Permissions - refactoring lib, updating role, fixing detail

entity/PermissionAction_entity/entityfields/permissiondetails/onValidation.js

@@ -10,7 +10,6 @@ var actionTitle = vars.get("$field.ACTION");
 var permissionId = vars.get("$param.PermissionId_param");
 var permCondInput = vars.get("$param.PermissionCondition_param");
 
-//var deletedRows = vars.get("$field." + pConsumerField + ".deletedRows");
 var deletedRows = vars.get("$field.PermissionDetails.deletedRows");
 
 if (actionTitle == "null" || actionTitle == undefined || actionTitle == null || actionTitle == "") {

entity/PermissionDetail_entity/contentTitleProcess.js

+import("Permission_lib");
 import("system.logging");
 import("system.project");
 import("system.vars");
@@ -5,7 +6,7 @@ import("system.result");
 
 var res = "";
 var entityName = vars.get("$field.ENTITY");
-var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+var emptyCond = PermissionUtil.getEmptyCondString(entityName);
 
 switch (vars.get("$field.ACCESSTYPE")) {
     case "E":
@@ -31,7 +32,7 @@ switch (vars.get("$field.ACCESSTYPE")) {
 }
 
 if (vars.get("$field.ACCESSTYPE") != "E") {
-    if (vars.get("$field.CONDITION") != noCond && vars.get("$field.CONDITION") != "") {
+    if (vars.get("$field.CONDITION") != emptyCond && vars.get("$field.CONDITION") != "") {
         res += " - conditional";
     } else {
         res += " - default";

entity/PermissionDetail_entity/entityfields/permissionactions/children/permissionid_param/valueProcess.js

 import("Sql_lib");
 import("system.db");
-import("system.logging");
 import("system.vars");
 import("system.result");
 import("Permission_lib");
@@ -9,18 +8,19 @@ var alias = SqlUtils.getSystemAlias();
 var rootPermId;
 var entity = vars.get("$field.ENTITY");
 var cond = vars.get("$field.CONDITION");
-var noCond = "{\"entity\":\"" + entity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
-var permSetId = PermissionUtil.getSet(vars.get("$field.ROLE"), vars.get("$field.ENTITY"), vars.get("$field.ACCESSTYPE"));
+var field = vars.get("$field.FIELD");
+var emptyCond = PermissionUtil.getEmptyCondString(entity);
+var permSetId = PermissionUtil.getSet(vars.get("$field.ROLE"), entity, vars.get("$field.ACCESSTYPE"), field);
 
 if (permSetId != "") {
     // check if default or conditional permission has to be returned
-    if (cond == "" || cond == noCond) {
+    if (cond == "" || cond == emptyCond) {
         rootPermId = PermissionUtil.getPermissionWithoutCond(permSetId);
     } else {
-        rootPermId = PermissionUtil.getPermissionWithCond(permSetId);
+        permsWithCond = PermissionUtil.getPermissionWithCond(permSetId);
         
-        for each (let perm in rootPermId) {
-            let sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION where cast(ASYS_PERMISSION.COND as varchar(" + cond.length + ")) = '" + cond + "'"
+        for each (let perm in permsWithCond) {
+            let sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION join ASYS_PERMISSIONSET on ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = ASYS_PERMISSION.ASYS_PERMISSIONSET_ID where cast(ASYS_PERMISSION.COND as varchar(" + cond.length + ")) = '" + cond + "' and ASYS_PERMISSIONSET.FIELD_ID = '" + field + "'";
             rootPermId = db.cell(sqlStr, alias);
             break;
         }

entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js

@@ -9,17 +9,17 @@ var allowedNumberOfActionsForRecordPermission = 3;
 var allowedNumberOfActionsForEntityPermissions = 2;
 var allowedNumberOfActionsForFieldPermissions = 2;
 
-var entityTitle = vars.get("$field.ENTITY");
+var entityName = vars.get("$field.ENTITY");
 var roleTitle = vars.get("$field.ROLE");
 var fieldTitle = vars.get("$field.FIELD");
 var accesstype = vars.get("$field.ACCESSTYPE");
 var permCondInput = vars.get("$field.CONDITION");
 var permCondType = vars.get("$field.CONDTYPE");
-var permId = PermissionUtil.getPermission(roleTitle, entityTitle, fieldTitle, accesstype, permCondInput, permCondType);
+var permId = PermissionUtil.getPermission(roleTitle, entityName, fieldTitle, accesstype, permCondInput, permCondType);
 var actionsInDb = PermissionUtil.getActions([permId]);
 var actionsAsStringArray = vars.get("$field.ACTION").split(","); // only useful while working with already existing permissions
-var noCond = "{\"entity\":\"" + entityTitle + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
-var isDefaultPermission = (permCondInput != noCond && permCondInput != "") ? false : true;
+var emptyCond = PermissionUtil.getEmptyCondString(entityName);
+var isDefaultPermission = (permCondInput != emptyCond && permCondInput != "") ? false : true;
 
 var deletedRows = vars.get("$field.PermissionActions.deletedRows");
 var changedRows = vars.get("$field.PermissionActions.changedRows");
@@ -53,7 +53,7 @@ if (PermissionUtil.permissionExists(permId)) {
         }
         // if conditional permission: check if action is already linked to default permission
         if (!isDefaultPermission) {
-            if (PermissionUtil.actionExists(row.ACTION, PermissionUtil.getPermissionWithoutCond(PermissionUtil.getSet(roleTitle, entityTitle, accesstype, fieldTitle)))) {
+            if (PermissionUtil.actionExists(row.ACTION, PermissionUtil.getPermissionWithoutCond(PermissionUtil.getSet(roleTitle, entityName, accesstype, fieldTitle)))) {
                 result.string(translate.text("Action '" + row.ACTION + "' is already linked to the default permission."));
             }
         }
@@ -67,7 +67,7 @@ if (PermissionUtil.permissionExists(permId)) {
 } else {
     // new permission
     if (insertedRows.length > 0) {
-        var defaultPerm = PermissionUtil.getPermission(roleTitle, entityTitle, fieldTitle, accesstype, noCond);
+        var defaultPerm = PermissionUtil.getPermission(roleTitle, entityName, fieldTitle, accesstype, emptyCond);
         if (PermissionUtil.permissionExists(defaultPerm)) {
             var defaultActions = PermissionUtil.getActions([defaultPerm]);
             for each (let entry in insertedRows) {

entity/PermissionDetail_entity/entityfields/role/displayValueProcess.js

@@ -8,7 +8,7 @@ var role = "";
 if (vars.exists("$param.RoleTitle_param") && recordstate == neon.OPERATINGSTATE_NEW) {
     role = vars.get("$param.RoleTitle_param");
 } else {
-    role = vars.get("$field.ROLE");
+    role = vars.get("$this.value");
 }
 
 if(role != undefined && role != null && role != "") {

entity/PermissionDetail_entity/entityfields/role/valueProcess.js

@@ -5,7 +5,7 @@ import("system.neon");
 var recordstate = vars.get("$sys.recordstate");
 var role = "";
 
-if(vars.exists("$param.RoleTitle_param") && (recordstate == neon.OPERATINGSTATE_NEW)) {
+if (vars.exists("$param.RoleTitle_param") && recordstate == neon.OPERATINGSTATE_NEW) {
     role = vars.get("$param.RoleTitle_param");
 } else {
     role = vars.get("$this.value");

entity/PermissionDetail_entity/recordcontainers/jdito/contentProcess.js

@@ -14,7 +14,7 @@ var entitiesMetaData = project.getDataModels(project.DATAMODEL_KIND_ENTITY);
 var entityStructure;
 var entitiesUsePermFlagSet = [];
 var fieldsUsePermFlagSet = [];
-var noCond = "{\"entity\":\"" + vars.get("$field.ENTITY") + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+var emptyCond = PermissionUtil.getEmptyCondString(vars.get("$field.ENTITY"));
 
 // gets all names of the entites which have the 'usePermission'-flag set (positive list)
 // gets all names of the fields which have the 'usePermission'-flag set (positive list)
@@ -111,10 +111,10 @@ result.object(res);
 
 function prepareResultArray(pEntry, pRes) {
     var parentPermission = "";
-    var noCond = "{\"entity\":\"" + pEntry.entity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+    var emptyCond = PermissionUtil.getEmptyCondString(pEntry.entity);
     
     if (pEntry.accesstype != "E") {
-        if (pEntry.cond == "" || pEntry.cond == noCond) { // default permission
+        if (pEntry.cond == "" || pEntry.cond == emptyCond) { // default permission
             parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSetOfSet(PermissionUtil.getParentSet(pEntry.permissionid)));
         } else { // conditional permission
             parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSet(pEntry.permissionid));
@@ -167,28 +167,28 @@ function sortActions(actions, accesstype) {
 
 // sorts result array: Entity -> Records -> Fields
 function sortResultsByAccessTypes(a, b) {
-    var noCondA = "{\"entity\":\"" + a[1] + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
-    var noCondB = "{\"entity\":\"" + b[1] + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+    var emptyCondA = PermissionUtil.getEmptyCondString(a[1]);
+    var emptyCondB = PermissionUtil.getEmptyCondString(b[1]);
 
     if (a[6] == b[6] && a[6] == "E") return 0;
     else if (a[6] == "E") return -1;
     else if (b[6] == "E") return 1;
     else if (a[6] == "R" && b[6] == "F") return -1;
     else if (a[6] == "F" && b[6] == "R") return 1;
-    else if (a[6] == b[6] && (a[4] == "" || a[4] == noCondA)) return -1;
-    else if (a[6] == b[6] && (b[4] == "" || b[4] == noCondB)) return 1;
+    else if (a[6] == b[6] && (a[4] == "" || a[4] == emptyCondA)) return -1;
+    else if (a[6] == b[6] && (b[4] == "" || b[4] == emptyCondB)) return 1;
     else  return 0;
 }
 
 // sorts result array: default permission -> conditional permission
 function sortResultsByCondition(a, b) {
-    var noCondA = "{\"entity\":\"" + a[1] + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
-    var noCondB = "{\"entity\":\"" + b[1] + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+    var emptyCondA = PermissionUtil.getEmptyCondString(a[1]);
+    var emptyCondB = PermissionUtil.getEmptyCondString(b[1]);
     
-    if (a[4] == "" || a[4] == noCond) return -1;
-    else if (b[4] == "" || b[4] == noCondB) return -1;
-    else if (a[4] != "" && a[4] != noCondA) return 1;
-    else if (b[4] != "" && b[4] != noCondB) return 1;
+    if (a[4] == "" || a[4] == emptyCond) return -1;
+    else if (b[4] == "" || b[4] == emptyCondB) return -1;
+    else if (a[4] != "" && a[4] != emptyCondA) return 1;
+    else if (b[4] != "" && b[4] != emptyCondB) return 1;
     else return 0;
 
 }

entity/PermissionDetail_entity/recordcontainers/jdito/onDelete.js

@@ -10,7 +10,7 @@ var permId = vars.get("$field.UID");
 var accessType = vars.get("$field.ACCESSTYPE");
 var parentPermSetId = PermissionUtil.getParentSet(permId);
 var linkedActions = PermissionUtil.getActions([permId]);
-var noCond = "{\"entity\":\"" + vars.get("$field.ENTITY") + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+var emptyCond = PermissionUtil.getEmptyCondString(vars.get("$field.ENTITY"));
 
 var sqlCondDelAction = SqlCondition.begin()
 .and("ASYS_PERMISSIONACTION.ASYS_PERMISSIONACTIONID in ('" + linkedActions.join("','") + "')")
@@ -44,7 +44,7 @@ switch (accessType) {
         db.deleteData("ASYS_PERMISSIONSET", sqlCondDelPermSet, alias); // delete all permission sets
         break;
     default:
-        if (PermissionUtil.getCond(permId) == "" || PermissionUtil.getCond(permId) == noCond) { // check if permission is default or conditional permission
+        if (PermissionUtil.getCond(permId) == "" || PermissionUtil.getCond(permId) == emptyCond) { // check if permission is default or conditional permission
             // default permission -> also have to delete sub permissions
             let allPerms = PermissionUtil.getPermissionWithCond(PermissionUtil.getParentSet(permId));
             allPerms.push(permId);

entity/Role_entity/recordcontainers/jdito/contentProcess.js

@@ -19,21 +19,26 @@ if (vars.exists("$param.ExcludeRoles_param") && vars.get("$param.ExcludeRoles_pa
     }, excludeRoles);
 }
 
-if (selectedRole == null) {
-    for (let rolename in roles) {            
-        let role = roles[rolename];  
-        if (!excludeRoles[rolename])
-            res.push([rolename, role[0], role[1], role[2], 0]);
+for (let rolename in roles) {
+    let role = roles[rolename];  
+    if (!excludeRoles[rolename]) {
+        let numberOfUsersInSelectedRole = tools.getUsersWithRole(rolename).length;
+        res.push([rolename, role[0], role[1], role[2], numberOfUsersInSelectedRole + " " + translate.text("User", locale)]);
     }
-} else {
-    for (let rolename in roles) {
-        let role = roles[rolename];  
-        if (rolename == selectedRole) {           
-            let numberOfUsersInSelectedRole = tools.getUsersWithRole(selectedRole).length;           
-            res.push([rolename, role[0], role[1], role[2], numberOfUsersInSelectedRole + translate.text(" User", locale)]);
-            break;
+}
+
+var ids = vars.get("$local.idvalues");
+if (ids != null)
+{
+    res = res.filter(function(resEntry) 
+    {
+        for (let i = 0; i < ids.length; i++)
+        {
+            if (resEntry[0] == ids[i])
+                return true;
         }
-    }
+        return false;
+    });
 }
 
 result.object(res.sort());
\ No newline at end of file

neonView/PermissionActionList_view/PermissionActionList_view.aod

@@ -8,6 +8,7 @@
       <titleField></titleField>
       <fixedDrawer v="true" />
       <entityField>#ENTITY</entityField>
+      <isEditable v="false" />
       <columns>
         <neonTableColumn>
           <name>cc9ac8b7-e98b-4ce6-a0f0-204c05c1a3ce</name>

neonView/PermissionDetailPreview_view/PermissionDetailPreview_view.aod

@@ -13,11 +13,13 @@
       <iconField>#ICON</iconField>
       <titleField>#CONTENTTITLE</titleField>
       <entityField>#ENTITY</entityField>
+      <isEditable v="true" />
     </cardViewTemplate>
     <genericViewTemplate>
       <name>Generic</name>
       <editMode v="true" />
       <entityField>#ENTITY</entityField>
+      <isEditable v="false" />
       <fields>
         <entityFieldLink>
           <name>dd33df7a-82e6-49a8-b35f-99d0187970e3</name>

neonView/RoleFilter_view/RoleFilter_view.aod

-<?xml version="1.0" encoding="UTF-8"?>
-<neonView xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.1.2" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/neonView/1.1.2">
-  <name>RoleFilter_view</name>
-  <majorModelMode>DISTRIBUTED</majorModelMode>
-  <filterable v="true" />
-  <layout>
-    <boxLayout>
-      <name>layout</name>
-    </boxLayout>
-  </layout>
-  <children>
-    <tableViewTemplate>
-      <name>Table</name>
-      <iconField>#ICON</iconField>
-      <titleField>ROLETITLE</titleField>
-      <subtitleField>ROLETYPE</subtitleField>
-      <descriptionField>ROLEDESCRIPTION</descriptionField>
-      <entityField>#ENTITY</entityField>
-      <columns>
-        <neonTableColumn>
-          <name>29a4128c-c677-4b16-a167-febb20277a23</name>
-          <entityField>#ICON</entityField>
-        </neonTableColumn>
-        <neonTableColumn>
-          <name>e6d9050e-3139-48cc-b186-085dab1cec89</name>
-          <entityField>ROLETITLE</entityField>
-        </neonTableColumn>
-        <neonTableColumn>
-          <name>01743397-32b2-4c8a-b947-ba077baf311d</name>
-          <entityField>ROLETYPE</entityField>
-        </neonTableColumn>
-        <neonTableColumn>
-          <name>7b269530-309a-4599-a392-f6e2651ccb65</name>
-          <entityField>ROLEDESCRIPTION</entityField>
-        </neonTableColumn>
-      </columns>
-    </tableViewTemplate>
-  </children>
-</neonView>
+<?xml version="1.0" encoding="UTF-8"?>
+<neonView xmlns="http://www.adito.de/2018/ao/Model" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" VERSION="1.1.2" xsi:schemaLocation="http://www.adito.de/2018/ao/Model adito://models/xsd/neonView/1.1.2">
+  <name>RoleFilter_view</name>
+  <majorModelMode>DISTRIBUTED</majorModelMode>
+  <filterable v="true" />
+  <layout>
+    <boxLayout>
+      <name>layout</name>
+    </boxLayout>
+  </layout>
+  <children>
+    <tableViewTemplate>
+      <name>Table</name>
+      <iconField>#ICON</iconField>
+      <titleField>ROLETITLE</titleField>
+      <subtitleField>ROLETYPE</subtitleField>
+      <descriptionField>ROLEDESCRIPTION</descriptionField>
+      <entityField>#ENTITY</entityField>
+      <columns>
+        <neonTableColumn>
+          <name>29a4128c-c677-4b16-a167-febb20277a23</name>
+          <entityField>#ICON</entityField>
+        </neonTableColumn>
+        <neonTableColumn>
+          <name>954cb883-bf05-4807-b303-98b31bf8f75e</name>
+          <entityField>UID</entityField>
+        </neonTableColumn>
+        <neonTableColumn>
+          <name>e6d9050e-3139-48cc-b186-085dab1cec89</name>
+          <entityField>ROLETITLE</entityField>
+        </neonTableColumn>
+        <neonTableColumn>
+          <name>01743397-32b2-4c8a-b947-ba077baf311d</name>
+          <entityField>ROLETYPE</entityField>
+        </neonTableColumn>
+        <neonTableColumn>
+          <name>346c7722-bca5-4231-806f-b214fa47aaa1</name>
+          <entityField>USERCOUNT</entityField>
+        </neonTableColumn>
+        <neonTableColumn>
+          <name>7b269530-309a-4599-a392-f6e2651ccb65</name>
+          <entityField>ROLEDESCRIPTION</entityField>
+        </neonTableColumn>
+      </columns>
+    </tableViewTemplate>
+  </children>
+</neonView>

process/Permission_lib/process.js

@@ -16,6 +16,18 @@ function PermissionUtil () {}
 
     let alias = SqlUtils.getSystemAlias();
     let sqlHelper = new SqlMaskingUtils(alias);
+    
+    /**
+     * Returns the default empty condition string for the given entity.
+     * 
+     * @param {String} pEntity name of the entity
+     * 
+     * @result {String} default empty condition string ({\"entity\":\"" + pEntity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}})
+     */
+    PermissionUtil.getEmptyCondString = function (pEntity) 
+    {   
+        return "{\"entity\":\"" + pEntity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+    }
 
     /**
      * Returns the ids of all subordinated permission sets of a given parent permission set.
@@ -231,12 +243,12 @@ function PermissionUtil () {}
     PermissionUtil.getPermissionWithoutCond = function(pSetId) {
         var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pSetId + "'";
         var entityName = db.cell(sqlStr, alias);
-        var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+        var emptyCond = PermissionUtil.getEmptyCondString(entityName);
         
         sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
         + " where ASYS_PERMISSIONSET_ID = '" + pSetId + "'"
         + " and (COND is null"
-        + " or " + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " = '" + noCond + "')";
+        + " or " + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " = '" + emptyCond + "')";
         
         return db.cell(sqlStr, alias);
     }
@@ -251,12 +263,12 @@ function PermissionUtil () {}
     PermissionUtil.getPermissionWithCond = function(pSetId) {
         var sqlStr = "select ENTITY_ID from ASYS_PERMISSIONSET where ASYS_PERMISSIONSETID = '" + pSetId + "'";
         var entityName = db.cell(sqlStr, alias);
-        var noCond = "{\"entity\":\"" + entityName + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+        var emptyCond = PermissionUtil.getEmptyCondString(entityName);
     
         sqlStr = "select ASYS_PERMISSIONID from ASYS_PERMISSION"
         + " where ASYS_PERMISSIONSET_ID = '" + pSetId + "'"
         + " and COND is not null"
-        + " and " + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " != '" + noCond + "'";
+        + " and " + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " != '" + emptyCond + "'";
         return db.table(sqlStr, alias);
     }
 
@@ -509,11 +521,11 @@ function PermissionUtil () {}
     PermissionUtil.getPermission = function(pRole, pEntity, pField, pAccesstype, pCondition, pCondtype) {
         var sqlStr = "";
         var sqlExt = "";
-        var noCond = "{\"entity\":\"" + pEntity + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+        var emptyCond = PermissionUtil.getEmptyCondString(pEntity);
     
         if (checkInput([pCondition])) {
-            if (pCondition == noCond) {
-                sqlExt += " and (" + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " = '" + noCond + "' or COND is null)";
+            if (pCondition == emptyCond) {
+                sqlExt += " and (" + sqlHelper.castLob("ASYS_PERMISSION.COND", 254) + " = '" + emptyCond + "' or COND is null)";
             } else {
                 // SqlMaskingUtils.castLob causes an error in this case (at least on derby-db)
                 // derby-db max size of char is 254 and castLob casts to char first, then to varchar