<% '=================================================================== ' Access Control General '=================================================================== %> <% '------------ VARIABLE DEFINITION ------------- Dim rsAccessControl '------------ CONSTANTS DECLARATION ----------- '------------ VARIABLE INIT ------------------- '---------------------------------------------- %> <% '----------------------------------------------------------------------------------------------------------------------------- Sub LoginCheck () If NOT objAccessControl.UserLogedIn Then objPMod.PersistInQryString ( aPersistList ) ' Get all persistant parameters If NOT isPopupWindow Then Call OpenInWindow ( "Login.asp?rfile="& SCRIPT_NAME & objPMod.ComposeURLWithout("rfile") ) Else Call OpenInParentWindow ( "Login.asp?"& objPMod.ComposeURL() ) Call CloseWindow() End If End If End Sub '----------------------------------------------------------------------------------------------------------------------------- Sub ApplicationAccessCheck () '--- Built In Administrator Override --- If objAccessControl.UserId = 0 Then Exit Sub End If '--------------------------------------- If NOT objAccessControl.UserApplication ( APPLICATION_ID ) Then If NOT isPopupWindow Then Call OpenInWindow ( "Login.asp?message=1&rfile="& SCRIPT_NAME & objPMod.ComposeURLWithout("rfile") ) Else Call OpenInParentWindow ( "Login.asp?message=1&"& objPMod.ComposeURL() ) Call CloseWindow() End If End If End Sub '----------------------------------------------------------------------------------------------------------------------------- %> <% '------------ RUN BEFORE CONTROL RENDER ------- '--- Login Check --- Call LoginCheck () '--- Application Permissions --- Call ApplicationAccessCheck() '---------------------------------------------- %> <% ' TODO : Update next line with log on user id OraDatabase.Parameters.Add "USER_ID", objAccessControl.UserId, ORAPARM_INPUT, ORATYPE_NUMBER OraDatabase.Parameters.Add "APP_ID", APPLICATION_ID, ORAPARM_INPUT, ORATYPE_NUMBER OraDatabase.Parameters.Add "PAGE_NAME", SCRIPT_NAME, ORAPARM_INPUT, ORATYPE_VARCHAR2 ' Load Static Permissions Set rsAccessControl = OraDatabase.DbCreateDynaset( GetQuery ("AccessControlStaticPermissions.sql") , ORADYN_DEFAULT ) If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then objAccessControl.LoadStaticPermissions rsAccessControl.GetRows() End If rsAccessControl.Close ' Load Data Permissions Set rsAccessControl = OraDatabase.DbCreateDynaset( GetQuery ("AccessControlDataPermissions.sql") , ORADYN_DEFAULT ) If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then objAccessControl.LoadDataPermissions rsAccessControl.GetRows() End If rsAccessControl.Close '' Load Data Permission Variations 'Set rsAccessControl = OraDatabase.DbCreateDynaset( GetQuery ("AccessControlDataPermissionVariations.sql") , ORADYN_DEFAULT ) 'If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then ' objAccessControl.LoadDataPermissionVariations rsAccessControl.GetRows() ' 'End If 'rsAccessControl.Close OraDatabase.Parameters.Remove "USER_ID" OraDatabase.Parameters.Remove "APP_ID" OraDatabase.Parameters.Remove "PAGE_NAME" %> <% '------------ RUN AFTER CONTROL RENDER -------- '---------------------------------------------- %>