WebSVN – DevTools – /ManagerSuite/Release_Manager/branches/dpurdie/_access_control_general.asp

<%
'===================================================================
'                  Access Control General
'===================================================================
%>
<%
'------------ VARIABLE DEFINITION -------------
'------------ CONSTANTS DECLARATION -----------
'------------ VARIABLE INIT -------------------
objAccessControl.objOraSession = OraSession   ' Create database link for orasession
objAccessControl.objOraDatabase = OraDatabase   ' Create database link for oradatabase
'----------------------------------------------
%>
<%
'-----------------------------------------------------------------------------------------------------------------------------
Sub ApplicationRunlevelCheck()

   '--- Application Developer Override ---
   If objAccessControl.UserId = 0 OR objAccessControl.IsVisible ( "onApplicationOffline" ) Then
      Exit Sub
   End If
   '---------------------------------------

   '-- Check if application is running --
   If NOT objAccessControl.IsApplicationRunning Then
      If NOT isPopupWindow Then
         Call OpenInWindow ( "Login.asp?message=3&rfile="& scriptName & objPMod.ComposeURLWithout("rfile") )
      Else
         Call OpenInParentWindow ( "Login.asp?message=3&"& objPMod.ComposeURL() )
         Call CloseWindow()
      End If
   End If

End Sub
'-----------------------------------------------------------------------------------------------------------------------------
Sub ApplicationAccessCheck ()

   '--- Built In Administrator Override ---
   If objAccessControl.UserId = 0 Then
      Exit Sub
   End If
   '---------------------------------------


   '-- Check User access to this application ---
   If NOT objAccessControl.UserApplication ( APPLICATION_ID )  Then
      If NOT isPopupWindow Then
         Call OpenInWindow ( "Login.asp?message=1&rfile="& scriptName & objPMod.ComposeURLWithout("rfile") )
      Else
         Call OpenInParentWindow ( "Login.asp?message=1&"& objPMod.ComposeURL() )
         Call CloseWindow()
      End If
   End If

End Sub
'-----------------------------------------------------------------------------------------------------------------------------
Sub LoadUserPermissions ( ByRef oAccessControl )
   Dim rsAccessControl

   ' Exit if not logged in
   If NOT oAccessControl.UserLogedIn Then Exit Sub

   'Try getting object from session
   If IsArray(Session(enumUSER_STATIC_PERMISSIONS)) Then
      Call oAccessControl.LoadStaticPermissions ( Session(enumUSER_STATIC_PERMISSIONS) )
      Call oAccessControl.LoadDataPermissions ( Session(enumUSER_DATA_PERMISSIONS) )
      Exit Sub
   End If

   OraDatabase.Parameters.Add "USER_ID",       oAccessControl.UserId,    ORAPARM_INPUT, ORATYPE_NUMBER
   OraDatabase.Parameters.Add "APP_ID",       APPLICATION_ID,       ORAPARM_INPUT, ORATYPE_NUMBER
   OraDatabase.Parameters.Add "RECORD_SET",   NULL, ORAPARM_OUTPUT,    ORATYPE_CURSOR


   ' Load Static Permissions
   OraDatabase.ExecuteSQL "BEGIN  PK_SECURITY.GET_USER_STATIC_PERMISSIONS ( :USER_ID, :APP_ID, :RECORD_SET );  END;"
   Set rsAccessControl = OraDatabase.Parameters("RECORD_SET").Value


   If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then
      oAccessControl.LoadStaticPermissions rsAccessControl.GetRows()

      Session(enumUSER_STATIC_PERMISSIONS) = rsAccessControl.GetRows()

   End If
   rsAccessControl.Close

   ' Load Data Permissions
   OraDatabase.ExecuteSQL "BEGIN  PK_SECURITY.GET_USER_DATA_PERMISSIONS ( :USER_ID, :APP_ID, :RECORD_SET );  END;"
   Set rsAccessControl = OraDatabase.Parameters("RECORD_SET").Value

   If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then
      oAccessControl.LoadDataPermissions rsAccessControl.GetRows()

      Session(enumUSER_DATA_PERMISSIONS) = rsAccessControl.GetRows()

   End If
   rsAccessControl.Close

   ' --- Destroy ---
   Set rsAccessControl = nothing

   OraDatabase.Parameters.Remove "USER_ID"
   OraDatabase.Parameters.Remove "APP_ID"
   OraDatabase.Parameters.Remove "RECORD_SET"
End Sub
'-----------------------------------------------------------------------------------------------------------------------------
Sub UpdateLoginSession ()
   Dim nTimeVal

   ' Exit if not logged in
   If NOT objAccessControl.UserLogedIn Then Exit Sub

   ' Get time value
   nTimeVal = CDbl(TIMER_VALUE)

   ' Allow update only once per minute
   If Session( enumSESSION_LAST_REQUEST ) <> "" Then
      If CDbl( Session( enumSESSION_LAST_REQUEST ) ) = nTimeVal Then Exit Sub
   End If

   ' Update database with last request
   OraDatabase.Parameters.Add "USER_ID",    objAccessControl.UserId, ORAPARM_INPUT, ORATYPE_NUMBER
   OraDatabase.Parameters.Add "TIME_VAL",   nTimeVal,                ORAPARM_INPUT, ORATYPE_NUMBER

   objEH.TryORA ( OraSession )
   On Error Resume Next

   OraDatabase.ExecuteSQL _
   " UPDATE USERS SET"&_
   " LAST_REQUEST = :TIME_VAL"&_
   " WHERE USER_ID = :USER_ID"

   objEH.CatchORA ( OraSession )

   OraDatabase.Parameters.Remove "USER_ID"
   OraDatabase.Parameters.Remove "TIME_VAL"

   ' Save last request time to session variable
   Session( enumSESSION_LAST_REQUEST ) = CDbl(nTimeVal)
End Sub
'-----------------------------------------------------------------------------------------------------------------------------
%>
<%
'------------ RUN BEFORE CONTROL RENDER -------


'--- Load User Permissions ---
Call LoadUserPermissions ( objAccessControl )

'--- Application Run level Check ---
Call ApplicationRunlevelCheck ()


'--- Update Login Session ---
Call UpdateLoginSession ()

'----------------------------------------------
%>
<%
'------------ RUN AFTER CONTROL RENDER --------
'----------------------------------------------
%>
Subversion Repositories DevTools

(root)/ManagerSuite/Release_Manager/branches/dpurdie/_access_control_general.asp – Rev 1281
