diff --git a/entity/PermissionAction_entity/PermissionAction_entity.aod b/entity/PermissionAction_entity/PermissionAction_entity.aod
new file mode 100644
index 0000000000000000000000000000000000000000..cd867971b4e9eb6bf463622825c4af3c58ac8cac
--- /dev/null
+++ b/entity/PermissionAction_entity/PermissionAction_entity.aod
@@ -0,0 +1,72 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<entity xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.3.10" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/entity/1.3.10">
+ <name>PermissionAction_entity</name>
+ <majorModelMode>DISTRIBUTED</majorModelMode>
+ <title>Action</title>
+ <titlePlural>Actions</titlePlural>
+ <recordContainer>jDito</recordContainer>
+ <entityFields>
+ <entityProvider>
+ <name>#PROVIDER</name>
+ </entityProvider>
+ <entityField>
+ <name>ACTION</name>
+ <title>Action</title>
+ <dropDownProcess>%aditoprj%/entity/PermissionAction_entity/entityfields/action/dropDownProcess.js</dropDownProcess>
+ <stateProcess>%aditoprj%/entity/PermissionAction_entity/entityfields/action/stateProcess.js</stateProcess>
+ <displayValueProcess>%aditoprj%/entity/PermissionAction_entity/entityfields/action/displayValueProcess.js</displayValueProcess>
+ </entityField>
+ <entityField>
+ <name>UID</name>
+ </entityField>
+ <entityProvider>
+ <name>PermissionActions</name>
+ <recordContainer>jDito</recordContainer>
+ <dependencies>
+ <entityDependency>
+ <name>c92e552c-6d88-4fe1-918f-1a9a71ea28ad</name>
+ <entityName>PermissionDetail_entity</entityName>
+ <fieldName>PermissionActions</fieldName>
+ <isConsumer v="false" />
+ </entityDependency>
+ </dependencies>
+ </entityProvider>
+ <entityConsumer>
+ <name>PermissionDetails</name>
+ <dependency>
+ <name>dependency</name>
+ <entityName>PermissionDetail_entity</entityName>
+ <fieldName>Permissions</fieldName>
+ </dependency>
+ </entityConsumer>
+ <entityParameter>
+ <name>PermissionId_param</name>
+ <expose v="true" />
+ </entityParameter>
+ <entityParameter>
+ <name>AccessType_param</name>
+ <expose v="true" />
+ </entityParameter>
+ </entityFields>
+ <recordContainers>
+ <jDitoRecordContainer>
+ <name>jDito</name>
+ <jDitoRecordAlias>_____SYSTEMALIAS</jDitoRecordAlias>
+ <contentProcess>%aditoprj%/entity/PermissionAction_entity/recordcontainers/jdito/contentProcess.js</contentProcess>
+ <onInsert>%aditoprj%/entity/PermissionAction_entity/recordcontainers/jdito/onInsert.js</onInsert>
+ <onUpdate>%aditoprj%/entity/PermissionAction_entity/recordcontainers/jdito/onUpdate.js</onUpdate>
+ <onDelete>%aditoprj%/entity/PermissionAction_entity/recordcontainers/jdito/onDelete.js</onDelete>
+ <recordFieldMappings>
+ <jDitoRecordFieldMapping>
+ <name>UID.value</name>
+ </jDitoRecordFieldMapping>
+ <jDitoRecordFieldMapping>
+ <name>ACTION.value</name>
+ </jDitoRecordFieldMapping>
+ <jDitoRecordFieldMapping>
+ <name>ACTION.displayValue</name>
+ </jDitoRecordFieldMapping>
+ </recordFieldMappings>
+ </jDitoRecordContainer>
+ </recordContainers>
+</entity>
diff --git a/entity/PermissionAction_entity/entityfields/action/displayValueProcess.js b/entity/PermissionAction_entity/entityfields/action/displayValueProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..65a3ad0b2b9e511648cf581003a9061e05a1c8ad
--- /dev/null
+++ b/entity/PermissionAction_entity/entityfields/action/displayValueProcess.js
@@ -0,0 +1,6 @@
+import("system.result");
+import("system.vars");
+
+var action = vars.get("$field.ACTION");
+
+result.string(action);
\ No newline at end of file
diff --git a/entity/PermissionAction_entity/entityfields/action/dropDownProcess.js b/entity/PermissionAction_entity/entityfields/action/dropDownProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..371de4f973263f8e8f350776ff042bf5390c5877
--- /dev/null
+++ b/entity/PermissionAction_entity/entityfields/action/dropDownProcess.js
@@ -0,0 +1,95 @@
+import("system.vars");
+import("system.result");
+
+var accesstype = vars.get("$param.AccessType_param");
+var actions = [];
+
+switch (accesstype) {
+ case "E":
+ actions = [
+ ["view", "view"],
+ ["create", "create"]
+ ]
+ break;
+ case "R":
+ actions = [
+ ["read", "read"],
+ ["update", "update"],
+ ["delete", "delete"]
+ ]
+ break;
+ case "F":
+ actions = [
+ ["read", "read"],
+ ["update", "update"]
+ ]
+}
+
+result.object(actions);
+
+
+//#############################################################################
+//################only show actions which are not yet in the DB################
+//##########################not done yet#######################################
+//#############################################################################
+//import("system.logging");
+//import("Permission_lib");
+//import("system.vars");
+//import("system.result");
+//
+//var permisson = vars.get("$param.PermissionId_param");
+//var actionIdsInDb = PermissionUtil.getPermissionAction(permisson);
+//var actionsInDb = [];
+//for each (var actionId in actionIdsInDb) {
+// actionsInDb.push(PermissionUtil.resolvePermissionActionId(actionId));
+//}
+//
+//var entityActions = ["view", "create"];
+//var recordActions = ["read", "update", "delete"];
+//var fieldActions = ["read", "update"];
+//var diff;
+//
+//var accesstype = vars.get("$param.AccessType_param");
+//var actions = [];
+//
+//switch (accesstype) {
+// case "E":
+// diff = arrDiff(actionsInDb, entityActions);
+// break;
+// case "R":
+// diff = arrDiff(actionsInDb, recordActions);
+// break;
+// case "F":
+// diff = arrDiff(actionsInDb, fieldActions);
+// break;
+//}
+//
+//for each (let entry in diff) {
+// actions.push([entry, entry]);
+//}
+//
+//result.object(actions);
+//
+//// arrDiff calculates different elements of two arrays and returns them as array, otherwise empty array
+//function arrDiff (arr1, arr2) {
+// var helperArr = [], diff = [];
+//
+// for (let i = 0; i < arr1.length; i++) {
+// helperArr[arr1[i]] = true;
+// }
+//
+// for (let i = 0; i < arr2.length; i++) {
+// if (helperArr[arr2[i]]) {
+// delete helperArr[arr2[i]];
+// }
+// else {
+// helperArr[arr2[i]] = true;
+// }
+// }
+//
+// for (var k in helperArr) {
+// diff.push(k);
+// }
+//
+// return diff;
+//}
\ No newline at end of file
diff --git a/entity/PermissionAction_entity/entityfields/action/stateProcess.js b/entity/PermissionAction_entity/entityfields/action/stateProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..b4084caba76a70eeb1b82b8f65a214904cb98d16
--- /dev/null
+++ b/entity/PermissionAction_entity/entityfields/action/stateProcess.js
@@ -0,0 +1,9 @@
+import("system.vars");
+import("system.result");
+import("system.neon");
+
+if (vars.get("$sys.recordstate") == neon.OPERATINGSTATE_NEW || vars.get("$sys.recordstate") == neon.OPERATINGSTATE_EDIT) {
+ result.string(neon.COMPONENTSTATE_EDITABLE);
+} else {
+ result.string(neon.COMPONENTSTATE_READONLY);
+}
diff --git a/entity/PermissionAction_entity/recordcontainers/jdito/contentProcess.js b/entity/PermissionAction_entity/recordcontainers/jdito/contentProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..e3af7028be1e1b0648f1c4a92b35b7e382118ff1
--- /dev/null
+++ b/entity/PermissionAction_entity/recordcontainers/jdito/contentProcess.js
@@ -0,0 +1,18 @@
+import("system.logging");
+import("system.result");
+import("system.vars");
+import("system.tools");
+import("Permission_lib");
+
+var actions = [];
+var permissionId = vars.exists("$param.PermissionId_param") && vars.get("$param.PermissionId_param");
+
+if (permissionId && PermissionUtil.existsPermission(permissionId))
+{
+ var permActions = PermissionUtil.getPermissionAction(permissionId);
+ for each (var permActionId in permActions) {
+ actions.push([permActionId[0], PermissionUtil.resolvePermissionActionId(permActionId), PermissionUtil.resolvePermissionActionId(permActionId)]);
+ }
+
+ result.object(actions);
+}
\ No newline at end of file
diff --git a/entity/PermissionAction_entity/recordcontainers/jdito/onDelete.js b/entity/PermissionAction_entity/recordcontainers/jdito/onDelete.js
new file mode 100644
index 0000000000000000000000000000000000000000..69b743814c1db71967e744c83ca9b55fa011f84d
--- /dev/null
+++ b/entity/PermissionAction_entity/recordcontainers/jdito/onDelete.js
@@ -0,0 +1,5 @@
+import("system.vars");
+import("Permission_lib");
+
+var action = vars.get("$local.uid");
+PermissionUtil.deletePermissionAction(action);
\ No newline at end of file
diff --git a/entity/PermissionAction_entity/recordcontainers/jdito/onInsert.js b/entity/PermissionAction_entity/recordcontainers/jdito/onInsert.js
new file mode 100644
index 0000000000000000000000000000000000000000..f7e1c66e82ec846dd37c2b2c5510c1a4642421cf
--- /dev/null
+++ b/entity/PermissionAction_entity/recordcontainers/jdito/onInsert.js
@@ -0,0 +1,16 @@
+import("system.logging");
+import("system.db");
+import("system.tools");
+import("system.result");
+import("system.vars");
+import("Permission_lib");
+
+var alias = "_____SYSTEMALIAS";
+var permissionId = vars.exists("$param.PermissionId_param") && vars.get("$param.PermissionId_param");
+
+if (permissionId) {
+ var newAction = vars.get("$local.rowdata")["ACTION.value"];
+ PermissionUtil.insertNewPermissionAction(permissionId, newAction, vars.get("$field.UID"));
+}
+
+tools.clearPermissionCache();
\ No newline at end of file
diff --git a/entity/PermissionAction_entity/recordcontainers/jdito/onUpdate.js b/entity/PermissionAction_entity/recordcontainers/jdito/onUpdate.js
new file mode 100644
index 0000000000000000000000000000000000000000..6d5e623b7c990ff901bcfc65cbae34e86b2b65a8
--- /dev/null
+++ b/entity/PermissionAction_entity/recordcontainers/jdito/onUpdate.js
@@ -0,0 +1,13 @@
+import("system.tools");
+import("system.result");
+import("system.vars");
+import("Permission_lib");
+
+var col = "ACTION";
+var table = "ASYS_PERMISSIONACTION";
+var permissionId = vars.exists("$param.PermissionId_param") && vars.get("$param.PermissionId_param");
+
+if (permissionId && PermissionUtil.existsPermission(permissionId)) {
+ var newAction = vars.get("$local.rowdata")["ACTION.value"];
+ PermissionUtil.updateIfDiff(vars.get("$field.UID"), newAction, col, table);
+}
\ No newline at end of file
diff --git a/entity/PermissionDetail_entity/PermissionDetail_entity.aod b/entity/PermissionDetail_entity/PermissionDetail_entity.aod
index 805cd843553b44db1fa41862d00a6f860b38af7c..bcacf9e74ba1b543ba42c577e3d76d5e7cf475e4 100644
--- a/entity/PermissionDetail_entity/PermissionDetail_entity.aod
+++ b/entity/PermissionDetail_entity/PermissionDetail_entity.aod
@@ -24,7 +24,8 @@
<entityField>
<name>ACTION</name>
<title>Action</title>
- <mandatory v="true" />
+ <mandatory v="false" />
+ <state>INVISIBLE</state>
</entityField>
<entityField>
<name>ROLE</name>
@@ -101,6 +102,12 @@
<fieldName>PermissionDetails</fieldName>
<isConsumer v="false" />
</entityDependency>
+ <entityDependency>
+ <name>62a56e76-d049-4c53-a439-79261a8058e1</name>
+ <entityName>PermissionAction_entity</entityName>
+ <fieldName>PermissionDetails</fieldName>
+ <isConsumer v="false" />
+ </entityDependency>
</dependencies>
</entityProvider>
<entityParameter>
@@ -165,6 +172,24 @@
</entityParameter>
</children>
</entityConsumer>
+ <entityConsumer>
+ <name>PermissionActions</name>
+ <dependency>
+ <name>dependency</name>
+ <entityName>PermissionAction_entity</entityName>
+ <fieldName>PermissionActions</fieldName>
+ </dependency>
+ <children>
+ <entityParameter>
+ <name>PermissionId_param</name>
+ <valueProcess>%aditoprj%/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js</valueProcess>
+ </entityParameter>
+ <entityParameter>
+ <name>AccessType_param</name>
+ <valueProcess>%aditoprj%/entity/PermissionDetail_entity/entityfields/permissionactions/children/accesstype_param/valueProcess.js</valueProcess>
+ </entityParameter>
+ </children>
+ </entityConsumer>
</entityFields>
<recordContainers>
<jDitoRecordContainer>
diff --git a/entity/PermissionDetail_entity/entityfields/condition/stateProcess.js b/entity/PermissionDetail_entity/entityfields/condition/stateProcess.js
index 71fd7034f822385b31ede8fc4d755ce78aa56a1b..419962f904c9cd0a047f5c53832be8154b966e77 100644
--- a/entity/PermissionDetail_entity/entityfields/condition/stateProcess.js
+++ b/entity/PermissionDetail_entity/entityfields/condition/stateProcess.js
@@ -3,7 +3,7 @@ import("system.result");
import("system.neon");
if(vars.get("$field.ACCESSTYPE") == "E") {
- result.string(neon.COMPONENTSTATE_DISABLED);
+ result.string(neon.COMPONENTSTATE_INVISIBLE);
} else {
if (vars.get("$sys.recordstate") == neon.OPERATINGSTATE_NEW || vars.get("$sys.recordstate") == neon.OPERATINGSTATE_EDIT) {
result.string(neon.COMPONENTSTATE_EDITABLE);
diff --git a/entity/PermissionDetail_entity/entityfields/condition/valueProcess.js b/entity/PermissionDetail_entity/entityfields/condition/valueProcess.js
index 1c44df7a4b437ff59294457d7198174510327b28..63d2b62fa7a27a2855ee7dd5967859f8049da68e 100644
--- a/entity/PermissionDetail_entity/entityfields/condition/valueProcess.js
+++ b/entity/PermissionDetail_entity/entityfields/condition/valueProcess.js
@@ -1,4 +1,3 @@
-import("system.logging");
import("system.neon");
import("system.vars");
import("system.result");
diff --git a/entity/PermissionDetail_entity/entityfields/permissionactions/children/accesstype_param/valueProcess.js b/entity/PermissionDetail_entity/entityfields/permissionactions/children/accesstype_param/valueProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..530d2556d48deea69763a157ea7713b4dc0b233f
--- /dev/null
+++ b/entity/PermissionDetail_entity/entityfields/permissionactions/children/accesstype_param/valueProcess.js
@@ -0,0 +1,3 @@
+import("system.vars");
+import("system.result");
+result.string(vars.get("$field.ACCESSTYPE"));
\ No newline at end of file
diff --git a/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js b/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js
new file mode 100644
index 0000000000000000000000000000000000000000..7f2dea6db775c3e184ecfe8b4937e583ad91ec39
--- /dev/null
+++ b/entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js
@@ -0,0 +1,17 @@
+import("system.vars");
+import("system.result");
+import("Permission_lib");
+
+var entity = vars.get("$field.ENTITY");
+var cond = vars.get("$field.CONDITION");
+var noCond = "{\"entity\":\"" + entity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+var permSetId = PermissionUtil.getPermissionSet(vars.get("$field.ROLE"), vars.get("$field.ENTITY"), vars.get("$field.ACCESSTYPE"));
+
+if (permSetId != "" && (cond == "" || cond == noCond)) {
+ var rootPermId = PermissionUtil.getDefaultPermission(permSetId);
+ if (rootPermId != "") {
+ result.string(rootPermId);
+ }
+} else {
+ result.string(vars.get("$field.UID"));
+}
\ No newline at end of file
diff --git a/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js b/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js
index 043cefec525b2ba9304aaeb29f8dd1d87c953bd2..df2a2545e7f02a5b61ab2de2d49a6e8da67488d2 100644
--- a/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js
+++ b/entity/PermissionDetail_entity/recordcontainers/jdito/onInsert.js
@@ -1,4 +1,3 @@
-import("system.logging");
import("Permission_lib");
import("system.neon");
import("system.util");
@@ -9,26 +8,20 @@ import("Permission_lib");
import("Entity_lib");
var alias = "_____SYSTEMALIAS";
+var tablename = "ASYS_PERMISSION";
var sqlExt = "";
-var permissionid = util.getNewUUID();
+var permissionid = vars.get("$field.UID");
var role = vars.get("$field.ROLE");
var entity = vars.get("$field.ENTITY");
var field = vars.get("$field.FIELD");
var accesstype = vars.get("$field.ACCESSTYPE").trim();
var condtype = vars.get("$field.CONDTYPE").trim();
var condition = vars.get("$field.CONDITION");
-var action = vars.get("$field.ACTION");
-if (checkInput([role, entity, accesstype, condtype, action])) {
- if (checkInput([field]))
- sqlExt += " and FIELD_ID = '" + field + "'";
- else if (action.includes("view") || action.includes("create"))
- sqlExt += " and ACCESSTYPE = 'E'";
- else
- sqlExt += " and ACCESSTYPE = 'R'";
-
- var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET where ENTITY_ID = '" + entity + "' and ROLE_ID = '" + role + "'" + sqlExt;
- var permissionsetid = db.cell(sqlStr, alias);
+if (checkInput([role, entity, accesstype, condtype])) {
+
+ // permission set
+ var permissionsetid = PermissionUtil.getPermissionSet(role, entity, accesstype, field);
if (permissionsetid == "") {
// no fitting permissionset found - insert new permissionset
@@ -38,35 +31,22 @@ if (checkInput([role, entity, accesstype, condtype, action])) {
} else {
rootpermissionset = PermissionUtil.getRootPermissionSet(role, entity);
}
- permissionsetid = PermissionUtil.insertNewPermissionSet(rootpermissionset, entity, role, field, accesstype)
+ permissionsetid = PermissionUtil.insertNewPermissionSet(rootpermissionset, entity, role, field, accesstype);
}
-
- // deletes permissions with CONDTYPE = 'false' - condtype=false if a permission is used to display that a entity has no permissions
- var childPermissions = PermissionUtil.getAllChildPermissions(permissionsetid);
- for each (var permid in childPermissions) {
- if (PermissionUtil.getCondType(permid) == "false") {
- let table = "ASYS_PERMISSION";
- let cond = " ASYS_PERMISSIONID = '" + permid + "'";
- db.deleteData(table, cond, alias); // delete permission with cond type = false
- }
- }
-
- // check if a new permissions is needed or an existing one can be used
- var existingPermId = permExists(role, entity, field, accesstype, condtype, condition);
- if (existingPermId != "") {
- // update
- permissionid = existingPermId;
+
+ // permission
+ var existingPerm = PermissionUtil.getPermission(role, entity, field, accesstype, condition);
+ if (existingPerm == "") {
+ // no existing perm found -> insert
+ PermissionUtil.insertNewPermission(permissionsetid, condition, condtype, permissionid);
} else {
- // permission doesnt exist -> insert new permission
- // new permissionid is needed to link actions to the permission in the next step
- permissionid = PermissionUtil.insertNewPermission(permissionsetid, condition, condtype)
+ // existing perm found -> update
+ PermissionUtil.updateIfDiff(existingPerm, permissionsetid, "ASYS_PERMISSIONSET_ID", tablename);
+ PermissionUtil.updateIfDiff(existingPerm, condition, "COND", tablename);
+ PermissionUtil.updateIfDiff(existingPerm, "true", "CONDTYPE", tablename);
}
- // insert new permissionaction
- var actionNew = action.split(",");
- for each (let permaction in actionNew) {
- PermissionUtil.insertNewPermissionAction(permissionid, permaction);
- }
+ // permission action gets created in PermissionAction_entity
tools.clearPermissionCache();
}
@@ -80,23 +60,51 @@ function checkInput(pInputArr) {
return true;
}
-// returns permissionid of the permission with fitting parameters, otherwise returns empty string
-function permExists(pRole, pEntity, pField, pAccesstype, pCondtype, pCondition) {
- var sqlStr = "";
- var sqlExt = "";
-
- if (checkInput([pCondition])) {
- sqlExt += " and COND like '%" + pCondition + "%'";
- }
-
- if (checkInput([pField])) {
- sqlExt += " and FIELD_ID = '" + pField + "'";
- }
-
- sqlStr = "select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSIONSET"
- + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID"
- + " where ENTITY_ID = '" + pEntity + "' and ROLE_ID = '" + pRole + "'"
- + " and ACCESSTYPE = '" + pAccesstype + "' and CONDTYPE = '" + pCondtype + "'" + sqlExt;
- var permId = db.cell(sqlStr, alias);
- return permId;
-}
\ No newline at end of file
+//
+// // deletes permissions with CONDTYPE = 'false' - condtype=false if a permission is used to display that a entity has no permissions
+// var childPermissions = PermissionUtil.getAllChildPermissions(permissionsetid);
+// for each (var permid in childPermissions) {
+// if (PermissionUtil.getCondType(permid) == "false") {
+// PermissionUtil.deletePermission(permid);
+// }
+// }
+//
+// // check if a new permissions is needed or an existing one can be used
+// var existingPermId = permExists(role, entity, field, accesstype, condtype, condition);
+// if (existingPermId != "") {
+// // update
+// permissionid = existingPermId;
+// } else {
+// // permission doesnt exist -> insert new permission
+// // new permissionid is needed to link actions to the permission in the next step
+// logging.log("onInsert cond: " + condition);
+// permissionid = PermissionUtil.insertNewPermission(permissionsetid, condition, condtype)
+// }
+//
+// // insert new permissionaction
+// var actionNew = action.split(",");
+// for each (let permaction in actionNew) {
+// PermissionUtil.insertNewPermissionAction(permissionid, permaction);
+// }
+//
+//
+//// returns permissionid of the permission with fitting parameters, otherwise returns empty string
+//function permExists(pRole, pEntity, pField, pAccesstype, pCondtype, pCondition) {
+// var sqlStr = "";
+// var sqlExt = "";
+//
+// if (checkInput([pCondition])) {
+// sqlExt += " and cast(COND as varchar(999) = '" + pCondition + "'";
+// }
+//
+// if (checkInput([pField])) {
+// sqlExt += " and FIELD_ID = '" + pField + "'";
+// }
+//
+// sqlStr = "select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSIONSET"
+// + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID"
+// + " where ENTITY_ID = '" + pEntity + "' and ROLE_ID = '" + pRole + "'"
+// + " and ACCESSTYPE = '" + pAccesstype + "' and CONDTYPE = '" + pCondtype + "'" + sqlExt;
+// var permId = db.cell(sqlStr, alias);
+// return permId;
+//}
\ No newline at end of file
diff --git a/neonContext/PermissionAction/PermissionAction.aod b/neonContext/PermissionAction/PermissionAction.aod
new file mode 100644
index 0000000000000000000000000000000000000000..d59ee2df144a9e3cff48b0f6a69a2063c6ab5a71
--- /dev/null
+++ b/neonContext/PermissionAction/PermissionAction.aod
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<neonContext xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.1.0" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/neonContext/1.1.0">
+ <name>PermissionAction</name>
+ <title>Permission Action</title>
+ <majorModelMode>DISTRIBUTED</majorModelMode>
+ <entity>PermissionAction_entity</entity>
+ <references>
+ <neonViewReference>
+ <name>e2098ef8-52da-4a97-abf9-e313be9ba43f</name>
+ <view>PermissionActionEdit_view</view>
+ </neonViewReference>
+ <neonViewReference>
+ <name>2d27ce8b-7676-4db8-9644-006b2d83d61f</name>
+ <view>PermissionActionFilter_view</view>
+ </neonViewReference>
+ </references>
+</neonContext>
diff --git a/neonView/PermissionActionEdit_view/PermissionActionEdit_view.aod b/neonView/PermissionActionEdit_view/PermissionActionEdit_view.aod
new file mode 100644
index 0000000000000000000000000000000000000000..9a9c84f8257b9f369d7c8455519121792ffe4f1e
--- /dev/null
+++ b/neonView/PermissionActionEdit_view/PermissionActionEdit_view.aod
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<neonView xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.1.2" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/neonView/1.1.2">
+ <name>PermissionActionEdit_view</name>
+ <majorModelMode>DISTRIBUTED</majorModelMode>
+ <layout>
+ <noneLayout>
+ <name>layout</name>
+ </noneLayout>
+ </layout>
+ <children>
+ <genericMultipleViewTemplate>
+ <name>GenericMultiple</name>
+ <entityField>#ENTITY</entityField>
+ <title>Action</title>
+ <columns>
+ <neonTableColumn>
+ <name>0272107d-c34c-40e7-974e-5a63d2239fdb</name>
+ <entityField>ACTION</entityField>
+ </neonTableColumn>
+ </columns>
+ </genericMultipleViewTemplate>
+ </children>
+</neonView>
diff --git a/neonView/PermissionActionFilter_view/PermissionActionFilter_view.aod b/neonView/PermissionActionFilter_view/PermissionActionFilter_view.aod
new file mode 100644
index 0000000000000000000000000000000000000000..3bbf8059184dc70dc4053b1c43338fc19f829655
--- /dev/null
+++ b/neonView/PermissionActionFilter_view/PermissionActionFilter_view.aod
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<neonView xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.1.2" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/neonView/1.1.2">
+ <name>PermissionActionFilter_view</name>
+ <majorModelMode>DISTRIBUTED</majorModelMode>
+ <layout>
+ <noneLayout>
+ <name>layout</name>
+ </noneLayout>
+ </layout>
+ <children>
+ <tableViewTemplate>
+ <name>Table</name>
+ <entityField>#ENTITY</entityField>
+ <columns>
+ <neonTableColumn>
+ <name>87d9c672-bce9-489a-b0cd-f8fcd2e4cdfd</name>
+ <entityField>ACTION</entityField>
+ </neonTableColumn>
+ </columns>
+ </tableViewTemplate>
+ </children>
+</neonView>
diff --git a/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod b/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod
index 8ef8579b7a1540329efda5245002705fd31b22ff..5a86fdf6d84f791ab91f4abd6c7269a73bd5eca4 100644
--- a/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod
+++ b/neonView/PermissionDetailEdit_view/PermissionDetailEdit_view.aod
@@ -4,9 +4,9 @@
<majorModelMode>DISTRIBUTED</majorModelMode>
<isSmall v="true" />
<layout>
- <boxLayout>
+ <noneLayout>
<name>layout</name>
- </boxLayout>
+ </noneLayout>
</layout>
<children>
<genericViewTemplate>
@@ -40,5 +40,10 @@
</entityFieldLink>
</fields>
</genericViewTemplate>
+ <neonViewReference>
+ <name>bde148a0-e0ba-45e1-9402-f2855fd2ec4a</name>
+ <entityField>PermissionActions</entityField>
+ <view>PermissionActionEdit_view</view>
+ </neonViewReference>
</children>
</neonView>
diff --git a/neonView/PermissionDetailPreview_view/PermissionDetailPreview_view.aod b/neonView/PermissionDetailPreview_view/PermissionDetailPreview_view.aod
index 5ebbf66f77e25fcb516748764f0e687e3f9cd596..4a5ae421786a728f041aad983d1c0fa6871bb9a3 100644
--- a/neonView/PermissionDetailPreview_view/PermissionDetailPreview_view.aod
+++ b/neonView/PermissionDetailPreview_view/PermissionDetailPreview_view.aod
@@ -3,9 +3,9 @@
<name>PermissionDetailPreview_view</name>
<majorModelMode>DISTRIBUTED</majorModelMode>
<layout>
- <boxLayout>
+ <noneLayout>
<name>layout</name>
- </boxLayout>
+ </noneLayout>
</layout>
<children>
<cardViewTemplate>
@@ -29,5 +29,10 @@
</entityFieldLink>
</fields>
</genericViewTemplate>
+ <neonViewReference>
+ <name>b9e52e84-8ed8-4fe1-a938-6c6ff399c418</name>
+ <entityField>PermissionActions</entityField>
+ <view>PermissionActionFilter_view</view>
+ </neonViewReference>
</children>
</neonView>
diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index 689c3577f4200a347625f62998acd1ccc3305026..bec5de949e05a8cad27e1e644de9705220b7630b 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -301,6 +301,28 @@ PermissionUtil.getPermissionAction = function(pPermId) {
return db.table(sqlStr, alias);
}
+/**
+ * Gets the permission set id of a given role-entity-accesstype-combination.
+ *
+ * @param {String} pRole the name of the role
+ *
+ * @param {String} pEntity the name of the entity
+ *
+ * @param {String} pAccessType the name of the access type (E,R,F)
+ *
+ * @param {String} pField the name of the field
+ *
+ * @result {String} returns the id of the matching permission set. The result can never be null.
+ */
+PermissionUtil.getPermissionSet = function(pRole, pEntity, pAccessType, pField) {
+ var sqlStr = "select ASYS_PERMISSIONSETID from ASYS_PERMISSIONSET"
+ + " where ROLE_ID = '" + pRole + "' and ENTITY_ID = '" + pEntity + "' and ACCESSTYPE = '" + pAccessType + "'";
+ if (pField != null && pField != "" && pField != undefined) {
+ sqlStr += " and FIELD_ID = '" + pField + "'";
+ }
+ return db.cell(sqlStr, alias);
+}
+
/**
* Gets the root permission set of a entity-role-combination.
*
@@ -412,15 +434,22 @@ PermissionUtil.insertNewPermissionSet = function(pParentPermSet, pEntity, pRole,
*
* @param {String} pCondType The Condition Type of the permission, should nearly always be "true"
*
+ * @param {String} pPermId The id of the new permission (can be empty/null)
+ *
* @result {Integer} returns the id of the inserted permission
*/
-PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType) {
+PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType, pPermId) {
var table = "ASYS_PERMISSION";
var cols = db.getColumns(table, alias);
- var permid = util.getNewUUID();
- var vals = [permid, pParentPermSet, pCond, pCondType];
+ var permId;
+ if (pPermId != null && pPermId != "" && pPermId != undefined) {
+ permId = pPermId;
+ } else {
+ permId = util.getNewUUID();
+ }
+ var vals = [permId, pParentPermSet, pCond, pCondType];
db.insertData(table, cols, null, vals, alias);
- return permid;
+ return permId;
}
/**
@@ -430,30 +459,138 @@ PermissionUtil.insertNewPermission = function(pParentPermSet, pCond, pCondType)
*
* @param {String} pAction Action (view, create,...), mandatory
*
- * @result {Integer} returns the id of the inserted permission action
+ * @param {String} pActionId The id of the new permission action
+ *
+ * @result {Integer} returns the id of the inserted permission action, returns null if insert was not possible
*/
-PermissionUtil.insertNewPermissionAction = function(pParentPerm, pAction) {
+PermissionUtil.insertNewPermissionAction = function(pParentPerm, pAction, pActionId) {
var table = "ASYS_PERMISSIONACTION";
var cols = db.getColumns(table, alias);
- var permactionid = util.getNewUUID();
- var vals = [pAction, permactionid, pParentPerm];
- db.insertData(table, cols, null, vals, alias);
- return permactionid;
+ var permactionid;
+
+ var actions = PermissionUtil.getPermissionAction(pParentPerm);
+ var sqlStr = "select ACCESSTYPE from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + PermissionUtil.getParentPermissionSet(pParentPerm) + "'";
+ var accesstype = db.cell(sqlStr, alias);
+ var insertIsAllowed = true;
+
+ switch (accesstype) {
+ case "R":
+ if (actions.length >= 3) {
+ insertIsAllowed = false;
+ }
+ break;
+ default:
+ if (actions.length >= 2) {
+ insertIsAllowed = false;
+ }
+ break;
+ }
+
+ if (insertIsAllowed) {
+ sqlStr = "select ASYS_PERMISSIONACTIONID from ASYS_PERMISSIONACTION where ASYS_PERMISSIONACTIONID = '" + pActionId + "'"; // if same id is already in db -> create new UID
+
+ if (pActionId != null & pActionId != "" && pActionId != undefined && db.cell(sqlStr, alias) == "") {
+ permactionid = pActionId;
+ } else {
+ permactionid = util.getNewUUID();
+ }
+ var vals = [pAction, permactionid, pParentPerm];
+ db.insertData(table, cols, null, vals, alias);
+ return permactionid;
+ }
+ return null;
}
/**
- * Returns the cond type of a permission.
- *
- * @param {String} pPerm The permission, mandatory
- *
- * @result {Integer} returns the cond type of a permission
- */
+ * Returns the cond type of a permission.
+ *
+ * @param {String} pPerm The permission, mandatory
+ *
+ * @result {Integer} returns the cond type of a permission
+ */
PermissionUtil.getCondType = function(pPerm) {
var table = "ASYS_PERMISSION";
var sqlStr = "select CONDTYPE from " + table + " where ASYS_PERMISSIONID = '" + pPerm + "'";
return db.cell(sqlStr, alias);
}
+/**
+ * Returns true if the permission exists, otherwise false.
+ *
+ * @param {String} pPermId The permission id
+ *
+ * @result {Boolean} true if permission exists, otherwise false
+ */
+PermissionUtil.existsPermission = function(pPermId) {
+ var table = "ASYS_PERMISSION";
+ var sqlStr = "select COUNT(*) from " + table + " where ASYS_PERMISSIONID = '" + pPermId + "'";
+ if (db.cell(sqlStr, alias) != "0") {
+ return true;
+ }
+ return false;
+}
+
+/**
+ * Returns permissionid of the permission with fitting parameters, otherwise returns empty string
+ *
+ * @param {String} pRole Name of the role
+ *
+ * @param {String} pEntity Name of the entity
+ *
+ * @param {String} pField Name of the field
+ *
+ * @param {String} pAccesstype Accesstype (E,F,R)
+ *
+ * @param {String} pCondition The condition (Filter in JSON-format)
+ *
+ * @param {String} pCondtype Type of the condition (true/false)
+ *
+ * @result {String} Returns the id of the permission with fitting parameters, otherwise returns empty string, can never be null
+ *
+ */
+PermissionUtil.getPermission = function(pRole, pEntity, pField, pAccesstype, pCondition, pCondtype) {
+ var sqlStr = "";
+ var sqlExt = "";
+ var noCond = "{\"entity\":\"" + pEntity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+
+ if (checkInput([pCondition])) {
+ if (pCondition == noCond) {
+ sqlExt += " and (COND like '%" + pCondition + "%' or COND is null)";
+ } else {
+ sqlExt += " and COND like '%" + pCondition + "%'";
+ }
+ }
+
+ if (checkInput([pField])) {
+ sqlExt += " and FIELD_ID = '" + pField + "'";
+ }
+
+ if (checkInput([pCondtype])) {
+ sqlExt += " and CONDTYPE = '" + pCondtype + "'";
+ }
+
+ sqlStr = "select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSIONSET"
+ + " join ASYS_PERMISSION on ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID"
+ + " where ENTITY_ID = '" + pEntity + "' and ROLE_ID = '" + pRole + "'"
+ + " and ACCESSTYPE = '" + pAccesstype + "'" + sqlExt;
+ var permId = db.cell(sqlStr, alias);
+ return permId;
+}
+
+/**
+ * Deletes a permission action from ASYS_PERMISSIONACTION.
+ *
+ * @param {String} pPermActionId The permission action id which should be deleted, mandatory
+ *
+ * @result {Integer} returns the number of deleted records
+ */
+PermissionUtil.deletePermissionAction = function(pPermActionId) {
+ var table = "ASYS_PERMISSIONACTION";
+ var cond = " ASYS_PERMISSIONACTIONID = '" + pPermActionId + "'";
+ return db.deleteData(table, cond, alias);
+}
+
+
// arrDiff calculates different elements of two arrays and returns them as array, otherwise empty array
function arrDiff (arr1, arr2) {
var helperArr = [], diff = [];
@@ -476,4 +613,13 @@ function arrDiff (arr1, arr2) {
}
return diff;
+}
+
+// checks input array if each element is a valid input, returns true if valid, otherwise false
+function checkInput(pInputArr) {
+ for each (var input in pInputArr) {
+ if (input == undefined || input == null || input == "")
+ return false;
+ }
+ return true;
}
\ No newline at end of file