter>
      </children>
    </entityConsumer>
+    <entityActionField>
+      <name>deleteEverythingLinkedToRole</name>
+      <title>delete linked permissions and hierarchies</title>
+      <onActionProcess>%aditoprj%/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js</onActionProcess>
+      <iconId>VAADIN:CLOSE</iconId>
+    </entityActionField>
  </entityFields>
  <recordContainers>
    <jDitoRecordContainer>

--- a/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js
+++ b/entity/Role_entity/entityfields/deleteeverythinglinkedtorole/onActionProcess.js
+import("Permission_lib");
+import("system.vars");
+
+PermissionUtil.deleteEverythingLinkedToRole(vars.get("$field.ROLENAME"));
\ No newline at end of file
--- a/entity/Role_entity/grantDeleteProcess.js
+++ b/entity/Role_entity/grantDeleteProcess.js
+import("Permission_lib");
 import("system.vars");
 import("system.result");

-if (vars.get("$field.ROLETYPE") == "CUSTOM") {
+if (vars.get("$field.ROLETYPE") == "CUSTOM" && PermissionUtil.roleIsDeletable(vars.get("$field.ROLENAME"))) {
    result.string(true);
 } else {
    result.string(false);

--- a/entity/Role_entity/recordcontainers/jdito/onDelete.js
+++ b/entity/Role_entity/recordcontainers/jdito/onDelete.js
@@ -5,9 +5,6 @@ import("system.vars");
 var selectedRole = vars.get("$field.ROLENAME"); // field got prefix "CUSTOM_" already
 var usersWithSelectedRole = tools.getUsersWithRole(selectedRole);

-// delete permissions linked to this role
-PermissionUtil.deleteEverythingLinkedToRole(selectedRole);
-
 // remove role from all users with this role
 for each (let userWithSelectedRole in usersWithSelectedRole) {
    var user = tools.getUser(userWithSelectedRole);

--- a/neonView/RoleChildrenList_view/RoleChildrenList_view.aod
+++ b/neonView/RoleChildrenList_view/RoleChildrenList_view.aod
@@ -11,6 +11,9 @@
    <titledListViewTemplate>
      <name>TitledList</name>
      <entityField>#ENTITY</entityField>
+      <isDeletable v="false" />
+      <isEditable v="false" />
+      <isCreatable v="false" />
      <columns>
        <neonTitledListTableColumn>
          <name>0451e2ec-e216-4d4f-8080-e6b9aaf56613</name>

--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -796,6 +796,46 @@ function PermissionUtil () {}
        return affectedEntrys;
    }
    
+    /**
+     * Checks if the given role is deletable. This includes checks for linked permissions and hierarchies.
+     * 
+     * @param {String} pRole name of the role, mandatory
+     * 
+     * @result {Boolean} returns true if role is deletable, otherwise false
+     */
+    PermissionUtil.roleIsDeletable = function(pRole) {
+        // check for linked permissions
+        var sets = newSelect("ASYS_PERMISSIONSETID", alias)
+        .from("ASYS_PERMISSIONSET")
+        .where("ASYS_PERMISSIONSET.ROLE_ID", pRole)
+        .arrayColumn(true);
+        var perms = this.getPermissions(sets);
+        var actions = this.getActions(perms);
+        
+        if (sets.length != 0 || perms.length != 0 || actions.length != 0) {
+            return false;
+        }
+        
+        // check for linked hierarchies
+        // hierarchies where pRole is child
+        var parentHierarchies = newSelect("PARENT_ROLE", alias)
+        .from("ASYS_ROLES_CHILDREN")
+        .where("ASYS_ROLES_CHILDREN.CHILD_ROLE", pRole)
+        .arrayColumn(true);
+        
+        // hierarchies where pRole is parent
+        var childHierarchies = newSelect("CHILD_ROLE", alias)
+        .from("ASYS_ROLES_CHILDREN")
+        .where("ASYS_ROLES_CHILDREN.PARENT_ROLE", pRole)
+        .arrayColumn(true);
+        
+        if (parentHierarchies.length != 0 || childHierarchies != 0) {
+            return false;
+        }
+        
+        return true;
+    }
+    
 } //end of block