Subversion Repositories DevTools

Rev

Rev 5072 | Rev 5103 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed 

<%
'===================================================================
'                  Access Control General
'===================================================================
%>
<%
'------------ VARIABLE DEFINITION -------------
Dim bCanModifyProject                           ' Calculate once
'------------ CONSTANTS DECLARATION -----------
'------------ VARIABLE INIT -------------------
objAccessControl.objOraSession = OraSession     ' Create database link for orasession
objAccessControl.objOraDatabase = OraDatabase   ' Create database link for oradatabase
bCanModifyProject = false                       ' Calculated later
'----------------------------------------------
%>
<%
'-----------------------------------------------------------------------------------------------------------------------------
Sub ApplicationRunlevelCheck()

   '--- Application Developer Override ---
   If objAccessControl.UserId = 0 OR canShowControl ( "onApplicationOffline" ) Then
      Exit Sub
   End If
   '---------------------------------------

   '-- Check if application is running --
   If NOT objAccessControl.IsApplicationRunning Then
      If NOT isPopupWindow Then
         Call OpenInWindow ( "Login.asp?message=3&rfile="& scriptName & objPMod.ComposeURLWithout("rfile") )
      Else
         Call OpenInParentWindow ( "Login.asp?message=3&"& objPMod.ComposeURL() )
         Call CloseWindow()
      End If
   End If

End Sub
'-----------------------------------------------------------------------------------------------------------------------------
Sub ApplicationAccessCheck ()

   '--- Built In Administrator Override ---
   If objAccessControl.UserId = 0 Then
      Exit Sub
   End If
   '---------------------------------------


   '-- Check User access to this application ---
   If NOT objAccessControl.UserApplication ( APPLICATION_ID )  Then
      If NOT isPopupWindow Then
         Call OpenInWindow ( "Login.asp?message=1&rfile="& scriptName & objPMod.ComposeURLWithout("rfile") )
      Else
         Call OpenInParentWindow ( "Login.asp?message=1&"& objPMod.ComposeURL() )
         Call CloseWindow()
      End If
   End If

End Sub
'-----------------------------------------------------------------------------------------------------------------------------
Sub LoadUserPermissions ( ByRef oAccessControl )
   Dim rsAccessControl

   ' Exit if not logged in
   If NOT oAccessControl.UserLogedIn Then Exit Sub

   'Try getting object from session
   '    DevSystem - will not cache permissions in the Session Object
   '
   If NOT oAccessControl.isDevSystem() AND IsArray(Session(enumUSER_STATIC_PERMISSIONS)) Then
      Call oAccessControl.LoadStaticPermissions ( Session(enumUSER_STATIC_PERMISSIONS) )
      Call oAccessControl.LoadDataPermissions ( Session(enumUSER_DATA_PERMISSIONS) )
      Exit Sub
   End If

   OraDatabase.Parameters.Add "USER_ID",      oAccessControl.UserId,    ORAPARM_INPUT, ORATYPE_NUMBER
   OraDatabase.Parameters.Add "APP_ID",       APPLICATION_ID,           ORAPARM_INPUT, ORATYPE_NUMBER
   OraDatabase.Parameters.Add "RECORD_SET",   NULL, ORAPARM_OUTPUT,     ORATYPE_CURSOR

   ' Load Static Permissions
   OraDatabase.ExecuteSQL "BEGIN  PK_SECURITY.GET_USER_STATIC_PERMISSIONS ( :USER_ID, :APP_ID, :RECORD_SET );  END;"
   Set rsAccessControl = OraDatabase.Parameters("RECORD_SET").Value

   If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then
      oAccessControl.LoadStaticPermissions rsAccessControl.GetRows()

      Session(enumUSER_STATIC_PERMISSIONS) = rsAccessControl.GetRows()

   End If
   rsAccessControl.Close

   ' Load Data Permissions
   OraDatabase.ExecuteSQL "BEGIN  PK_SECURITY.GET_USER_DATA_PERMISSIONS ( :USER_ID, :APP_ID, :RECORD_SET );  END;"
   Set rsAccessControl = OraDatabase.Parameters("RECORD_SET").Value

   If ((NOT rsAccessControl.BOF) AND (NOT rsAccessControl.EOF)) Then
      oAccessControl.LoadDataPermissions rsAccessControl.GetRows()

      Session(enumUSER_DATA_PERMISSIONS) = rsAccessControl.GetRows()

   End If
   rsAccessControl.Close

   ' --- Destroy ---
   Set rsAccessControl = nothing

   OraDatabase.Parameters.Remove "USER_ID"
   OraDatabase.Parameters.Remove "APP_ID"
   OraDatabase.Parameters.Remove "RECORD_SET"
End Sub
'-----------------------------------------------------------------------------------------------------------------------------
Sub UpdateLoginSession ()
   Dim nTimeVal

   ' Exit if not logged in
   If NOT objAccessControl.UserLogedIn Then Exit Sub

   ' Get time value
   nTimeVal = CDbl(TIMER_VALUE)

   ' Allow update only once per minute
   If Session( enumSESSION_LAST_REQUEST ) <> "" Then
      If CDbl( Session( enumSESSION_LAST_REQUEST ) ) = nTimeVal Then Exit Sub
   End If

   ' Update database with last request
   OraDatabase.Parameters.Add "USER_ID",    objAccessControl.UserId, ORAPARM_INPUT, ORATYPE_NUMBER
   OraDatabase.Parameters.Add "TIME_VAL",   nTimeVal,                ORAPARM_INPUT, ORATYPE_NUMBER

   objEH.TryORA ( OraSession )
   On Error Resume Next

   OraDatabase.ExecuteSQL _
   " UPDATE USERS SET"&_
   " LAST_REQUEST = :TIME_VAL"&_
   " WHERE USER_ID = :USER_ID"

   objEH.CatchORA ( OraSession )

   OraDatabase.Parameters.Remove "USER_ID"
   OraDatabase.Parameters.Remove "TIME_VAL"

   ' Save last request time to session variable
   Session( enumSESSION_LAST_REQUEST ) = CDbl(nTimeVal)
End Sub
'-----------------------------------------------------------------------------------------------------------------------------
'-----------------------------------------------------------------------------------------------------------------------------
' The folling function are wrappers around the general objAccessControl access function
' Pages shold ONLY use these access functions and not the lowerlevel ones
' Caveats:
'   - Developer must know which access objects (controls) should be accessed in a project maner
'     and which should be accessed in a global manner.
'     Basically, use the ...InProject() variants for project based pages 
'-------------------------------------------------
' Function:     canShowControl
' Description:  Determine if the named control should be shown
Function canShowControl (cname)
    canShowControl =  objAccessControl.IsDataVisible ("PROJECTS", DB_PROJ_ID, cname) 
End Function

'-------------------------------------------------
' Function:     canActionControl
' Description:  Determine if the named control action can be performed
Function canActionControl (cname)
    canActionControl =  objAccessControl.IsDataActive ("PROJECTS", DB_PROJ_ID, cname) 
End Function

'-------------------------------------------------
' Function:     canShowControlInProject
' Description:  Determine if the named project-specific control should be shown
Function canShowControlInProject (cname)
    canShowControlInProject = bCanModifyProject AND canShowControl(cname) 
End Function

'-------------------------------------------------
' Function:     canActionControlInProject
' Description:  Determine if the named project-specific control action can be performed
Function canActionControlInProject (cname)
    canActionControlInProject = bCanModifyProject AND canActionControl(cname) 
End Function

'-------------------------------------------------
' Function:     canActionInProject
' Description:  Determine if the user can perform any action in the project
Function canActionInProject()
    canActionInProject = bCanModifyProject
End Function

'-------------------------------------------------
' Function:     controlDisabledInProject
' Description:  Determine if the user can perform any action in the project
'               Returns ' disabled' string suitable for inlcusion in HTML

Function controlDisabledInProject ( cname )
  If canActionControlInProject ( cname ) Then
     controlDisabledInProject = ""
  Else
     controlDisabledInProject = " disabled "
  End If
End Function

'-------------------------------------------------
' Function:     setActiveProject
' Description:  Alters the current active project
'               Normally this is automatically determined as a page is loaded, but some
'               pages do not have this information.
'               Returns the active project ID, before the change

Function setActiveProject(proj_id)

    setActiveProject = DB_PROJ_ID
    DB_PROJ_ID = proj_id
    bCanModifyProject = objAccessControl.IsDataActive ("PROJECTS", DB_PROJ_ID, "EditProjects")
    rmDebug = rmDebug & "{"& DB_PROJ_ID & ":" & bCanModifyProject &"}" 
End Function

%>
<%
'------------ RUN BEFORE CONTROL RENDER -------


'--- Load User Permissions ---
Call LoadUserPermissions ( objAccessControl )
bCanModifyProject = objAccessControl.IsDataActive ("PROJECTS", DB_PROJ_ID, "EditProjects")
'-- rmDebug = rmDebug & "{"& DB_PROJ_ID & ":" & bCanModifyProject &"}" 

'--- Application Run level Check ---
Call ApplicationRunlevelCheck ()


'--- Update Login Session ---
Call UpdateLoginSession ()

'----------------------------------------------
%>
<%
'------------ RUN AFTER CONTROL RENDER --------
'----------------------------------------------
%>