admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e6f51fec34b5dedd7a7ffe58fdabd1bab4f1df2f
Facilitor/APPL/Shared/discxalg3d.inc
Koen Reefman 3279c62a3d FCLT#68694 Syntax-fix; oRs(0) -> oRs(0).Value 
svn path=/Website/trunk/; revision=54572
2022-01-17 16:36:49 +00:00

157 lines
6.6 KiB
C++
Raw Blame History

<% /*
$Revision$
$Id$
*/ %>
<%
//
// Include file (ASP) used for adding a 3D ALG (place) authorization clause
// to an SQL statement 'psql' that is being build
// It requires some column names that represent the columns of discipline and place levels
// in this SQL statement, and return the modified psql variable
// Since it creates several UNIONs based upon the current sql statement,
// it must be called at the end of the sql creation, i.e. sql must be complete (apart from order by)
// Variabele pdisc is used (if present) to restrict the condition to only the disciplines in this (comma separated) list
//
//
function discxalg3d (
psql,
pdiscipline_column_3d,
pregio_column_3d,
pdistrict_column_3d,
plocatie_column_3d,
pgebouw_column_3d,
pverdieping_column_3d,
pruimte_column_3d,
pautfunction,
pdisc,
pforwrite, // "" for unknown
minlevel,
psql_group_by)
{
__SafeLog('discipline_column_3d = '+pdiscipline_column_3d
+'<br>regio_column_3d = '+pregio_column_3d
+'<br>district_column_3d = '+pdistrict_column_3d
+'<br>locatie_column_3d = '+plocatie_column_3d
+'<br>gebouw_column_3d = '+pgebouw_column_3d
+'<br>verdieping_column_3d = '+pverdieping_column_3d
+'<br>ruimte_column_3d = '+pruimte_column_3d
+'<br>autfunction = '+pautfunction
+'<br>disc = '+pdisc
+'<br>forwrite = '+pforwrite
+'<br>psql_group_by = '+psql_group_by);
__SafeLog('InputSQL: <small>' + psql + '</small>');
// ==============================
// === BUILD ALG_AUTORISATION ===
// ==============================
var oRs = Oracle.Execute ("select alg_regio_key from alg_v_my_region" +
" where prs_perslid_key = " + user_key) // Level 0
var rekeys = "" // List of my region keys
while (!oRs.eof){
rekeys += (rekeys==""?"":", ") + oRs(0).Value
oRs.MoveNext()
}
oRs.Close();
oRs = Oracle.Execute ("select alg_district_key from alg_v_my_district" +
" where prs_perslid_key = " + user_key) // Level 1
var dkeys = "" // List of my district keys
while (!oRs.eof){
dkeys += (dkeys==""?"":", ") + oRs(0).Value
oRs.MoveNext()
}
oRs.Close();
oRs = Oracle.Execute ("select alg_locatie_key from alg_v_my_location" +
" where prs_perslid_key = " + user_key) // Level 2
var lkeys = "" // List of my location keys
while (!oRs.eof){
lkeys += (lkeys==""?"":", ") + oRs(0).Value
oRs.MoveNext()
}
oRs.Close();
oRs = Oracle.Execute ("select alg_gebouw_key from alg_v_my_building" +
" where prs_perslid_key = " + user_key) // Level 3
var gkeys = "" // List of my building keys
while (!oRs.eof){
gkeys += (gkeys==""?"":", ") + oRs(0).Value
oRs.MoveNext()
}
oRs.Close();
oRs = Oracle.Execute ("select alg_verdieping_key from alg_v_my_floor" +
" where prs_perslid_key = " + user_key) // Level 4
var fkeys = "" // List of my floor keys
while (!oRs.eof){
fkeys += (fkeys==""?"":", ") + oRs(0).Value
oRs.MoveNext()
}
oRs.Close();
oRs = Oracle.Execute ("select alg_ruimte_key from alg_v_my_room" +
" where prs_perslid_key = " + user_key) // Level 4
var rkeys = "" // List of my room keys
while (!oRs.eof){
rkeys += (rkeys==""?"":", ") + oRs(0).Value
oRs.MoveNext()
}
oRs.Close();
// Iterate through all disciplines
var sqlD = "SELECT i.ins_discipline_key, "+(pforwrite?"fac_gebruiker_alg_level_write":"fac_gebruiker_alg_level_read")
+ " FROM fac_v_webgebruiker wg, fac_functie f, ins_tab_discipline i"
+ " WHERE wg.prs_perslid_key="+user_key
+ " AND f.fac_functie_key=wg.fac_functie_key"
+ " AND f.fac_functie_code=" + safe.quoted_sql(pautfunction)
+ (pforwrite?" AND wg.fac_gebruiker_alg_level_write<9":" AND wg.fac_gebruiker_alg_level_read<9")
+ " AND wg.ins_discipline_key = i.ins_discipline_key"
+ " AND i.ins_discipline_verwijder is NULL";
if( pdisc != '') {
sqlD += " AND i.ins_discipline_key IN (" + pdisc + ")";
}
if (minlevel > 0) // RES filtert extra hard
{
sqlD += " AND i.ins_discipline_min_level = " + minlevel;
}
sqlD += " ORDER BY 2,1"; // we need this
oRs = Oracle.Execute(sqlD)
var fullSQL = "" // Build a UNION for each INS_DISCIPLINE
var allSQL = [];
while (!oRs.eof)
{
var discsOfThisLevel = '';
var thisLevel = oRs(1).value;
while ( !oRs.eof && oRs(1).Value == thisLevel ) {
discsOfThisLevel += (discsOfThisLevel=='' ? oRs(0).Value : ', '+oRs(0).Value);
oRs.MoveNext()
}
if (thisLevel >= 0 && rkeys=="")
{
__SafeLog("<span style='background-color:yellow'>" + pautfunction+" for disciplines " + discsOfThisLevel + " requires ALG level " + thisLevel + " but user has no 'werkplek'</span>");
continue; // Geen (vereiste) werkplek, dus voor deze discipline(s) geen rechten
}
var thisSQL = psql + " AND "+ pdiscipline_column_3d + " IN ("+ discsOfThisLevel + ")";
__Log(pautfunction+' for disciplines ' + discsOfThisLevel + ' authorized at ALG level ' + thisLevel);
if (thisLevel == -1)
{ // Done
}
else if (thisLevel== 0) { thisSQL += " AND " + pregio_column_3d + " IN (" + rekeys + ")" }
else if (thisLevel== 1) { thisSQL += " AND " + pdistrict_column_3d + " IN (" + dkeys + ")" }
else if (thisLevel== 2) { thisSQL += " AND " + plocatie_column_3d + " IN (" + lkeys + ")" }
else if (thisLevel== 3) { thisSQL += " AND " + pgebouw_column_3d + " IN (" + gkeys + ")" }
else if (thisLevel== 4) { thisSQL += " AND " + pverdieping_column_3d + " IN (" + fkeys + ")" }
else if (thisLevel== 5) { thisSQL += " AND " + pruimte_column_3d + " IN (" + rkeys + ")" }
else __Log("Waarschuwing: niveau nog niet ondersteund: " + thisLevel)
thisSQL += (psql_group_by
? " " + psql_group_by
: "");
allSQL.push(thisSQL);
}
oRs.close();
// we return the extended version of psql, or, if NO discipline was read authorized we prohibit the selection
return (allSQL.length ? allSQL.join("\nUNION\n ") : psql+" AND 1=0");
}
%>
View Git Blame Copy Permalink