1077127 refactor permissions

e630fcca · Simon Leipold · Sebastian Listl · 75c2cab9 · e630fcca · e630fcca
Commit e630fcca authored 3 years ago by Simon Leipold Committed by Sebastian Listl 3 years ago
--- a/entity/PermissionDetail_entity/recordcontainers/jdito/contentProcess.js
+++ b/entity/PermissionDetail_entity/recordcontainers/jdito/contentProcess.js
@@ -132,7 +132,7 @@ result.object(res);
 function prepareResultArray(pEntry, pRes) {
    var parentPermission = "";
    
-    if (pEntry.accesstype != "E") {
+    if (pEntry.accesstype != PermissionEnums.ACCESSTYPE_ENTITY()) {
        parentPermission = PermissionUtil.getPermissionWithoutCond(PermissionUtil.getParentSetOfSet(PermissionUtil.getParentSet(pEntry.permissionid)));
    }
    pRes.push([pEntry.permissionid, pEntry.entity, pEntry.role, pEntry.field, pEntry.cond, 

--- a/entity/PermissionOverview_entity/recordcontainers/jdito/contentProcess.js
+++ b/entity/PermissionOverview_entity/recordcontainers/jdito/contentProcess.js
+import("system.util");
 import("Util_lib");
 import("Sql_lib");
 import("system.project");
@@ -15,8 +16,10 @@ var entitiesMetaData = project.getDataModels(project.DATAMODEL_KIND_ENTITY);
 var entitiesUsePermFlagSet = []; // array, which contains ids of entities with usePermission flag set

 // gets all names of the entites which have the 'usePermission'-flag set (positive list)
-for each (let entityMetaData in entitiesMetaData) {
-    if (entityMetaData[6] == "true") {
+for each (let entityMetaData in entitiesMetaData) 
+{
+    if (entityMetaData[6] == "true") 
+    {
        entitiesUsePermFlagSet.push(entityMetaData[0]);
    }
 }
@@ -24,12 +27,15 @@ for each (let entityMetaData in entitiesMetaData) {
 var rolesOrEntitiesSelect = new SqlBuilder(alias).where();
 var rolesOrEntities = [];

-if (vars.exists("$param.RoleName_param") && vars.get("$param.RoleName_param")) {
+if (vars.exists("$param.RoleName_param") && vars.get("$param.RoleName_param")) 
+{
    roleName = vars.getString("$param.RoleName_param");
    rolesOrEntitiesSelect.select("distinct ASYS_PERMISSIONSET.ENTITY_ID")
        .from("ASYS_PERMISSIONSET")
        .and("ASYS_PERMISSIONSET.ROLE_ID", roleName);
-} else if (vars.exists("$param.EntityId_param") && vars.get("$param.EntityId_param")) {
+} 
+else if (vars.exists("$param.EntityId_param") && vars.get("$param.EntityId_param")) 
+{
    entityName = vars.getString("$param.EntityId_param");
    rolesOrEntitiesSelect.select("distinct ASYS_PERMISSIONSET.ROLE_ID")
        .from("ASYS_PERMISSIONSET")
@@ -41,40 +47,38 @@ rolesOrEntities = rolesOrEntitiesSelect
    .arrayColumn();

 var entityPermSetId = "";
-for each (var entry in rolesOrEntities) { // entry contains either a role or an entity, depending on which param exists
-    if (vars.exists("$param.RoleName_param") && vars.get("$param.RoleName_param")) {
+for each (var entry in rolesOrEntities)
+{ // entry contains either a role or an entity, depending on which param exists
+    var overview = {
+        uid: util.getNewUUID(), 
+        entry: entry, 
+        view: PermissionEnums.FORBIDDEN_ACTION_ICON(), 
+        create: PermissionEnums.FORBIDDEN_ACTION_ICON(), 
+        read: PermissionEnums.FORBIDDEN_ACTION_ICON(), 
+        update: PermissionEnums.FORBIDDEN_ACTION_ICON(), 
+        "delete": PermissionEnums.FORBIDDEN_ACTION_ICON()
+    };
+    
+    if (vars.exists("$param.RoleName_param") && vars.get("$param.RoleName_param"))
+    {
        entityPermSetId = PermissionUtil.getSetRoot(roleName, entry);
-    } else if (vars.exists("$param.EntityId_param") && vars.get("$param.EntityId_param")) {
+    } 
+    else if (vars.exists("$param.EntityId_param") && vars.get("$param.EntityId_param"))
+    {
        entityPermSetId = PermissionUtil.getSetRoot(entry, entityName);
    }
-    var recordPermSetId = newSelect("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", alias)
-    .from("ASYS_PERMISSIONSET")
-    .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSET_ID", entityPermSetId)
-    .and("ASYS_PERMISSIONSET.ACCESSTYPE", 'R')
-    .arrayColumn();
-    var currOverview = [entityPermSetId, entry, "VAADIN:CLOSE", "VAADIN:CLOSE", "VAADIN:CLOSE", "VAADIN:CLOSE", "VAADIN:CLOSE"];

    if (entityPermSetId)
    {
-        recordPermSetId = new SqlBuilder(alias)
-            .select("ASYS_PERMISSIONSETID")
-            .from("ASYS_PERMISSIONSET")
-            .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSET_ID", entityPermSetId)
-            .and("ASYS_PERMISSIONSET.ACCESSTYPE", "R")
-            .arrayColumn();
-
-        currOverview = [entityPermSetId, entry, "VAADIN:CLOSE", "VAADIN:CLOSE", "VAADIN:CLOSE", "VAADIN:CLOSE", "VAADIN:CLOSE"];
-
-        // default entity permissions
-        currOverview = prepareOverview(entityPermSetId, currOverview, "default");
+        var recordPermSetId = PermissionUtil.getRecordSetOfEntitySet(entityPermSetId);
+        
+        // entity permissions
+        overview = prepareOverview(entityPermSetId, overview);

-        // conditional record permissions
-        currOverview = prepareOverview(recordPermSetId, currOverview, "conditional");
+        // record permissions
+        overview = prepareOverview(recordPermSetId, overview);

-        // default record permissions
-        currOverview = prepareOverview(recordPermSetId, currOverview, "default");
-
-        res.push(currOverview);
+        res.push([overview.uid, overview.entry, overview.view, overview.create, overview.read, overview.update, overview["delete"]]);
    }
 }

@@ -103,70 +107,43 @@ ArrayUtils.sortMulti(res, sortOrder);

 result.object(res);

-function prepareOverview(pPermSetId, pCurrOverview, pMode) {
-    var conditionalPermActionId = [], currOverview;
-    if (pPermSetId == "") {
-        return pCurrOverview;
-    }
-    switch (pMode) {
-        case "default":
-            var permId = PermissionUtil.getPermissionWithoutCond(pPermSetId);
-            var defaultPermActionId = PermissionUtil.getActions([permId]);
-            currOverview = pCurrOverview;
+function prepareOverview(pPermSetId, pOverview) {
+    if (!pPermSetId) { return pOverview; }
+    
+    var conditionalPermActionId = [];
+    var overview = pOverview;
+
+    var permId = PermissionUtil.getPermissionWithoutCond(pPermSetId);
+    if (permId && permId != "")
+    {
+        var defaultPermActionId = PermissionUtil.getActions([permId]);
    
-            if (PermissionUtil.getCondType(permId) == 1 ) {
-                for each (let actionSets in defaultPermActionId) {
-                    switch (PermissionUtil.resolveActionId(actionSets)) {
-                        case "view":
-                            currOverview[2] = "VAADIN:CIRCLE";
-                            break;
-                        case "create":
-                            currOverview[3] = "VAADIN:CIRCLE";
-                            break;
-                        case "read":
-                            currOverview[4] = "VAADIN:CIRCLE";
-                            break;
-                        case "update":
-                            currOverview[5] = "VAADIN:CIRCLE";
-                            break;
-                        case "delete":
-                            currOverview[6] = "VAADIN:CIRCLE";
-                            break;
-                    }
-                }
+        if (PermissionUtil.getCondType(permId) == 1)
+        {
+            for each (let actionSets in defaultPermActionId)
+            {
+                overview[PermissionUtil.resolveActionId(actionSets)] = PermissionEnums.PERMITTED_ACTION_ICON();
            }
-            break;
-        case "conditional":
-            var permIds = PermissionUtil.getPermissionWithCond(pPermSetId);
-            
-            permIds.forEach(function(permId) {
-                conditionalPermActionId.push(PermissionUtil.getActions([permId]));
-            });
-           
-            currOverview = pCurrOverview;
-            
-            for each (let actionSets in conditionalPermActionId) {
-                for each (let action in actionSets) {
-                    switch (PermissionUtil.resolveActionId(action)) {
-                        case "view":
-                            currOverview[2] = "VAADIN:CIRCLE_THIN";
-                            break;
-                        case "create":
-                            currOverview[3] = "VAADIN:CIRCLE_THIN";
-                            break;
-                        case "read":
-                            currOverview[4] = "VAADIN:CIRCLE_THIN";
-                            break;
-                        case "update":
-                            currOverview[5] = "VAADIN:CIRCLE_THIN";
-                            break;
-                        case "delete":
-                            currOverview[6] = "VAADIN:CIRCLE_THIN";
-                            break;
-                    }
-                }
+        }       
+    }
+
+    var permIds = PermissionUtil.getPermissionWithCond(pPermSetId);
+    
+    if (permIds && permIds.length > 0)
+    {
+        for each (let permId in permIds)
+        {
+            conditionalPermActionId.push(PermissionUtil.getActions([permId]));
+        }
+
+        for each (let actionSets in conditionalPermActionId)
+        {
+            for each (let action in actionSets)
+            {
+                overview[PermissionUtil.resolveActionId(action)] = PermissionEnums.RESTRICTED_ACTION_ICON();
            }
-            break;
+        }
    }
-    return currOverview;
+
+    return overview;
 }
\ No newline at end of file
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -5,6 +5,54 @@ import("system.util");
 import("system.db");
 import("Sql_lib");

+/**
+ * Object for the enumeration of types connected to permissions.
+ * This object is only for the general definition of types and 
+ * other permission related data.
+ * Use PermissionUtil for more complex stuff.
+ */
+function PermissionEnums () {}
+
+PermissionEnums.ACCESSTYPE_ENTITY = function () {
+    return "E";
+}
+PermissionEnums.ACCESSTYPE_FIELD = function () {
+    return "F";
+}
+PermissionEnums.ACCESSTYPE_RECORD = function () {
+    return "R";
+}
+PermissionEnums.ACTION_VIEW = function() {
+    return "view"
+    };
+PermissionEnums.ACTION_CREATE = function() {
+    return "create"
+    };
+PermissionEnums.ACTION_READ = function() {
+    return "read"
+    };
+PermissionEnums.ACTION_UPDATE = function() {
+    return "update"
+    };
+PermissionEnums.ACTION_DELETE = function() {
+    return "delete"
+    };
+PermissionEnums.CONDITIONTYPE_DEFAULT = function() {
+    return "default"
+    };
+PermissionEnums.CONDITIONTYPE_CONDITIONAL = function() {
+    return "conditional"
+    };
+PermissionEnums.PERMITTED_ACTION_ICON = function () {
+    return "VAADIN:CIRCLE";
+}
+PermissionEnums.RESTRICTED_ACTION_ICON = function () {
+    return "VAADIN:CIRCLE_THIN";
+}
+PermissionEnums.FORBIDDEN_ACTION_ICON = function () {
+    return "VAADIN:CLOSE";
+}
+
 /**
 * Provides functions to work with permissions.
 * This includes sets, permissions, actions, roles and role hierarchies.
@@ -280,6 +328,7 @@ function PermissionUtil () {}
     * @result {String[]} returns the ids of permissions with conditions of a given permission set. The result can never be null.
     */
    PermissionUtil.getPermissionWithCond = function(pSetId) {
+        if (!pSetId || pSetId == "") return [];
        var emptyCond = PermissionUtil.getEmptyCondString(PermissionUtil.getEntity(pSetId));
    
        return newSelect("ASYS_PERMISSIONID", alias)
@@ -333,7 +382,7 @@ function PermissionUtil () {}
        .from("ASYS_PERMISSIONSET")
        .where("ASYS_PERMISSIONSET.ROLE_ID", pRoleName)
        .and("ASYS_PERMISSIONSET.ENTITY_ID", pEntity)
-        .and("ASYS_PERMISSIONSET.ACCESSTYPE", "E")
+        .and("ASYS_PERMISSIONSET.ACCESSTYPE", PermissionEnums.ACCESSTYPE_ENTITY())
        .cell();
    }

@@ -666,7 +715,7 @@ function PermissionUtil () {}
     * 
     * @param {String} pEntity name of the entity, mandatory
     * 
-     * @param {String} pAccesstype type of accesslevel ("E", "R" or "F"), mandatory
+     * @param {String} pAccesstype type of accesslevel ("E", "R" or "F", e.g. use PermissionTypes.ACCESSTYPE_ENTITY()), mandatory
     * 
     * @param {String} pAction action to be checked (view, create, read, update, delete), mandatory
     * 
@@ -869,6 +918,21 @@ function PermissionUtil () {}
        .arrayColumn(true);
    }
    
+    /**
+     * Gets the linked record permission set of the given entity permission set.
+     * 
+     * @param {String} pEntitySetId ID of the entity permission set
+     * 
+     * @result {String[]} returns the id of the record permission set
+     */
+    PermissionUtil.getRecordSetOfEntitySet = function(pEntitySetId) {
+        return newSelect("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID", alias)
+        .from("ASYS_PERMISSIONSET")
+        .where("ASYS_PERMISSIONSET.ASYS_PERMISSIONSET_ID", pEntitySetId)
+        .and("ASYS_PERMISSIONSET.ACCESSTYPE", PermissionEnums.ACCESSTYPE_RECORD())
+        .arrayColumn();
+    }
+    
 } //end of block