FCLT#54494 Beveiliging klantscripts iets generieker maken

svn path=/Database/trunk/; revision=40614
2019-01-22 07:13:32 +00:00
parent 77f8d28413
commit de8060fc08
1 changed files with 13 additions and 30 deletions
--- a/ADM/ADM_PAC.SRC
+++ b/ADM/ADM_PAC.SRC
@@ -101,33 +101,17 @@ AS
   END;

  FUNCTION scriptspoolfile (custpattern  IN VARCHAR2, -- eg ^SGGR for 'start with SGGR', ATCH|BONS for two schema
-                             scriptname   IN VARCHAR2)
+                            scriptname   IN VARCHAR2)
      RETURN VARCHAR2
   IS
-      lstname   VARCHAR2 (255);
-      tekst   VARCHAR2 (255);
+      lstname   VARCHAR2(255);
+      tekst     VARCHAR2(255);
   BEGIN
-       IF NOT REGEXP_LIKE(USER, custpattern, 'i') THEN
-           tekst := CHR(10) || '============================================' || CHR(10)
-                 || 'Wrong user!!!!!!!!!' || CHR(10)
-                 || 'User should be match ' || custpattern || ' but is ' || USER || CHR(10)
-                 || '============================================' || CHR(10);
-           RAISE_APPLICATION_ERROR(-20000, tekst);
-       END IF;
-
-      lstname := UPPER (scriptname);
-      RETURN lstname || '_'
-             || UPPER(   USER
-                      || '_'
-                      || SYS_CONTEXT ('USERENV', 'SERVICE_NAME')
-                      || '_'
-                      || SYS_CONTEXT ('USERENV', 'SERVER_HOST'))
-             || '_'
-             || TO_CHAR (SYSDATE, 'YYYYMMDD_HH24MISS')
-             || '.lst';
+      tekst := adm.checkscriptcust(custpattern);
+      lstname := adm.getscriptspoolfile(scriptname);
+      RETURN lstname;
   END;

-
   FUNCTION getscriptspoolfile(scriptname IN VARCHAR2)
      RETURN VARCHAR2
   IS
@@ -145,17 +129,16 @@ AS
   FUNCTION checkscriptcust(custpattern IN VARCHAR2)
      RETURN VARCHAR2
   IS
-      klant     fac_version.fac_version_cust%TYPE;
-      groep     fac_version.fac_version_group%TYPE;
+      klant     VARCHAR2(4);
+      groep     VARCHAR2(4);
+      qry       VARCHAR2(4000);
      tekst     VARCHAR2 (255);
   BEGIN
      tekst := '';
-      SELECT fac_version_cust
-           , fac_version_group
-        INTO klant
-           , groep
-        FROM fac_version;
-
+      qry := 'SELECT fac_version_cust'
+          || '     , fac_version_group'
+          || '  FROM fac_version';
+      EXECUTE IMMEDIATE qry INTO klant, groep;
      IF NOT (custpattern = klant OR custpattern = groep OR REGEXP_LIKE(USER, custpattern, 'i'))
      THEN
         tekst := CHR(10)