[Projekt: Entwicklung - Neon][TicketNr.: 1086772][Nicht berechtigte verknüpfte...

[Projekt: Entwicklung - Neon][TicketNr.: 1086772][Nicht berechtigte verknüpfte Datensätze führen zu Fehlern]

entity/ActivityLink_entity/ActivityLink_entity.aod

@@ -20,6 +20,7 @@
       <title>{$OBJECTLINK_TYPE}</title>
       <consumer>Context</consumer>
       <mandatory v="true" />
+      <stateProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_type/stateProcess.js</stateProcess>
       <displayValueProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_type/displayValueProcess.js</displayValueProcess>
     </entityField>
     <entityField>
@@ -28,6 +29,7 @@
       <consumer>Objects</consumer>
       <linkedContextProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_rowid/linkedContextProcess.js</linkedContextProcess>
       <mandatory v="true" />
+      <stateProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js</stateProcess>
       <displayValueProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js</displayValueProcess>
     </entityField>
     <entityField>
@@ -94,6 +96,10 @@
       <name>#PROVIDER_AGGREGATES</name>
       <useAggregates v="true" />
     </entityProvider>
+    <entityField>
+      <name>OBJECT_PERMISSION_RESULT</name>
+      <valueProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js</valueProcess>
+    </entityField>
   </entityFields>
   <recordContainers>
     <dbRecordContainer>

entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js

+import("Permission_lib");
+import("system.result");
+import("system.vars");
+
+var res = PermissionUtil.getPermissionResult(vars.get("$field.OBJECT_TYPE"), vars.get("$field.OBJECT_ROWID"), vars.get("$sys.recordstate"), vars.get("$sys.user"));
+result.string(JSON.stringify(res));

entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js

-import("system.neon");
 import("system.vars");
-import("system.db");
 import("system.result");
-import("Context_lib");
 
-if(vars.get("$sys.recordstate") == neon.OPERATINGSTATE_NEW && !vars.get("$field.OBJECT_ROWID")) {
-    result.string("");
-} else if (vars.exists("$field.OBJECT_TYPE") && vars.get("$field.OBJECT_TYPE")) {
-    result.string(ContextUtils.getTitleByContext(vars.get("$field.OBJECT_TYPE"), vars.get("$field.OBJECT_ROWID")));
-}
\ No newline at end of file
+var permissionResult = JSON.parse(vars.get("$field.OBJECT_PERMISSION_RESULT"));
+result.string(permissionResult.title);

entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js

+import("Permission_lib");
+import("system.result");
+import("system.vars");
+
+var permissionResult = JSON.parse(vars.get("$field.OBJECT_PERMISSION_RESULT"));
+result.string(PermissionUtil.getVisibilityByPermissionResult(permissionResult, vars.get("$sys.recordstate")));

entity/ActivityLink_entity/entityfields/object_type/stateProcess.js

+import("Permission_lib");
+import("system.vars");
+import("system.result");
+
+var permissionResult = JSON.parse(vars.get("$field.OBJECT_PERMISSION_RESULT"));
+result.string(PermissionUtil.getVisibilityByPermissionResult(permissionResult, vars.get("$sys.recordstate")));

process/Permission_lib/process.js

+import("system.translate");
+import("Context_lib");
+import("system.logging");
+import("system.neon");
 import("system.vars");
 import("system.tools");
 import("system.SQLTYPES");
@@ -52,6 +56,10 @@ PermissionEnums.RESTRICTED_ACTION_ICON = function () {
 PermissionEnums.FORBIDDEN_ACTION_ICON = function () {
     return "VAADIN:CLOSE";
 }
+PermissionEnums.NO_PERMISSION = function () {
+    return "NO_PERMISSION";
+}
+
 
 /**
  * Provides functions to work with permissions.
@@ -983,6 +991,120 @@ function PermissionUtil () {}
         });
     }
     
+    /**
+     * Returns the permission result for a given object.
+     * 
+     * @param pObjectType the type of the object, e.g. "Organisation".
+     * 
+     * @param pObjectRowId the id of the object.
+     * 
+     * @param pRecordState the current record state.
+     * 
+     * @param pUser the user.
+     * 
+     * @return {Object{}} returns an object with a status to react accordingly in stateProcesses and a title for display.
+     */
+    PermissionUtil.getPermissionResult = function(pObjectType, pObjectRowId, pRecordState, pUser)
+    {
+        var NO_PERMISSION_TITLE = translate.text("No Permission");
+        var DEFAULT_ERROR = translate.text("Error");
+        
+        var res = {
+            status: null, 
+            title: null
+        };
+        
+        if(pRecordState != neon.OPERATINGSTATE_NEW && pObjectType) 
+        {
+            var entity = ContextUtils.getEntity(pObjectType);
+            if (tools.hasPermission(tools.PERMISSION_VIEW, entity, null, pUser, null))
+            {
+                if (pObjectRowId)
+                {
+                    try {
+                        if (tools.hasPermission(tools.PERMISSION_READ, entity, null, pUser, [pObjectRowId]))
+                        {
+                            res = {
+                                status: tools.PERMISSION_READ, 
+                                title: ContextUtils.getTitleByContext(pObjectType, pObjectRowId)
+                            };
+                        }
+                        else
+                        {
+                            res = {
+                                status: tools.PERMISSION_VIEW, 
+                                title: NO_PERMISSION_TITLE
+                            };
+                        }
+                    } 
+                    catch (err)
+                    {
+                        // display "no permission" if there was an error while calculating permissions
+                        if (err.fileName == "Permission_lib")
+                        {
+                            res = {
+                                status: tools.PERMISSION_VIEW, 
+                                title: NO_PERMISSION_TITLE
+                            };
+                        }
+                        else
+                        {
+                            // otherwise display a default error message
+                            res = {
+                                status: tools.PERMISSION_VIEW, 
+                                title: DEFAULT_ERROR
+                            };
+                        }
+                        
+                        logging.log(err);
+                    }
+                }
+                else
+                {
+                    res = {
+                        status: tools.PERMISSION_VIEW, 
+                        title: NO_PERMISSION_TITLE
+                    };
+                }
+            }
+            else
+            {
+                res = {
+                    status: PermissionEnums.NO_PERMISSION(),
+                    title: NO_PERMISSION_TITLE
+                };
+            }
+        }
+        
+        return res;
+    }
+    
+    /**
+     * Returns the visibility for a given object determined by the permission result.
+     * 
+     * @param pPermissionResult as object. Has to contain the property 'status'.
+     * 
+     * @param pRecordState the current record state.
+     * 
+     * @return {String} returns the visibility determined by the permission result.
+     */
+    PermissionUtil.getVisibilityByPermissionResult = function(pPermissionResult, pRecordState)
+    {
+        if (pRecordState != neon.OPERATINGSTATE_NEW)
+        {
+            switch (pPermissionResult.status)
+            {
+                case tools.PERMISSION_VIEW:
+                    return neon.COMPONENTSTATE_READONLY;
+                case tools.PERMISSION_READ:
+                    return neon.COMPONENTSTATE_EDITABLE;
+                default:
+                    return neon.COMPONENTSTATE_INVISIBLE;
+            }
+        }
+        return neon.COMPONENTSTATE_AUTO;
+    }
+
 } //end of block