WebSVN – DevTools – Diff – /ManagerSuite/Release_Manager/trunk/_access_control_general.asp

 '                  Access Control General
 '===================================================================
 %>
 <%
 '------------ VARIABLE DEFINITION -------------
+Dim bCanModifyProject                           ' Calculate once
 '------------ CONSTANTS DECLARATION -----------
 '------------ VARIABLE INIT -------------------
-objAccessControl.objOraSession = OraSession   ' Create database link for orasession
+objAccessControl.objOraSession = OraSession     ' Create database link for orasession
 objAccessControl.objOraDatabase = OraDatabase   ' Create database link for oradatabase
+bCanModifyProject = false                       ' Calculated later
 '----------------------------------------------
 %>
 <%
 '-----------------------------------------------------------------------------------------------------------------------------
 Sub ApplicationRunlevelCheck()
    '--- Application Developer Override ---
-   If objAccessControl.UserId = 0 OR objAccessControl.IsVisible ( "onApplicationOffline" ) Then
+   If objAccessControl.UserId = 0 OR canShowControl ( "onApplicationOffline" ) Then
       Exit Sub
    End If
    '---------------------------------------
    '-- Check if application is running --
    ' Exit if not logged in
    If NOT oAccessControl.UserLogedIn Then Exit Sub
    'Try getting object from session
+   '    DevSystem - will not cache permissions in the Session Object
+   '
-   If IsArray(Session(enumUSER_STATIC_PERMISSIONS)) Then
+   If NOT oAccessControl.isDevSystem() AND IsArray(Session(enumUSER_STATIC_PERMISSIONS)) Then
       Call oAccessControl.LoadStaticPermissions ( Session(enumUSER_STATIC_PERMISSIONS) )
       Call oAccessControl.LoadDataPermissions ( Session(enumUSER_DATA_PERMISSIONS) )
       Exit Sub
    End If
-   OraDatabase.Parameters.Add "USER_ID",       oAccessControl.UserId,    ORAPARM_INPUT, ORATYPE_NUMBER
+   OraDatabase.Parameters.Add "USER_ID",      oAccessControl.UserId,    ORAPARM_INPUT, ORATYPE_NUMBER
-   OraDatabase.Parameters.Add "APP_ID",       APPLICATION_ID,       ORAPARM_INPUT, ORATYPE_NUMBER
+   OraDatabase.Parameters.Add "APP_ID",       APPLICATION_ID,           ORAPARM_INPUT, ORATYPE_NUMBER
-   OraDatabase.Parameters.Add "RECORD_SET",   NULL, ORAPARM_OUTPUT,    ORATYPE_CURSOR
+   OraDatabase.Parameters.Add "RECORD_SET",   NULL, ORAPARM_OUTPUT,     ORATYPE_CURSOR
    ' Load Static Permissions
    OraDatabase.ExecuteSQL "BEGIN  PK_SECURITY.GET_USER_STATIC_PERMISSIONS ( :USER_ID, :APP_ID, :RECORD_SET );  END;"
    Set rsAccessControl = OraDatabase.Parameters("RECORD_SET").Value
    If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then
       oAccessControl.LoadStaticPermissions rsAccessControl.GetRows()
       Session(enumUSER_STATIC_PERMISSIONS) = rsAccessControl.GetRows()
    ' Save last request time to session variable
    Session( enumSESSION_LAST_REQUEST ) = CDbl(nTimeVal)
 End Sub
 '-----------------------------------------------------------------------------------------------------------------------------
+'-----------------------------------------------------------------------------------------------------------------------------
+' The folling function are wrappers around the general objAccessControl access function
+' Pages shold ONLY use these access functions and not the lowerlevel ones
+' Caveats:
+'   - Developer must know which access objects (controls) should be accessed in a project maner
+'     and which should be accessed in a global manner.
+'     Basically, use the ...InProject() variants for project based pages
+'-------------------------------------------------
+' Function:     canShowControl
+' Description:  Determine if the named control should be shown
+Function canShowControl (cname)
+    canShowControl =  objAccessControl.IsDataVisible ("PROJECTS", DB_PROJ_ID, cname)
+End Function
+'-------------------------------------------------
+' Function:     canActionControl
+' Description:  Determine if the named control action can be performed
+Function canActionControl (cname)
+    canActionControl =  objAccessControl.IsDataActive ("PROJECTS", DB_PROJ_ID, cname)
+End Function
+'-------------------------------------------------
+' Function:     canShowControlInProject
+' Description:  Determine if the named project-specific control should be shown
+Function canShowControlInProject (cname)
+    canShowControlInProject = bCanModifyProject AND canShowControl(cname)
+End Function
+'-------------------------------------------------
+' Function:     canActionControlInProject
+' Description:  Determine if the named project-specific control action can be performed
+Function canActionControlInProject (cname)
+    canActionControlInProject = bCanModifyProject AND canActionControl(cname)
+End Function
+'-------------------------------------------------
+' Function:     canActionInProject
+' Description:  Determine if the user can perform any action in the project
+Function canActionInProject()
+    canActionInProject = bCanModifyProject
+End Function
 %>
 <%
 '------------ RUN BEFORE CONTROL RENDER -------
 '--- Load User Permissions ---
 Call LoadUserPermissions ( objAccessControl )
+bCanModifyProject = objAccessControl.IsDataActive ("PROJECTS", DB_PROJ_ID, "EditProjects")
+'-- rmDebug = rmDebug & "{"& DB_PROJ_ID & ":" & bCanModifyProject &"}"
 '--- Application Run level Check ---
 Call ApplicationRunlevelCheck ()

Subversion Repositories DevTools

(root)/ManagerSuite/Release_Manager/trunk/_access_control_general.asp @ 5061 – Rev 129 → 5061