Permissions - improved sorting in permission details, action validation improved + bug fix

ffb47534 · Simon Leipold · 29cca154 · ffb47534 · ffb47534 · ffb47534
Commit ffb47534 authored 5 years ago by Simon Leipold
--- a/entity/PermissionDetail_entity/contentTitleProcess.js
+++ b/entity/PermissionDetail_entity/contentTitleProcess.js
@@ -27,10 +27,12 @@ switch (vars.get("$field.ACCESSTYPE")) {
        break;
 }

-if (vars.get("$field.CONDITION") != noCond && vars.get("$field.CONDITION") != "") {
-    res += " - conditional";
-} else {
-    res += " - default";
+if (vars.get("$field.ACCESSTYPE") != "E") {
+    if (vars.get("$field.CONDITION") != noCond && vars.get("$field.CONDITION") != "") {
+        res += " - conditional";
+    } else {
+        res += " - default";
+    }
 }

 result.string(res);
\ No newline at end of file
--- a/entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js
+++ b/entity/PermissionDetail_entity/entityfields/permissionactions/onValidation.js
+import("system.logging");
 import("Sql_lib");
 import("system.db");
 import("system.vars");
@@ -15,9 +16,10 @@ var fieldTitle = vars.get("$field.FIELD");
 var accesstype = vars.get("$field.ACCESSTYPE");
 var permCondInput = vars.get("$field.CONDITION");
 var permCondType = vars.get("$field.CONDTYPE");
-var permissionId = PermissionUtil.getPermission(roleTitle, entityTitle, fieldTitle, accesstype, permCondInput, permCondType);
-var actionsInDb = PermissionUtil.getActions([permissionId]);
+var permId = PermissionUtil.getPermission(roleTitle, entityTitle, fieldTitle, accesstype, permCondInput, permCondType);
+var actionsInDb = PermissionUtil.getActions([permId]);
 var actionsAsStringArray = vars.get("$field.ACTION").split(","); // only useful while working with already existing permissions
+var noCond = "{\"entity\":\"" + entityTitle + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";

 var deletedRows = vars.get("$field.PermissionActions.deletedRows");
 var changedRows = vars.get("$field.PermissionActions.changedRows");
@@ -27,12 +29,13 @@ if (deletedRows.length == actionsAsStringArray.length && changedRows.length == 0
    result.string(translate.text("Permissions without actions are not allowed!"));
 }

-if (PermissionUtil.permissionExists(permissionId)) {
+if (PermissionUtil.permissionExists(permId)) {
    // old permission
    // insert only possible, if the same action is not already linked to the permission
+    logging.log("test");
    for each (let row in insertedRows) {
        var actionGotJustDelted = false;
-        if (PermissionUtil.actionExists(row.ACTION, permissionId)) {
+        if (PermissionUtil.actionExists(row.ACTION, permId)) {
            for each (let delRow in deletedRows) {
                if (row.ACTION == delRow.ACTION) {
                    actionGotJustDelted = true;
@@ -45,13 +48,25 @@ if (PermissionUtil.permissionExists(permissionId)) {
    }
    
    for each (let row in changedRows) {
-        if (PermissionUtil.actionExists(row.ACTION, permissionId) && actionsAsStringArray.indexOf(row.ACTION) == -1) {
+        if (PermissionUtil.actionExists(row.ACTION, permId) && actionsAsStringArray.indexOf(row.ACTION) == -1) {
            result.string(translate.text("Action '" + row.ACTION + "' already linked to this permission."));
        }
    }
 } else {
    // new permission
-    if (insertedRows.length > 1) {
+    if (insertedRows.length > 0) {
+        var defaultPerm = PermissionUtil.getPermission(roleTitle, entityTitle, fieldTitle, accesstype, noCond);
+        if (PermissionUtil.permissionExists(defaultPerm)) {
+            var defaultActions = PermissionUtil.getActions([defaultPerm]);
+            for each (let entry in insertedRows) {
+                for each (let action in defaultActions) {
+                    if (entry.ACTION == PermissionUtil.resolveActionId(action)) {
+                        result.string(translate.text("Action '" + entry.ACTION + "' is already linked to a permission with this role-entity-field-combination"));
+                    }
+                }
+            }
+        }
+        
        for (let i = 0; i < insertedRows.length-1; i++) {
            for (let j = i + 1; j < insertedRows.length; j++) {
                if (insertedRows[i].ACTION == insertedRows[j].ACTION) {

--- a/entity/PermissionDetail_entity/recordcontainers/jdito/contentProcess.js
+++ b/entity/PermissionDetail_entity/recordcontainers/jdito/contentProcess.js
@@ -106,7 +106,7 @@ if (selectedPermission == null) {
    }
 }

-result.object(res.sort(sortResultsAfterAccessTypes));
+result.object(res.sort(sortResultsAfterCondition).sort(sortResultsAfterAccessTypes));

 function prepareResultArray(pEntry, pRes) {
    var rootPermission = "";
@@ -183,4 +183,16 @@ function sortResultsAfterAccessTypes(a, b) {
        return 1;
    else
        return 0;
+}
+
+// sorts result array: default permission -> conditional permission
+function sortResultsAfterCondition(a, b) {
+    var noCond = "{\"entity\":\"" + vars.get("$field.ENTITY") + "\",\"filter\":{\"type\":\"group\",\"operator\":\"AND\",\"childs\":[]}}";
+    if (a[4] == "" || a[4] == noCond) {
+        return -1;
+    } else if (b[4] == "" || b[4] == noCond) {
+        return 1;
+    } else {
+        return 0;
+    }
 }
\ No newline at end of file
--- a/process/Permission_lib/process.js
+++ b/process/Permission_lib/process.js
@@ -296,7 +296,7 @@ function PermissionUtil () {}
 */
    PermissionUtil.setIsEmpty = function(pSetId) {
        var subSets = PermissionUtil.getChildSetsOfSet(pSetId);
-        var subPerms = PermissionUtil.getPermissions(pSetId);
+        var subPerms = PermissionUtil.getPermissions([pSetId]);
        var subActions = PermissionUtil.getActionsOfSet(pSetId);
    
        if (subActions.length == 0 && subPerms == 0 && subSets == 0) 
@@ -305,31 +305,15 @@ function PermissionUtil () {}
    }

    /**
- * Returns all permissions of the given permission sets.
+ * Returns all subordinated permissions of the given permission sets.
 * 
- * @param {String[]} pSetIds the ids of the permission sets
+ * @param {String[]} pSetIds ids of the permission sets
 * 
 * @result {String[]} array with ids of all subordinated permissions. The result can never be null.
 */
    PermissionUtil.getPermissions = function(pSetIds) {
        return db.table("select ASYS_PERMISSIONID from ASYS_PERMISSION where ASYS_PERMISSION.ASYS_PERMISSIONSET_ID in ('" + pSetIds.join("','") + "')", alias);
    }
-    
-    /**
- * Returns all subordinated permissions of a given permission set.
- * 
- * @param {String} pSetId the id of the parent permission set
- * 
- * @result {String[]} array with ids of all subordinated permission. The result can never be null.
- */
-    PermissionUtil.getPermissions = function (pSetId)
-    {
-        return db.array(db.COLUMN, SqlCondition.begin()
-            .and("ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = '" + pSetId + "'")
-            .buildSql("select ASYS_PERMISSION.ASYS_PERMISSIONID from ASYS_PERMISSION"
-                + " join ASYS_PERMISSIONSET on ASYS_PERMISSIONSET.ASYS_PERMISSIONSETID = ASYS_PERMISSION.ASYS_PERMISSIONSET_ID")
-            , alias);
-    }

    /**
 * Returns the condition type of the given permissions.