From c00fc0f3dc93a246f91f1e19894b9ee82a53424e Mon Sep 17 00:00:00 2001
From: Simon Leipold <s.leipold@adito.de>
Date: Thu, 30 Sep 2021 12:39:22 +0200
Subject: [PATCH] =?UTF-8?q?[Projekt:=20Entwicklung=20-=20Neon][TicketNr.:?=
=?UTF-8?q?=201086772][Nicht=20berechtigte=20verkn=C3=BCpfte=20Datens?=
=?UTF-8?q?=C3=A4tze=20f=C3=BChren=20zu=20Fehlern]?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
.../ActivityLink_entity.aod | 6 +
.../object_permission_result/valueProcess.js | 6 +
.../object_rowid/displayValueProcess.js | 10 +-
.../entityfields/object_rowid/stateProcess.js | 6 +
.../entityfields/object_type/stateProcess.js | 6 +
process/Permission_lib/process.js | 122 ++++++++++++++++++
6 files changed, 148 insertions(+), 8 deletions(-)
create mode 100644 entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js
create mode 100644 entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js
create mode 100644 entity/ActivityLink_entity/entityfields/object_type/stateProcess.js
diff --git a/entity/ActivityLink_entity/ActivityLink_entity.aod b/entity/ActivityLink_entity/ActivityLink_entity.aod
index f7987fab47..5a442b8bdb 100644
--- a/entity/ActivityLink_entity/ActivityLink_entity.aod
+++ b/entity/ActivityLink_entity/ActivityLink_entity.aod
@@ -20,6 +20,7 @@
<title>{$OBJECTLINK_TYPE}</title>
<consumer>Context</consumer>
<mandatory v="true" />
+ <stateProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_type/stateProcess.js</stateProcess>
<displayValueProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_type/displayValueProcess.js</displayValueProcess>
</entityField>
<entityField>
@@ -28,6 +29,7 @@
<consumer>Objects</consumer>
<linkedContextProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_rowid/linkedContextProcess.js</linkedContextProcess>
<mandatory v="true" />
+ <stateProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js</stateProcess>
<displayValueProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js</displayValueProcess>
</entityField>
<entityField>
@@ -94,6 +96,10 @@
<name>#PROVIDER_AGGREGATES</name>
<useAggregates v="true" />
</entityProvider>
+ <entityField>
+ <name>OBJECT_PERMISSION_RESULT</name>
+ <valueProcess>%aditoprj%/entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js</valueProcess>
+ </entityField>
</entityFields>
<recordContainers>
<dbRecordContainer>
diff --git a/entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js b/entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js
new file mode 100644
index 0000000000..88f23e2bd9
--- /dev/null
+++ b/entity/ActivityLink_entity/entityfields/object_permission_result/valueProcess.js
@@ -0,0 +1,6 @@
+import("Permission_lib");
+import("system.result");
+import("system.vars");
+
+var res = PermissionUtil.getPermissionResult(vars.get("$field.OBJECT_TYPE"), vars.get("$field.OBJECT_ROWID"), vars.get("$sys.recordstate"), vars.get("$sys.user"));
+result.string(JSON.stringify(res));
diff --git a/entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js b/entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js
index 95c4eea536..d6a0d07974 100644
--- a/entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js
+++ b/entity/ActivityLink_entity/entityfields/object_rowid/displayValueProcess.js
@@ -1,11 +1,5 @@
-import("system.neon");
import("system.vars");
-import("system.db");
import("system.result");
-import("Context_lib");
-if(vars.get("$sys.recordstate") == neon.OPERATINGSTATE_NEW && !vars.get("$field.OBJECT_ROWID")) {
- result.string("");
-} else if (vars.exists("$field.OBJECT_TYPE") && vars.get("$field.OBJECT_TYPE")) {
- result.string(ContextUtils.getTitleByContext(vars.get("$field.OBJECT_TYPE"), vars.get("$field.OBJECT_ROWID")));
-}
\ No newline at end of file
+var permissionResult = JSON.parse(vars.get("$field.OBJECT_PERMISSION_RESULT"));
+result.string(permissionResult.title);
diff --git a/entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js b/entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js
new file mode 100644
index 0000000000..efa6035588
--- /dev/null
+++ b/entity/ActivityLink_entity/entityfields/object_rowid/stateProcess.js
@@ -0,0 +1,6 @@
+import("Permission_lib");
+import("system.result");
+import("system.vars");
+
+var permissionResult = JSON.parse(vars.get("$field.OBJECT_PERMISSION_RESULT"));
+result.string(PermissionUtil.getVisibilityByPermissionResult(permissionResult, vars.get("$sys.recordstate")));
diff --git a/entity/ActivityLink_entity/entityfields/object_type/stateProcess.js b/entity/ActivityLink_entity/entityfields/object_type/stateProcess.js
new file mode 100644
index 0000000000..d371cb8fb2
--- /dev/null
+++ b/entity/ActivityLink_entity/entityfields/object_type/stateProcess.js
@@ -0,0 +1,6 @@
+import("Permission_lib");
+import("system.vars");
+import("system.result");
+
+var permissionResult = JSON.parse(vars.get("$field.OBJECT_PERMISSION_RESULT"));
+result.string(PermissionUtil.getVisibilityByPermissionResult(permissionResult, vars.get("$sys.recordstate")));
diff --git a/process/Permission_lib/process.js b/process/Permission_lib/process.js
index 0273d9b02d..717172cf8d 100644
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -1,3 +1,7 @@
+import("system.translate");
+import("Context_lib");
+import("system.logging");
+import("system.neon");
import("system.vars");
import("system.tools");
import("system.SQLTYPES");
@@ -52,6 +56,10 @@ PermissionEnums.RESTRICTED_ACTION_ICON = function () {
PermissionEnums.FORBIDDEN_ACTION_ICON = function () {
return "VAADIN:CLOSE";
}
+PermissionEnums.NO_PERMISSION = function () {
+ return "NO_PERMISSION";
+}
+
/**
* Provides functions to work with permissions.
@@ -983,6 +991,120 @@ function PermissionUtil () {}
});
}
+ /**
+ * Returns the permission result for a given object.
+ *
+ * @param pObjectType the type of the object, e.g. "Organisation".
+ *
+ * @param pObjectRowId the id of the object.
+ *
+ * @param pRecordState the current record state.
+ *
+ * @param pUser the user.
+ *
+ * @return {Object{}} returns an object with a status to react accordingly in stateProcesses and a title for display.
+ */
+ PermissionUtil.getPermissionResult = function(pObjectType, pObjectRowId, pRecordState, pUser)
+ {
+ var NO_PERMISSION_TITLE = translate.text("No Permission");
+ var DEFAULT_ERROR = translate.text("Error");
+
+ var res = {
+ status: null,
+ title: null
+ };
+
+ if(pRecordState != neon.OPERATINGSTATE_NEW && pObjectType)
+ {
+ var entity = ContextUtils.getEntity(pObjectType);
+ if (tools.hasPermission(tools.PERMISSION_VIEW, entity, null, pUser, null))
+ {
+ if (pObjectRowId)
+ {
+ try {
+ if (tools.hasPermission(tools.PERMISSION_READ, entity, null, pUser, [pObjectRowId]))
+ {
+ res = {
+ status: tools.PERMISSION_READ,
+ title: ContextUtils.getTitleByContext(pObjectType, pObjectRowId)
+ };
+ }
+ else
+ {
+ res = {
+ status: tools.PERMISSION_VIEW,
+ title: NO_PERMISSION_TITLE
+ };
+ }
+ }
+ catch (err)
+ {
+ // display "no permission" if there was an error while calculating permissions
+ if (err.fileName == "Permission_lib")
+ {
+ res = {
+ status: tools.PERMISSION_VIEW,
+ title: NO_PERMISSION_TITLE
+ };
+ }
+ else
+ {
+ // otherwise display a default error message
+ res = {
+ status: tools.PERMISSION_VIEW,
+ title: DEFAULT_ERROR
+ };
+ }
+
+ logging.log(err);
+ }
+ }
+ else
+ {
+ res = {
+ status: tools.PERMISSION_VIEW,
+ title: NO_PERMISSION_TITLE
+ };
+ }
+ }
+ else
+ {
+ res = {
+ status: PermissionEnums.NO_PERMISSION(),
+ title: NO_PERMISSION_TITLE
+ };
+ }
+ }
+
+ return res;
+ }
+
+ /**
+ * Returns the visibility for a given object determined by the permission result.
+ *
+ * @param pPermissionResult as object. Has to contain the property 'status'.
+ *
+ * @param pRecordState the current record state.
+ *
+ * @return {String} returns the visibility determined by the permission result.
+ */
+ PermissionUtil.getVisibilityByPermissionResult = function(pPermissionResult, pRecordState)
+ {
+ if (pRecordState != neon.OPERATINGSTATE_NEW)
+ {
+ switch (pPermissionResult.status)
+ {
+ case tools.PERMISSION_VIEW:
+ return neon.COMPONENTSTATE_READONLY;
+ case tools.PERMISSION_READ:
+ return neon.COMPONENTSTATE_EDITABLE;
+ default:
+ return neon.COMPONENTSTATE_INVISIBLE;
+ }
+ }
+ return neon.COMPONENTSTATE_AUTO;
+ }
+
} //end of block
--
GitLab