<% /* $Revision$ $Id$ */ %> <% // // Include file (ASP) used for adding a 3D ALG (place) authorization clause // to an SQL statement 'psql' that is being build // It requires some column names that represent the columns of discipline and place levels // in this SQL statement, and return the modified psql variable // Since it creates several UNIONs based upon the current sql statement, // it must be called at the end of the sql creation, i.e. sql must be complete (apart from order by) // Variabele pdisc is used (if present) to restrict the condition to only the disciplines in this (comma separated) list // // function discxalg3d ( psql, pdiscipline_column_3d, pregio_column_3d, pdistrict_column_3d, plocatie_column_3d, pgebouw_column_3d, pverdieping_column_3d, pruimte_column_3d, pautfunction, pdisc, pforwrite, // "" for unknown minlevel) { __SafeLog('discipline_column_3d = '+pdiscipline_column_3d +'
regio_column_3d = '+pregio_column_3d +'
district_column_3d = '+pdistrict_column_3d +'
locatie_column_3d = '+plocatie_column_3d +'
gebouw_column_3d = '+pgebouw_column_3d +'
verdieping_column_3d = '+pverdieping_column_3d +'
ruimte_column_3d = '+pruimte_column_3d +'
autfunction = '+pautfunction +'
disc = '+pdisc +'
forwrite = '+pforwrite); __SafeLog('InputSQL: ' + psql + ''); // ============================== // === BUILD ALG_AUTORISATION === // ============================== var oRs = Oracle.Execute ("select alg_regio_key from alg_v_my_region" + " where prs_perslid_key = " + user_key) // Level 0 var rekeys = "" // List of my region keys while (!oRs.eof){ rekeys += (rekeys==""?"":", ") + oRs(0) oRs.MoveNext() } oRs = Oracle.Execute ("select alg_district_key from alg_v_my_district" + " where prs_perslid_key = " + user_key) // Level 1 var dkeys = "" // List of my district keys while (!oRs.eof){ dkeys += (dkeys==""?"":", ") + oRs(0) oRs.MoveNext() } oRs = Oracle.Execute ("select alg_locatie_key from alg_v_my_location" + " where prs_perslid_key = " + user_key) // Level 2 var lkeys = "" // List of my location keys while (!oRs.eof){ lkeys += (lkeys==""?"":", ") + oRs(0) oRs.MoveNext() } oRs = Oracle.Execute ("select alg_gebouw_key from alg_v_my_building" + " where prs_perslid_key = " + user_key) // Level 3 var gkeys = "" // List of my building keys while (!oRs.eof){ gkeys += (gkeys==""?"":", ") + oRs(0) oRs.MoveNext() } oRs = Oracle.Execute ("select alg_verdieping_key from alg_v_my_floor" + " where prs_perslid_key = " + user_key) // Level 4 var fkeys = "" // List of my floor keys while (!oRs.eof){ fkeys += (fkeys==""?"":", ") + oRs(0) oRs.MoveNext() } oRs = Oracle.Execute ("select alg_ruimte_key from alg_v_my_room" + " where prs_perslid_key = " + user_key) // Level 4 var rkeys = "" // List of my room keys while (!oRs.eof){ rkeys += (rkeys==""?"":", ") + oRs(0) oRs.MoveNext() } // Iterate through all disciplines var sqlD = "SELECT i.ins_discipline_key, "+(pforwrite?"fac_gebruiker_alg_level_write":"fac_gebruiker_alg_level_read") + " FROM fac_v_webgebruiker wg, fac_functie f, ins_tab_discipline i" + " WHERE wg.prs_perslid_key="+user_key + " AND f.fac_functie_key=wg.fac_functie_key" + " AND f.fac_functie_code=" + safe.quoted_sql(pautfunction) + (pforwrite?" AND wg.fac_gebruiker_alg_level_write<9":" AND wg.fac_gebruiker_alg_level_read<9") + " AND wg.ins_discipline_key = i.ins_discipline_key" + " AND i.ins_discipline_verwijder is NULL"; if( pdisc != '') { sqlD += " AND i.ins_discipline_key IN (" + pdisc + ")"; } if (minlevel>0) // RES filtert extra hard { sqlD += " AND i.ins_discipline_min_level = " + minlevel; } sqlD += " ORDER BY 2,1"; // we need this oRs = Oracle.Execute(sqlD) var fullSQL = "" // Build a UNION for each INS_DISCIPLINE var allSQL = []; while (!oRs.eof) { var discsOfThisLevel = ''; var thisLevel = oRs(1).value; while ( !oRs.eof && oRs(1) == thisLevel ) { discsOfThisLevel += (discsOfThisLevel=='' ? oRs(0) : ', '+oRs(0)); oRs.MoveNext() } if (thisLevel >= 0 && rkeys=="") { __SafeLog("" + pautfunction+" for disciplines " + discsOfThisLevel + " requires ALG level " + thisLevel + " but user has no 'werkplek'"); continue; // Geen (vereiste) werkplek, dus voor deze discipline(s) geen rechten } var thisSQL = psql + " AND "+ pdiscipline_column_3d + " IN ("+ discsOfThisLevel +")"; __Log(pautfunction+' for disciplines ' + discsOfThisLevel + ' authorized at ALG level ' + thisLevel); if (thisLevel == -1) { // Done } else if (thisLevel== 0) { thisSQL += " AND "+ pregio_column_3d + " IN ("+rekeys+")" } else if (thisLevel== 1) { thisSQL += " AND "+ pdistrict_column_3d + " IN ("+dkeys+")" } else if (thisLevel== 2) { thisSQL += " AND "+ plocatie_column_3d + " IN ("+lkeys+")" } else if (thisLevel== 3) { thisSQL += " AND "+ pgebouw_column_3d + " IN ("+gkeys+")" } else if (thisLevel== 4) { thisSQL += " AND "+ pverdieping_column_3d + " IN ("+fkeys+")" } else if (thisLevel== 5) { thisSQL += " AND "+ pruimte_column_3d + " IN ("+rkeys+")" } else __Log("Waarschuwing: niveau nog niet ondersteund: " + thisLevel) allSQL.push(thisSQL); } oRs.close(); // we return the extended version of psql, or, if NO discipline was read authorized we prohibit the selection return (allSQL.length ? allSQL.join("\nUNION\n ") : psql+" AND 1=0"); } %>