admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FSN#27322 ALG savescripts doen geen autorisatiecontrole

Browse Source 
svn path=/Website/trunk/; revision=22199
This commit is contained in:
Erik Groener
2014-07-29 07:04:54 +00:00
parent ba6d38739b
commit a2750f3d7b
9 changed files with 60 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
APPL/ALG/alg_edit_district_save.asp
View File

@@ -7,17 +7,22 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="../Shared/kenmerk_common.inc"-->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery", "kenmerk"],
js: []
}) %>
<%
var dis_key = getQParamInt( "dis_key" );
var dis_key = getQParamInt( "dis_key" );
var fields = [ { dbs: "alg_district_omschrijving", typ: "varchar", frm: "dis_oms" },
{ dbs: "alg_regio_key", typ: "number", frm: "regiokey" }];
var onrgoedlvl = "D";
var this_alg = alg.func_enabled(dis_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.readman || this_alg.readuse);
var fields = [ { dbs: "alg_district_omschrijving", typ: "varchar", frm: "dis_oms" },
{ dbs: "alg_regio_key", typ: "number", frm: "regiokey" }];
var warning = "";
if (dis_key > 0)

7
APPL/ALG/alg_edit_gebouw_save.asp
View File

@@ -7,8 +7,9 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="../Shared/kenmerk_common.inc"-->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
@@ -24,6 +25,10 @@
if (einduur == -1)
einduur = "";
var onrgoedlvl = "G";
var this_alg = alg.func_enabled(bld_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.writeman || (bld_key>0&&this_alg.writeuse));
var fields = [ { dbs: "alg_locatie_key", typ: "key", frm: "locatiekey" },
{ dbs: "alg_srtgebouw_key", typ: "key", frm: "bld_srtkey" },
{ dbs: "alg_gebouw_naam", typ: "varchar", frm: "bld_naam" },

7
APPL/ALG/alg_edit_locatie_save.asp
View File

@@ -7,8 +7,9 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="../Shared/kenmerk_common.inc"-->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
@@ -16,6 +17,10 @@
<%
var loc_key = getQParamInt( "loc_key" );
var onrgoedlvl = "L";
var this_alg = alg.func_enabled(loc_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.writeman || (loc_key>0&&this_alg.writeuse));
var fields = [ { dbs: "alg_district_key", typ: "number", frm: "districtkey" },
{ dbs: "alg_locatie_code", typ: "varchar", frm: "loc_code" },
{ dbs: "alg_locatie_omschrijving", typ: "varchar", frm: "loc_omsch" },

11
APPL/ALG/alg_edit_regio_save.asp
View File

@@ -7,15 +7,20 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
}) %>
<%
var reg_key = getQParamInt( "regio_key" );
var reg_key = getQParamInt( "regio_key" );
var fields = [ { dbs: "alg_regio_omschrijving", typ: "varchar", frm: "reg_oms" }];
var onrgoedlvl = "RG";
var this_alg = alg.func_enabled(reg_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.writeman || (reg_key>0&&this_alg.writeuse));
var fields = [ { dbs: "alg_regio_omschrijving", typ: "varchar", frm: "reg_oms" }];
var warning = "";
if (reg_key > 0)

7
APPL/ALG/alg_edit_ruimte_save.asp
View File

@@ -8,8 +8,9 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="../Shared/kenmerk_common.inc"-->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
@@ -26,6 +27,10 @@
if (einduur == -1)
einduur = "";
var onrgoedlvl = "R";
var this_alg = alg.func_enabled(room_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.writeman || (room_key>0&&this_alg.writeuse));
function uurForeign(tm)
{
return toTimeString(tm, false); // geen seconden

10
APPL/ALG/alg_edit_ruimtefunctie_save.asp
View File

@@ -12,12 +12,16 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
}) %>
<%
var autfunction = 'WEB_ALGMAN';
var authparams = user.checkAutorisation(autfunction)
var srtruimte_lg_key = getQParamInt("srtruimte_lg_key", -1);
var srtruimte_key = getFParamInt("srtruimte", -1);
var loc_key = getFParamInt("locatiekey", -1);
@@ -64,7 +68,7 @@ __Log("srtruimte_lg_key = " + srtruimte_lg_key);
{
sql = buildUpdate("alg_srtruimte_locatiegebouw", fields)
+ " alg_srtruimte_lg_key = " + srtruimte_lg_key;
var err = Oracle.Execute(sql, true);
if (err.friendlyMsg)
warning = err.friendlyMsg;
@@ -74,7 +78,7 @@ __Log("srtruimte_lg_key = " + srtruimte_lg_key);
fields.push({ dbs: "alg_srtruimte_lg_key", typ: "key", seq: "alg_s_alg_srtruimte_lg_key" });
var regIns = buildInsert("alg_srtruimte_locatiegebouw", fields);
var srtruimte_lg_key = regIns.sequences["alg_srtruimte_lg_key"];
sql = regIns.sql;
var err = Oracle.Execute(sql, true);
if (err.friendlyMsg)

9
APPL/ALG/alg_edit_terreinsector_save.asp
View File

@@ -7,14 +7,19 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="../Shared/kenmerk_common.inc"-->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
}) %>
<%
var ter_key = getQParamInt( "ter_key" );
var ter_key = getQParamInt( "ter_key" );
var onrgoedlvl = "T";
var this_alg = alg.func_enabled(ter_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.writeman || (ter_key>0&&this_alg.writeuse));
var fields = [ { dbs: "alg_locatie_key", typ: "key", frm: "locatiekey", track: true /* afzonderlijke tracking, wel oldjsval */ },
{ dbs: "ALG_TERREINSECTOR_OMSCHRIJVING", typ: "varchar", frm: "ter_oms" },

9
APPL/ALG/alg_edit_verdieping_save.asp
View File

@@ -7,14 +7,19 @@
*/ %>
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="../Shared/kenmerk_common.inc"-->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"],
js: []
}) %>
<%
var flr_key = getQParamInt( "flr_key" );
var flr_key = getQParamInt( "flr_key" );
var onrgoedlvl = "V";
var this_alg = alg.func_enabled(flr_key, onrgoedlvl);
user.auth_required_or_abort(this_alg.writeman || (flr_key>0&&this_alg.writeuse));
var fields = [ { dbs: "alg_verdieping_omschrijving", typ: "varchar", frm: "flr_omschr" },
{ dbs: "alg_verdieping_volgnr", typ: "number", frm: "flr_volgnr" },

5
APPL/ALG/alg_edit_wp_save.asp
View File

@@ -8,7 +8,8 @@
<!-- #include file="../Shared/common.inc" -->
<!-- #include file="../Shared/iface.inc" -->
<!-- #include file="../shared/save2db.inc" -->
<!-- #include file="../Shared/save2db.inc" -->
<!-- #include file="alg.inc" -->
<% FCLTHeader.Requires({ plugins:["jQuery"] }); %>
<%
@@ -19,6 +20,8 @@ var virtueel = (getFParamInt("has_wp_virt", 0) == 1) && (Request.Form("wp_virt")
// Bij impliciet altijd flex
var wp_type = (S("prs_werkplek_implicit") == 1)?1:getFParamInt("wp_type");
var authparams = alg.checkAutorisation();
var fields = [// { dbs: "PRS_WERKPLEK_MODULE", typ: "varchar", frm: "" },
{ dbs: "PRS_WERKPLEK_VOLGNR", typ: "number", frm: "wp_volgnr" },
{ dbs: "PRS_WERKPLEK_OMSCHRIJVING", typ: "varchar", frm: "wp_oms" },