diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index f4046891fd046027d1d6f4a726f096f418c6a50c..ad9832922aee643117bad0e7aa4bda94d9bbcce9 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -1,3 +1,5 @@
+import("system.logging");
+import("system.vars");
import("system.tools");
import("system.SQLTYPES");
import("system.util");
@@ -16,7 +18,7 @@ function PermissionUtil () {}
let alias = SqlUtils.getSystemAlias();
let sqlHelper = new SqlMaskingUtils(alias);
-
+
/**
* Returns the default empty condition string for the given entity.
*
@@ -39,9 +41,9 @@ function PermissionUtil () {}
PermissionUtil.getChildSetsOfSet = function (pSetId)
{
return newSelect("ASYS_PERMISSIONSETID", alias)
- .from("ASYS_PERMISSIONSET")
- .whereIfSet("ASYS_PERMISSIONSET.ASYS_PERMISSIONSET_ID", pSetId)
- .arrayColumn(true);
+ .from("ASYS_PERMISSIONSET")
+ .whereIfSet("ASYS_PERMISSIONSET.ASYS_PERMISSIONSET_ID", pSetId)
+ .arrayColumn(true);
}
/**
@@ -54,10 +56,10 @@ function PermissionUtil () {}
PermissionUtil.getActionsOfSet = function (pSetId)
{
return newSelect("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", alias)
- .from("ASYS_PERMISSIONACTION")
- .join("ASYS_PERMISSION", "ASYS_PERMISSION.ASYS_PERMISSIONID = ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID")
- .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetId)
- .arrayColumn(true);
+ .from("ASYS_PERMISSIONACTION")
+ .join("ASYS_PERMISSION", "ASYS_PERMISSION.ASYS_PERMISSIONID = ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID")
+ .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetId)
+ .arrayColumn(true);
}
/**
@@ -72,9 +74,9 @@ function PermissionUtil () {}
return [];
return newSelect("ASYS_PERMISSIONACTIONID", alias)
- .from("ASYS_PERMISSIONACTION")
- .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID", pPermIds, SqlBuilder.IN())
- .arrayColumn(true);
+ .from("ASYS_PERMISSIONACTION")
+ .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID", pPermIds, SqlBuilder.IN())
+ .arrayColumn(true);
}
/**
@@ -87,9 +89,9 @@ function PermissionUtil () {}
PermissionUtil.resolveActionId = function (pActionId)
{
return newSelect("ASYS_PERMISSIONACTION.ACTION", alias)
- .from("ASYS_PERMISSIONACTION")
- .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", pActionId)
- .cell(true);
+ .from("ASYS_PERMISSIONACTION")
+ .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", pActionId)
+ .cell(true);
}
/**
@@ -133,7 +135,7 @@ function PermissionUtil () {}
return notFound;
}
-/**
+ /**
* Checks a permission if the given actions are different to the actions in the database.
*
* @param {String} pPermId permission id to which the actions are linked to
@@ -144,9 +146,9 @@ function PermissionUtil () {}
*/
PermissionUtil.getActionDiff = function(pPermId, pActionNew) {
var actionOld = newSelect("ACTION", alias)
- .from("ASYS_PERMISSIONACTION")
- .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID", pPermId)
- .arrayColumn(true);
+ .from("ASYS_PERMISSIONACTION")
+ .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID", pPermId)
+ .arrayColumn(true);
return arrDiff(actionOld, pActionNew);
}
@@ -166,9 +168,9 @@ function PermissionUtil () {}
*/
PermissionUtil.isDiff = function(pId, pString, pDbCol, pDbTable) {
var stringDb = newSelect(pDbCol, alias)
- .from(pDbTable)
- .whereIfSet([pDbTable, pDbTable + "ID"], pId)
- .cell(true);
+ .from(pDbTable)
+ .whereIfSet([pDbTable, pDbTable + "ID"], pId)
+ .cell(true);
return stringDb != pString ? true : false;
}
@@ -210,13 +212,13 @@ function PermissionUtil () {}
*/
PermissionUtil.getNumberOfPermissions = function(pEntityName, pRole) {
return newSelect("COUNT(*)", alias)
- .from("ASYS_PERMISSIONSET")
- .whereIfSet("ASYS_PERMISSIONSET.ENTITY_ID", pEntityName)
- .andIfSet("ASYS_PERMISSIONSET.ROLE_ID", pRole)
- .cell(true, "0");
+ .from("ASYS_PERMISSIONSET")
+ .whereIfSet("ASYS_PERMISSIONSET.ENTITY_ID", pEntityName)
+ .andIfSet("ASYS_PERMISSIONSET.ROLE_ID", pRole)
+ .cell(true, "0");
}
-/**
+ /**
* Gets the default permission of the root permission set.
*
* @param {String} pPermId id of the permission
@@ -228,9 +230,9 @@ function PermissionUtil () {}
while (parentSet[0] != "") {
parentSet = newSelect("ASYS_PERMISSIONSET_ID, ASYS_PERMISSIONSETID", alias)
- .from("ASYS_PERMISSIONSET")
- .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", parentSet[0])
- .arrayRow();
+ .from("ASYS_PERMISSIONSET")
+ .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", parentSet[0])
+ .arrayRow();
}
return PermissionUtil.getPermissionWithoutCond(parentSet[1]);
@@ -245,9 +247,9 @@ function PermissionUtil () {}
*/
PermissionUtil._getEntity = function(pSetId) {
return newSelect("ENTITY_ID", alias)
- .from("ASYS_PERMISSIONSET")
- .whereIfSet("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", pSetId)
- .cell(true, "");
+ .from("ASYS_PERMISSIONSET")
+ .whereIfSet("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", pSetId)
+ .cell(true, "");
}
/**
@@ -261,13 +263,13 @@ function PermissionUtil () {}
var emptyCond = PermissionUtil.getEmptyCondString(PermissionUtil._getEntity(pSetId));
return newSelect("ASYS_PERMISSIONID", alias)
- .from("ASYS_PERMISSION")
- .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetId)
- .and(new SqlBuilder(alias).where()
- .or("COND is null")
- .or("ASYS_PERMISSION.COND", emptyCond, sqlHelper.castLob("#", 254) +" = ?")
- )
- .cell();
+ .from("ASYS_PERMISSION")
+ .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetId)
+ .and(new SqlBuilder(alias).where()
+ .or("COND is null")
+ .or("ASYS_PERMISSION.COND", emptyCond, sqlHelper.castLob("#", 254) +" = ?")
+ )
+ .cell();
}
/**
@@ -281,13 +283,13 @@ function PermissionUtil () {}
var emptyCond = PermissionUtil.getEmptyCondString(PermissionUtil._getEntity(pSetId));
return newSelect("ASYS_PERMISSIONID", alias)
- .from("ASYS_PERMISSION")
- .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetId)
- .and(new SqlBuilder(alias).where()
- .or("COND is not null")
- .or("ASYS_PERMISSION.COND", emptyCond, sqlHelper.castLob("#", 254) +" != ?")
- )
- .arrayColumn();
+ .from("ASYS_PERMISSION")
+ .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetId)
+ .and(new SqlBuilder(alias).where()
+ .or("COND is not null")
+ .or("ASYS_PERMISSION.COND", emptyCond, sqlHelper.castLob("#", 254) +" != ?")
+ )
+ .arrayColumn();
}
/**
@@ -306,10 +308,10 @@ function PermissionUtil () {}
PermissionUtil.getSet = function(pRole, pEntity, pAccessType, pField) {
var query = newSelect("ASYS_PERMISSIONSETID", alias)
- .from("ASYS_PERMISSIONSET")
- .where("ASYS_PERMISSIONSET.ROLE_ID", pRole)
- .and("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
- .and("ASYS_PERMISSIONSET.ACCESSTYPE", pAccessType);
+ .from("ASYS_PERMISSIONSET")
+ .where("ASYS_PERMISSIONSET.ROLE_ID", pRole)
+ .and("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
+ .and("ASYS_PERMISSIONSET.ACCESSTYPE", pAccessType);
if (pField) {
query.and("ASYS_PERMISSIONSET.FIELD_ID", pField)
@@ -328,11 +330,11 @@ function PermissionUtil () {}
*/
PermissionUtil.getSetRoot = function(pRole, pEntity) {
return newSelect("ASYS_PERMISSIONSETID", alias)
- .from("ASYS_PERMISSIONSET")
- .where("ASYS_PERMISSIONSET.ROLE_ID", pRole)
- .and("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
- .and("ASYS_PERMISSIONSET.ACCESSTYPE", "E")
- .cell();
+ .from("ASYS_PERMISSIONSET")
+ .where("ASYS_PERMISSIONSET.ROLE_ID", pRole)
+ .and("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
+ .and("ASYS_PERMISSIONSET.ACCESSTYPE", "E")
+ .cell();
}
/**
@@ -344,9 +346,9 @@ function PermissionUtil () {}
*/
PermissionUtil.getParentSet = function(pPermId) {
return newSelect("ASYS_PERMISSIONSET_ID", alias)
- .from("ASYS_PERMISSION")
- .where("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
- .cell();
+ .from("ASYS_PERMISSION")
+ .where("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
+ .cell();
}
/**
@@ -358,9 +360,9 @@ function PermissionUtil () {}
*/
PermissionUtil.getParentSetOfSet = function(pSetId) {
return newSelect("ASYS_PERMISSIONSET_ID", alias)
- .from("ASYS_PERMISSIONSET")
- .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", pSetId)
- .cell();
+ .from("ASYS_PERMISSIONSET")
+ .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", pSetId)
+ .cell();
}
/**
@@ -389,9 +391,9 @@ function PermissionUtil () {}
*/
PermissionUtil.getPermissions = function(pSetIds) {
return newSelect("ASYS_PERMISSIONID", alias)
- .from("ASYS_PERMISSION")
- .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetIds, SqlBuilder.IN())
- .arrayColumn(true); // returns empty array if pSetIds is an empty array
+ .from("ASYS_PERMISSION")
+ .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONSET_ID", pSetIds, SqlBuilder.IN())
+ .arrayColumn(true); // returns empty array if pSetIds is an empty array
}
/**
@@ -403,9 +405,9 @@ function PermissionUtil () {}
*/
PermissionUtil.getCondType = function(pPermId) {
return newSelect("CONDTYPE", alias)
- .from("ASYS_PERMISSION")
- .where("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
- .cell();
+ .from("ASYS_PERMISSION")
+ .where("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
+ .cell();
}
/**
@@ -491,9 +493,9 @@ function PermissionUtil () {}
];
var actionNotExists = newSelect("ASYS_PERMISSIONACTIONID", alias)
- .from("ASYS_PERMISSIONACTION")
- .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", pActionId)
- .cell(true) == "";
+ .from("ASYS_PERMISSIONACTION")
+ .whereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", pActionId)
+ .cell(true) == "";
var actionId;
if (pActionId != null & pActionId != "" && pActionId != undefined && actionNotExists) {
@@ -517,9 +519,9 @@ function PermissionUtil () {}
*/
PermissionUtil.getCond = function(pPermId) {
return newSelect("COND", alias)
- .from("ASYS_PERMISSION")
- .where("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
- .cell();
+ .from("ASYS_PERMISSION")
+ .where("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
+ .cell();
}
/**
@@ -531,9 +533,9 @@ function PermissionUtil () {}
*/
PermissionUtil.permissionExists = function(pPermId) {
var permissionCount = newSelect("COUNT(*)", alias)
- .from("ASYS_PERMISSION")
- .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
- .cell(true, "0");
+ .from("ASYS_PERMISSION")
+ .whereIfSet("ASYS_PERMISSION.ASYS_PERMISSIONID", pPermId)
+ .cell(true, "0");
return permissionCount != "0";
}
@@ -549,10 +551,10 @@ function PermissionUtil () {}
*/
PermissionUtil.actionExists = function(pAction, pPermId) {
var permissionActionCount = newSelect("COUNT(*)", alias)
- .from("ASYS_PERMISSIONACTION")
- .where("ASYS_PERMISSIONACTION.ACTION", pAction)
- .and("ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID", pPermId)
- .cell();
+ .from("ASYS_PERMISSIONACTION")
+ .where("ASYS_PERMISSIONACTION.ACTION", pAction)
+ .and("ASYS_PERMISSIONACTION.ASYS_PERMISSION_ID", pPermId)
+ .cell();
return permissionActionCount != 0;
}
@@ -577,20 +579,20 @@ function PermissionUtil () {}
*/
PermissionUtil.getPermission = function(pRole, pEntity, pField, pAccesstype, pCondition, pCondtype) {
var permissionSelect = newSelect("ASYS_PERMISSION.ASYS_PERMISSIONID", alias)
- .from("ASYS_PERMISSIONSET")
- .join("ASYS_PERMISSION", "ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID")
- .where("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
- .and("ASYS_PERMISSIONSET.ROLE_ID", pRole)
- .and("ASYS_PERMISSIONSET.ACCESSTYPE", pAccesstype)
+ .from("ASYS_PERMISSIONSET")
+ .join("ASYS_PERMISSION", "ASYS_PERMISSION.ASYS_PERMISSIONSET_ID = ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID")
+ .where("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
+ .and("ASYS_PERMISSIONSET.ROLE_ID", pRole)
+ .and("ASYS_PERMISSIONSET.ACCESSTYPE", pAccesstype)
var emptyCond = PermissionUtil.getEmptyCondString(pEntity);
if (checkInput([pCondition])) {
if (pCondition == emptyCond) {
permissionSelect.and(new SqlBuilder(alias).where()
- .or("ASYS_PERMISSION.COND", emptyCond, sqlHelper.castLob("#", 254) + " = ?")
- .or("COND is null")
- );
+ .or("ASYS_PERMISSION.COND", emptyCond, sqlHelper.castLob("#", 254) + " = ?")
+ .or("COND is null")
+ );
} else {
// SqlMaskingUtils.castLob causes an error in this case (at least on derby-db)
// derby-db max size of char is 254 and castLob casts to char first, then to varchar
@@ -620,7 +622,7 @@ function PermissionUtil () {}
*/
PermissionUtil.deleteAction = function(pActionId) {
return newWhereIfSet("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID", pActionId, undefined, undefined, alias)
- .deleteData(true, "ASYS_PERMISSIONACTION");
+ .deleteData(true, "ASYS_PERMISSIONACTION");
}
/**
@@ -659,6 +661,50 @@ function PermissionUtil () {}
return roleTitle;
}
+ /**
+ * Checks if an given action is linked to any permission of the current user.
+ *
+ * @param {String} pEntity name of the entity, mandatory
+ *
+ * @param {String} pAccesstype type of accesslevel ("E", "R" or "F"), mandatory
+ *
+ * @param {String} pAction action to be checked (view, create, read, update, delete), mandatory
+ *
+ * @param {String} pField name of the field, nullable
+ *
+ * @param {String} pCondition condition of the permissions, nullable
+ *
+ * @result {String} returns true if user has the given action linked to a permission, otherwise false
+ */
+ PermissionUtil.userHasAction = function(pEntity, pAccesstype, pAction, pField, pCondition) {
+ var userRoles = tools.getRoles(vars.get("$sys.user"));
+ var permissions = [];
+ var condition;
+
+ if (checkInput(pCondition)) {
+ condition = pCondition;
+ } else {
+ condition = PermissionUtil.getEmptyCondString(pEntity);
+ }
+
+ for each(let role in userRoles) {
+ permissions.push(PermissionUtil.getPermission(role, pEntity, pField, pAccesstype, condition, "1"))
+ }
+
+ if (permissions.length > 0) {
+ for each(let perm in permissions) {
+ var actionsOfPerm = PermissionUtil.getActions([perm])
+ for each(let action in actionsOfPerm) {
+ if (PermissionUtil.resolveActionId(action) == pAction) {
+ return true;
+ break;
+ }
+ }
+ }
+ }
+ return false;
+ }
+
} //end of block