<%
'=============================================================
'//
'// Access Control
'// This class is agnostic of the appliaction and could be common
'// to all Manager Suite tools
'//
'=============================================================
%>
<%
'--------------- Global Constants ----------------
Const enumSESSION_TIMEOUT = 600 ' Minutes
Const enumSESSION_LAST_REQUEST = "AM_SESSION_LAST_REQUEST"
Const enumLOGIN_TOKEN_SESSION = "AM_LOGIN_TOKEN"
Const enumUSER_ID_SESSION = "AM_USER_ID"
Const enumUSER_DETAILS_SESSION = "AM_USER_DETAILS"
Const enumUSER_APPLICATIONS_SESSION = "AM_USER_APPLICATIONS"
Const enumUSER_STATIC_PERMISSIONS = "AM_USER_STATIC_PERMISSIONS"
Const enumUSER_DATA_PERMISSIONS = "AM_USER_DATA_PERMISSIONS"
Const enumUSER_TEMP_VARIABLE = "AM_USER_TEMP_VARIABLE"
Const enumACCESS_MANAGER_EVENT_LOGON_SUCCESS = 1
Const enumACCESS_MANAGER_EVENT_LOGON_FAIL = -1
Const enumACCESS_MANAGER_EVENT_LOGOFF = 0
Const enumACCESS_MANAGER_EVENT_SESSION_EXPIRE = 2
'-------------------------------------------------
Class AccessControl
Private moOraSession
Private moOraDatabase
Private mobjStaticControl
Private mobjRowPermissions
Private mobjTablePermissions
Private sSEPARATOR
Private mbIsApplicationRunning
Public bDebug
Public Property Let objOraDatabase ( ByRef oOraDatabase )
Set moOraDatabase = oOraDatabase
End Property
Public Property Let objOraSession ( ByRef oOraSession )
Set moOraSession = oOraSession
End Property
Public Property Get UserLogedIn ()
UserLogedIn = FALSE
' Check for Session Token
If (Session(enumLOGIN_TOKEN_SESSION) <> "") AND NOT IsNull(Session(enumLOGIN_TOKEN_SESSION)) Then
UserLogedIn = TRUE
End If
End Property
Public Property Get UserId ()
UserId = Session(enumUSER_ID_SESSION)
End Property
Public Property Get UserName ()
UserName = Extract( "user_name", Session(enumUSER_DETAILS_SESSION) )
End Property
Public Property Get FullName ()
FullName = Extract( "full_name", Session(enumUSER_DETAILS_SESSION) )
End Property
Public Property Get UserEmail ()
UserEmail = Extract( "user_email", Session(enumUSER_DETAILS_SESSION) )
End Property
Public Property Get LastVisit ()
LastVisit = Extract( "last_visit", Session(enumUSER_DETAILS_SESSION) )
End Property
Public Property Get Domain ()
Domain = Extract( "domain", Session(enumUSER_DETAILS_SESSION) )
End Property
Public Property Get IsApplicationRunning()
If IsNull(mbIsApplicationRunning) Then
Call GetApplicationRunningLevel ()
End If
IsApplicationRunning = mbIsApplicationRunning
End Property
Public Property Get isDevSystem()
isDevSystem = IsEmpty(Application("LiveSystem"))
End Property
'-----------------------------------------------------------------------------------------------------------------
Public Function UserApplication ( nAppId )
UserApplication = FALSE
If InStr( sSEPARATOR & Session(enumUSER_APPLICATIONS_SESSION) & sSEPARATOR, sSEPARATOR & nAppId & sSEPARATOR) Then
UserApplication = TRUE
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Sub dumpAll()
Response.Write "
Pretty Dictionary mobjStaticControl"
Response.Write DICToutput(mobjStaticControl)
Response.Write "
Pretty Dictionary mobjRowPermissions"
Response.Write DICToutput(mobjRowPermissions)
Response.Write "
Pretty Dictionary mobjTablePermissions"
Response.Write DICToutput(mobjTablePermissions)
Response.Write "
End"
End Sub
Private Sub RR(txt)
If bDebug Then
Response.Write "
" & txt
End If
End Sub
'-----------------------------------------------------------------------------------------------------------------
Public Function BeginRegion ( sControlObjName )
Response.write ""
Response.write " "
Response.write " | "& sControlObjName &" | "
Response.write "
"
Response.write " "
Response.write " "
Response.write " "
Response.write " | "
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Function EndRegion ( sControlObjName )
Response.write " | "
Response.write " |
"
Response.write "
"
End Function
'-----------------------------------------------------------------------------------------------------------------
Private Function Extract( sField, sString )
Dim tempArr, tempSTR
tempArr = Split( sString, sSEPARATOR )
tempSTR = Join( Filter( tempArr, sField &"=" ) ) ' Append "=" to field name to get e.g. "user_name="
If tempSTR <> "" Then
Extract = Right( tempSTR, Len(tempSTR) - Len( sField &"=" )) ' Strip the fieled name from value
Else
Extract = ""
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Private Function GetDataPermission ( sTableName, nRowId, nPermissionType, sControlObjName )
Dim cPermissionValue
Dim key : key = Cstr( sTableName &"_"& nRowId &"_"& sControlObjName &"_"& nPermissionType )
'--- Get Row Permission ---
cPermissionValue = ""
If mobjRowPermissions.Exists( key ) Then
cPermissionValue = mobjRowPermissions.Item ( key )
End If
If IsNull( cPermissionValue ) OR ( cPermissionValue = "" ) Then
'--- Get Default Table Permission ---
Dim pkey : pkey = Cstr( sTableName &"_"& sControlObjName &"_"& nPermissionType )
cPermissionValue = ""
If mobjTablePermissions.Exists( pkey ) Then
cPermissionValue = mobjTablePermissions.Item ( pkey )
End If
End If
'--- Return TRUE / FALSE ---
GetDataPermission = FALSE
If cPermissionValue = enumDB_YES Then
GetDataPermission = TRUE
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Function IsDataVisible ( sTableName, nRowId, sControlObjName )
IsDataVisible = FALSE
If IsVisible ( sControlObjName ) OR GetDataPermission ( sTableName, nRowId, enumDB_PERMISSION_TYPE_VISIBLE, sControlObjName ) Then
IsDataVisible = TRUE
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Function IsDataActive ( sTableName, nRowId, sControlObjName )
IsDataActive = FALSE
If IsActive ( sControlObjName ) OR GetDataPermission ( sTableName, nRowId, enumDB_PERMISSION_TYPE_ACTIVE, sControlObjName ) Then
IsDataActive = TRUE
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Function IsActive ( sControlObjName )
Dim key : key = Cstr( sControlObjName &"_"& enumDB_PERMISSION_TYPE_ACTIVE )
IsActive = FALSE
If mobjStaticControl.Exists(key) Then
If ( mobjStaticControl.Item (key) = enumDB_YES ) OR ( IsNull(sControlObjName) )Then
IsActive = TRUE
End If
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Function IsVisible ( sControlObjName )
Dim key : key = Cstr( sControlObjName &"_"& enumDB_PERMISSION_TYPE_VISIBLE )
IsVisible = FALSE
If mobjStaticControl.Exists(key) Then
If mobjStaticControl.Item (key) = enumDB_YES Then
IsVisible = TRUE
End If
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
' This function is used for HTML conponents that support attribute "disabled". i.e. Button, dropdown, etc.
Public Function IsComponentDisabled ( sControlObjName )
If IsVisible ( sControlObjName ) Then
IsComponentDisabled = ""
Else
IsComponentDisabled = " disabled "
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Sub LoadDataPermissions ( aRows )
Dim numOfRows, rowNum
Dim InxTableName, InxRefColumnVal, InxPermissionType, InxPermission, InxControl
Dim TableName, RefColumnVal, PermissionType, Permission, Control
Dim key
InxTableName = 0
InxRefColumnVal = 1
InxPermissionType = 2
InxPermission = 3
InxControl = 4
' Nothing to do ifthere is no data
If IsNull(aRows) OR IsEmpty(aRows) Then
Exit Sub
End If
numOfRows = UBound( aRows, 2 )
For rowNum = 0 To numOfRows
TableName = aRows( InxTableName, rowNum )
RefColumnVal = aRows( InxRefColumnVal, rowNum )
PermissionType = aRows( InxPermissionType, rowNum )
Permission = aRows( InxPermission, rowNum )
Control = aRows( InxControl, rowNum )
If RefColumnVal = 0 Then
'--- Set Table Default Permission (i.e. "0" wildcard for "all records") ---
key = TableName & "_" & Control & "_" & PermissionType
'
' Data appears to be wrong and useless
' Don't populate this table
'mobjTablePermissions.Item ( key ) = Permission
Else
'--- Set Row Permission ---
key = TableName & "_" & RefColumnVal & "_" & Control & "_" & PermissionType
mobjRowPermissions.Item ( key ) = Permission
End If
Next
'Response.Write "
Pretty Dictionary mobjRowPermissions"
'Response.Write DICToutput(mobjRowPermissions)
'Response.Write "
Pretty Dictionary mobjTablePermissions"
'Response.Write DICToutput(mobjTablePermissions)
'Response.write ""
End Sub
'-----------------------------------------------------------------------------------------------------------------
Public Sub LoadDataPermissionVariations ( aRows )
Dim numOfRows, rowNum
Dim InxTableName, InxRefColumnVal, InxPermissionType, InxPermission
InxTableName = 0
InxRefColumnVal = 1
InxPermissionType = 2
InxPermission = 3
numOfRows = UBound( aRows, 2 )
For rowNum = 0 To numOfRows
If mobjRowPermissions.Exists ( aRows( InxTableName, rowNum ) &"_"& enumDB_ALL_DATA &"_"& aRows( InxPermissionType, rowNum ) )Then
mobjRowPermissions.Remove ( aRows( InxTableName, rowNum ) &"_"& enumDB_ALL_DATA &"_"& aRows( InxPermissionType, rowNum ) )
End If
mobjRowPermissions.Item ( aRows( InxTableName, rowNum ) &"_"& aRows( InxRefColumnVal, rowNum ) &"_"& aRows( InxPermissionType, rowNum ) ) = CStr( aRows( InxPermission, rowNum ) )
If aRows( InxPermission, rowNum ) = enumDB_NO Then
mobjTablePermissions.Item ( aRows( InxTableName, rowNum ) &"_"& aRows( InxPermissionType, rowNum ) ) = enumDB_YES
Else
mobjTablePermissions.Item ( aRows( InxTableName, rowNum ) &"_"& aRows( InxPermissionType, rowNum ) ) = enumDB_NO
End If
Next
'Response.write "mobjRowPermissions.Keys="& Join ( mobjRowPermissions.Keys, ", ")
End Sub
'-----------------------------------------------------------------------------------------------------------------
Public Sub LoadStaticPermissions ( aRows )
Dim numOfRows, rowNum
Dim InxObjName, InxPermissionType, InxPermission
Dim dKey, dValue
InxObjName = 0
InxPermissionType = 1
InxPermission = 2
numOfRows = UBound( aRows, 2 )
For rowNum = 0 To numOfRows
dKey = aRows( InxObjName, rowNum ) &"_"& aRows( InxPermissionType, rowNum )
dValue = CStr( aRows( InxPermission, rowNum ) )
mobjStaticControl.Add ( dKey ), dValue
Next
'Response.Write "
Pretty Dictionary LoadStaticPermissions mobjStaticControl"
'Response.Write DICToutput(mobjStaticControl)
'Response.Write ""
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Function AutoLogonUser ( sUserId )
Dim rsQry, query, is_Online
AutoLogonUser = FALSE
'-- Kill Any pervious User Permissions stored in session --
Session.Contents.Remove(enumUSER_STATIC_PERMISSIONS)
Session.Contents.Remove(enumUSER_DATA_PERMISSIONS)
'--- Get if user is logged on from DB ---
moOraDatabase.Parameters.Add "USER_ID", sUserId, ORAPARM_INPUT, ORATYPE_NUMBER
query = "SELECT usr.IS_ONLINE FROM USERS usr WHERE usr.USER_ID = :USER_ID"
Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Then
is_Online = rsQry("is_online")
End If
moOraDatabase.Parameters.Remove "USER_ID"
rsQry.Close
Set rsQry = Nothing
'--- Check if User is still Logged on ---
If is_Online = "Y" Then
Call SessionsAndCookieSetup ( sUserId )
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Sub LogonUser ( sUserName, sUserPassword )
Dim rsQry, query, sMessage
sMessage = NULL
'-- Kill Any pervious User Permissions stored in session --
Session.Contents.Remove(enumUSER_STATIC_PERMISSIONS)
Session.Contents.Remove(enumUSER_DATA_PERMISSIONS)
moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2
query = "SELECT usr.* FROM USERS usr WHERE usr.USER_NAME = :USER_NAME"
Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
moOraDatabase.Parameters.Remove "USER_NAME"
'--- Try Authenticating ---
If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Then
' User Found !
If rsQry("is_disabled") = enumDB_YES Then
' User Disabled !
sMessage = "Account "& sUserName &" is Disabled!"
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )
'-- Raise Exception --
Err.Raise 8, sMessage, ""
Else
' Proceed with authentication
If Authenticated( sUserName, sUserPassword, rsQry("user_password"), rsQry("domain") ) Then
' Login OK.
Call SessionsAndCookieSetup ( rsQry("user_id") )
' Tag user login
Call TagLogon ( rsQry )
End If
End If
Else
' User Not Found !
sMessage = "Account "& sUserName &" Not Found!"
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )
'-- Raise Exception --
Err.Raise 8, sMessage, "Make sure your Username is correct
OR
Please go back and register if you are new user. "
End If
'--------------------------
rsQry.Close()
Set rsQry = Nothing
End Sub
'-----------------------------------------------------------------------------------------------------------------
Public Sub MasqueradeAsUser ( sUserName, sRealUserName )
Dim rsQry, query, sMessage
sMessage = NULL
moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2
query = "SELECT usr.* FROM USERS usr WHERE usr.USER_NAME = :USER_NAME"
Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
moOraDatabase.Parameters.Remove "USER_NAME"
'--- Try Authenticating ---
If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Then
' User Found !
If rsQry("is_disabled") = enumDB_YES Then
' User Disabled !
sMessage = "Account "& sUserName &" is Disabled!"
'-- Raise Exception --
Err.Raise 8, sMessage, ""
Else
' Proceed with authentication
' Kill Any pervious User Permissions stored in session
Session.Contents.Remove(enumUSER_STATIC_PERMISSIONS)
Session.Contents.Remove(enumUSER_DATA_PERMISSIONS)
Call SessionsAndCookieSetup ( rsQry("user_id") )
'-- Login Trail --
sMessage = "Masquerading as " & sUserName
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sRealUserName, sMessage )
sMessage = "Masqueraded by " & sRealUserName
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )
End If
Else
' User Not Found !
sMessage = "Account "& sUserName &" Not Found!"
'-- Raise Exception --
Err.Raise 8, sMessage, "Make sure the Username is correct."
End If
'--------------------------
rsQry.Close()
Set rsQry = Nothing
End Sub
'-----------------------------------------------------------------------------------------------------------------
Public Function RequiresPasswordUpdate ( sUserName )
Dim rsQry, query, sMessage
sMessage = NULL
moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2
query = "SELECT usr.* FROM USERS usr WHERE usr.USER_NAME = :USER_NAME"
Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
'--- Try Authenticating ---
RequiresPasswordUpdate = FALSE
If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Then
If IsNull(rsQry("user_password")) AND IsNull(rsQry("domain")) Then
RequiresPasswordUpdate = TRUE
End If
End If
'--------------------------
moOraDatabase.Parameters.Remove "USER_NAME"
rsQry.Close()
Set rsQry = Nothing
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Sub LogoffUser ()
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGOFF, UserName, NULL )
'-- Kill User Session --
Session.Abandon
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub SessionsAndCookieSetup ( nUserId )
' Store User details in session
Call SetUserEnvironment ( nUserId )
' Aquire Login Token for Single Application
Session(enumLOGIN_TOKEN_SESSION) = Session.SessionID
Session.Timeout = enumSESSION_TIMEOUT
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Function Authenticated ( ByRef sUserName, ByRef sUserPassword, sDBUserPassword, sDBdomain )
Dim objLoginAuth, return, sMessage
sMessage = NULL
Authenticated = FALSE
' Hook for testing access control features
' Any login allowed to the Test Database
'
If isDevSystem() Then
Authenticated = TRUE
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_SUCCESS, sUserName, NULL )
ElseIf NOT IsNull(sDBdomain) Then
' DOMAIN auth.
Set objLoginAuth = Server.CreateObject("LoginAdmin.ImpersonateUser")
return = -1
return = objLoginAuth.AuthenticateUser ( sUserName, sUserPassword, sDBdomain )
' From MSDN System Error Codes
' 0 - The operation completed successfully.
' 1326 - Logon failure: unknown user name or bad password.
' 1385 - Logon failure: the user has not been granted the requested logon type at this computer.
' 1909 - The referenced account is currently locked out and may not be used to log on.
Select Case return
Case 0, 1385
'Login ok
Authenticated = TRUE
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_SUCCESS, sUserName, NULL )
Case 1909
sMessage = "Account "& sUserName &" at "& sDBdomain &" domain is currently locked!"
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )
'-- Raise Exception --
Err.Raise 8, sMessage, ""
Case Else
sMessage = "Password is incorrect for "& sUserName &" at "& sDBdomain &" domain!"
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )
'-- Raise Exception --
Err.Raise 8, sMessage, sDBdomain &" domain returns system error code "& return
End Select
Set objLoginAuth = Nothing
Else
' LOCAL auth.
If IsLocaPasswordCorrect ( sUserName, sUserPassword ) Then
'Login ok
Authenticated = TRUE
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_SUCCESS, sUserName, NULL )
Else
sMessage = "Password is incorrect for "& sUserName &"!"
'-- Login Trail --
Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )
'-- Raise Exception --
Err.Raise 8, sMessage, "Please try again and make sure you do not have Caps Lock on."
End If
End If
End Function
'-----------------------------------------------------------------------------------------------------------------
Private Function IsLocaPasswordCorrect ( sUserName, sPassword )
moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "PASSWORD", sPassword, ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "RETURN_CODE", 0, ORAPARM_OUTPUT, ORATYPE_NUMBER
moOraDatabase.ExecuteSQL _
"BEGIN :RETURN_CODE := PK_SECURITY.IS_LOCAL_PASSWORD_CORRECT ( :USER_NAME, :PASSWORD ); END;"
If CInt(OraDatabase.Parameters("RETURN_CODE").Value) = 1 Then
IsLocaPasswordCorrect = TRUE
Else
IsLocaPasswordCorrect = FALSE
End If
moOraDatabase.Parameters.Remove "USER_NAME"
moOraDatabase.Parameters.Remove "PASSWORD"
moOraDatabase.Parameters.Remove "RETURN_CODE"
End Function
'-----------------------------------------------------------------------------------------------------------------
Public Sub SetPassword ( sUserName, sPasswordA, sPasswordB )
If (sUserName = "") OR (sPasswordA = "") OR (sPasswordB = "") Then
Err.Raise 8, "Username and both Passwords are required !", ""
Exit Sub
End If
moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "PASSWORDA", sPasswordA, ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "PASSWORDB", sPasswordB, ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "RETURN_CODE", 0, ORAPARM_OUTPUT, ORATYPE_NUMBER
objEH.TryORA ( moOraSession )
On Error Resume Next
moOraDatabase.ExecuteSQL _
"BEGIN :RETURN_CODE := PK_SECURITY.SET_PASSWORD ( :USER_NAME, :PASSWORDA, :PASSWORDB ); END;"
objEH.CatchORA ( moOraSession )
If CInt(OraDatabase.Parameters("RETURN_CODE").Value) = -1 Then
Err.Raise 8, "Passwords do not match !", "Make sure that you type correctly both passwords."
End If
moOraDatabase.Parameters.Remove "USER_NAME"
moOraDatabase.Parameters.Remove "PASSWORDA"
moOraDatabase.Parameters.Remove "PASSWORDB"
moOraDatabase.Parameters.Remove "RETURN_CODE"
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub LoginTrail ( nEvent, sUserName, sMessage )
moOraDatabase.Parameters.Add "EVENT_ENUM", nEvent, ORAPARM_INPUT, ORATYPE_NUMBER
moOraDatabase.Parameters.Add "LOGIN_USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "CLIENT_IP", Request.ServerVariables("REMOTE_ADDR"), ORAPARM_INPUT, ORATYPE_VARCHAR2
moOraDatabase.Parameters.Add "APPLICATION_ID", APPLICATION_ID, ORAPARM_INPUT, ORATYPE_NUMBER
moOraDatabase.Parameters.Add "LOGIN_COMMENTS", sMessage, ORAPARM_INPUT, ORATYPE_VARCHAR2
objEH.TryORA ( moOraSession )
On Error Resume Next
moOraDatabase.ExecuteSQL _
"BEGIN pk_AMUtils.Log_Access ( :EVENT_ENUM, :LOGIN_USER_NAME, :CLIENT_IP, :APPLICATION_ID, :LOGIN_COMMENTS ); END;"
objEH.CatchORA ( moOraSession )
moOraDatabase.Parameters.Remove "EVENT_ENUM"
moOraDatabase.Parameters.Remove "LOGIN_USER_NAME"
moOraDatabase.Parameters.Remove "CLIENT_IP"
moOraDatabase.Parameters.Remove "APPLICATION_ID"
moOraDatabase.Parameters.Remove "LOGIN_COMMENTS"
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub TagLogon ( oRsQry )
oRsQry.Edit()
oRsQry("is_online").Value = "Y"
oRsQry("online_at").Value = Request.ServerVariables("REMOTE_ADDR")
oRsQry.Update()
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub SetUserEnvironment ( nUser_id )
Dim rsUser, query, tempSTR
moOraDatabase.Parameters.Add "USER_ID", nUser_id, ORAPARM_INPUT, ORATYPE_NUMBER
'---- Get User Details ----
query = "SELECT usr.* FROM USERS usr WHERE usr.USER_ID = :USER_ID"
Set rsUser = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
If (NOT rsUser.BOF) AND (NOT rsUser.EOF) Then
Session(enumUSER_ID_SESSION) = rsUser("user_id")
Session(enumUSER_DETAILS_SESSION) = _
"user_name="& rsUser("user_name") & sSEPARATOR &_
"full_name="& rsUser("full_name") & sSEPARATOR &_
"user_email="& rsUser("user_email") & sSEPARATOR &_
"last_visit="& rsUser("last_visit") & sSEPARATOR &_
"domain="& rsUser("domain")
End If
'---- Get User Applications ----
query = "SELECT ua.APP_ID FROM USER_APPLICATIONS ua WHERE ua.USER_ID = :USER_ID"
Set rsUser = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
tempSTR = ""
While (NOT rsUser.BOF) AND (NOT rsUser.EOF)
tempSTR = tempSTR & sSEPARATOR & rsUser("app_id")
rsUser.MoveNext()
WEnd
If tempSTR <> "" Then
Session(enumUSER_APPLICATIONS_SESSION) = Right( tempSTR, Len(tempSTR) - Len(sSEPARATOR) ) 'Remove first separator
Else
Session(enumUSER_APPLICATIONS_SESSION) = 0
End If
moOraDatabase.Parameters.Remove "USER_ID"
rsUser.Close()
Set rsUser = Nothing
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub GetApplicationRunningLevel ( )
Dim rsQry, query
'--- Get if user is loged on from DB ---
moOraDatabase.Parameters.Add "APP_ID", APPLICATION_ID, ORAPARM_INPUT, ORATYPE_NUMBER
query = _
" SELECT app.APP_ID,"&_
" app.APPLICATION_NAME,"&_
" app.IS_RUNNING"&_
" FROM APPLICATIONS app"&_
" WHERE app.APP_ID = :APP_ID"
Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )
If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Then
mbIsApplicationRunning = FALSE
If rsQry("is_running") = enumDB_YES Then
mbIsApplicationRunning = TRUE
End If
End If
moOraDatabase.Parameters.Remove "APP_ID"
rsQry.Close
Set rsQry = Nothing
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub Class_Initialize()
'// Perform action on creation of object. e.g. Set myObj = New ThisClassName
Set mobjStaticControl = CreateObject("Scripting.Dictionary")
Set mobjTablePermissions = CreateObject("Scripting.Dictionary")
Set mobjRowPermissions = CreateObject("Scripting.Dictionary")
mbIsApplicationRunning = NULL ' The state of application
sSEPARATOR = "||"
bDebug = false
End Sub
'-----------------------------------------------------------------------------------------------------------------
Private Sub Class_Terminate()
'// Perform action on object disposal. e.g. Set myObj = Nothing
Set mobjStaticControl = Nothing
Set mobjRowPermissions = Nothing
Set mobjTablePermissions = Nothing
End Sub
'-----------------------------------------------------------------------------------------------------------------
End Class
%>