Rev 5328 | Rev 5506 | Go to most recent revision | Blame | Compare with Previous | Last modification | View Log | RSS feed
<%'============================================================='//'// Access Control'// This class is agnostic of the appliaction and could be common'// to all Manager Suite tools'//'=============================================================%><SCRIPT LANGUAGE="VBScript" RUNAT=SERVER SRC="../common/DictDump.vbs"></SCRIPT><%'--------------- Global Constants ----------------Const enumSESSION_TIMEOUT = 600 ' MinutesConst enumSESSION_LAST_REQUEST = "AM_SESSION_LAST_REQUEST"Const enumLOGIN_TOKEN_SESSION = "AM_LOGIN_TOKEN"Const enumUSER_ID_SESSION = "AM_USER_ID"Const enumUSER_DETAILS_SESSION = "AM_USER_DETAILS"Const enumUSER_APPLICATIONS_SESSION = "AM_USER_APPLICATIONS"Const enumUSER_STATIC_PERMISSIONS = "AM_USER_STATIC_PERMISSIONS"Const enumUSER_DATA_PERMISSIONS = "AM_USER_DATA_PERMISSIONS"Const enumUSER_TEMP_VARIABLE = "AM_USER_TEMP_VARIABLE"Const enumACCESS_MANAGER_EVENT_LOGON_SUCCESS = 1Const enumACCESS_MANAGER_EVENT_LOGON_FAIL = -1Const enumACCESS_MANAGER_EVENT_LOGOFF = 0Const enumACCESS_MANAGER_EVENT_SESSION_EXPIRE = 2'-------------------------------------------------Class AccessControlPrivate moOraSessionPrivate moOraDatabasePrivate mobjStaticControlPrivate mobjRowPermissionsPrivate mobjTablePermissionsPrivate sSEPARATORPrivate mbIsApplicationRunningPublic bDebugPublic Property Let objOraDatabase ( ByRef oOraDatabase )Set moOraDatabase = oOraDatabaseEnd PropertyPublic Property Let objOraSession ( ByRef oOraSession )Set moOraSession = oOraSessionEnd PropertyPublic Property Get UserLogedIn ()UserLogedIn = FALSE' Check for Session TokenIf (Session(enumLOGIN_TOKEN_SESSION) <> "") AND NOT IsNull(Session(enumLOGIN_TOKEN_SESSION)) ThenUserLogedIn = TRUEEnd IfEnd PropertyPublic Property Get UserId ()UserId = Session(enumUSER_ID_SESSION)End PropertyPublic Property Get UserName ()UserName = Extract( "user_name", Session(enumUSER_DETAILS_SESSION) )End PropertyPublic Property Get FullName ()FullName = Extract( "full_name", Session(enumUSER_DETAILS_SESSION) )End PropertyPublic Property Get UserEmail ()UserEmail = Extract( "user_email", Session(enumUSER_DETAILS_SESSION) )End PropertyPublic Property Get LastVisit ()LastVisit = Extract( "last_visit", Session(enumUSER_DETAILS_SESSION) )End PropertyPublic Property Get Domain ()Domain = Extract( "domain", Session(enumUSER_DETAILS_SESSION) )End PropertyPublic Property Get IsApplicationRunning()If IsNull(mbIsApplicationRunning) ThenCall GetApplicationRunningLevel ()End IfIsApplicationRunning = mbIsApplicationRunningEnd PropertyPublic Property Get isDevSystem()isDevSystem = IsEmpty(Application("LiveSystem"))End Property'-----------------------------------------------------------------------------------------------------------------Public Function UserApplication ( nAppId )UserApplication = FALSEIf InStr( sSEPARATOR & Session(enumUSER_APPLICATIONS_SESSION) & sSEPARATOR, sSEPARATOR & nAppId & sSEPARATOR) ThenUserApplication = TRUEEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Sub dumpAll()Response.Write "<br>Pretty Dictionary mobjStaticControl<pre>"Response.Write DICToutput(mobjStaticControl)Response.Write "</pre><br>Pretty Dictionary mobjRowPermissions<pre>"Response.Write DICToutput(mobjRowPermissions)Response.Write "</pre><br>Pretty Dictionary mobjTablePermissions<pre>"Response.Write DICToutput(mobjTablePermissions)Response.Write "</pre><br>End"End SubPrivate Sub RR(txt)If bDebug ThenResponse.Write "<br>" & txtEnd IfEnd Sub'-----------------------------------------------------------------------------------------------------------------Public Function BeginRegion ( sControlObjName )Response.write "<table width='100%' border='0' cellspacing='0' cellpadding='1'>"Response.write " <tr>"Response.write " <td bgcolor='#FF0000'> <a href='#' class='body_linkw'><b>"& sControlObjName &"</b></a> </td>"Response.write " </tr>"Response.write " <tr>"Response.write " <td bgcolor='#FF0000'>"Response.write " <table width='100%' border='0' cellspacing='0' cellpadding='0'>"Response.write " <tr><td bgcolor='#FFFFFF'>"End Function'-----------------------------------------------------------------------------------------------------------------Public Function EndRegion ( sControlObjName )Response.write " </td></tr></table>"Response.write " </td></tr>"Response.write "</table>"End Function'-----------------------------------------------------------------------------------------------------------------Private Function Extract( sField, sString )Dim tempArr, tempSTRtempArr = Split( sString, sSEPARATOR )tempSTR = Join( Filter( tempArr, sField &"=" ) ) ' Append "=" to field name to get e.g. "user_name="If tempSTR <> "" ThenExtract = Right( tempSTR, Len(tempSTR) - Len( sField &"=" )) ' Strip the fieled name from valueElseExtract = ""End IfEnd Function'-----------------------------------------------------------------------------------------------------------------Private Function GetDataPermission ( sTableName, nRowId, nPermissionType, sControlObjName )Dim cPermissionValueDim key : key = Cstr( sTableName &"_"& nRowId &"_"& sControlObjName &"_"& nPermissionType )'--- Get Row Permission ---cPermissionValue = ""If mobjRowPermissions.Exists( key ) ThencPermissionValue = mobjRowPermissions.Item ( key )End IfIf IsNull( cPermissionValue ) OR ( cPermissionValue = "" ) Then'--- Get Default Table Permission ---Dim pkey : pkey = Cstr( sTableName &"_"& sControlObjName &"_"& nPermissionType )cPermissionValue = ""If mobjTablePermissions.Exists( pkey ) ThencPermissionValue = mobjTablePermissions.Item ( pkey )End IfEnd If'--- Return TRUE / FALSE ---GetDataPermission = FALSEIf cPermissionValue = enumDB_YES ThenGetDataPermission = TRUEEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Function IsDataVisible ( sTableName, nRowId, sControlObjName )IsDataVisible = FALSEIf IsVisible ( sControlObjName ) OR GetDataPermission ( sTableName, nRowId, enumDB_PERMISSION_TYPE_VISIBLE, sControlObjName ) ThenIsDataVisible = TRUEEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Function IsDataActive ( sTableName, nRowId, sControlObjName )IsDataActive = FALSEIf IsActive ( sControlObjName ) OR GetDataPermission ( sTableName, nRowId, enumDB_PERMISSION_TYPE_ACTIVE, sControlObjName ) ThenIsDataActive = TRUEEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Function IsActive ( sControlObjName )Dim key : key = Cstr( sControlObjName &"_"& enumDB_PERMISSION_TYPE_ACTIVE )IsActive = FALSEIf mobjStaticControl.Exists(key) ThenIf ( mobjStaticControl.Item (key) = enumDB_YES ) OR ( IsNull(sControlObjName) )ThenIsActive = TRUEEnd IfEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Function IsVisible ( sControlObjName )Dim key : key = Cstr( sControlObjName &"_"& enumDB_PERMISSION_TYPE_VISIBLE )IsVisible = FALSEIf mobjStaticControl.Exists(key) ThenIf mobjStaticControl.Item (key) = enumDB_YES ThenIsVisible = TRUEEnd IfEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------' This function is used for HTML conponents that support attribute "disabled". i.e. Button, dropdown, etc.Public Function IsComponentDisabled ( sControlObjName )If IsVisible ( sControlObjName ) ThenIsComponentDisabled = ""ElseIsComponentDisabled = " disabled "End IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Sub LoadDataPermissions ( aRows )Dim numOfRows, rowNumDim InxTableName, InxRefColumnVal, InxPermissionType, InxPermission, InxControlDim TableName, RefColumnVal, PermissionType, Permission, ControlDim keyInxTableName = 0InxRefColumnVal = 1InxPermissionType = 2InxPermission = 3InxControl = 4' Nothing to do ifthere is no dataIf IsNull(aRows) OR IsEmpty(aRows) ThenExit SubEnd IfnumOfRows = UBound( aRows, 2 )For rowNum = 0 To numOfRowsTableName = aRows( InxTableName, rowNum )RefColumnVal = aRows( InxRefColumnVal, rowNum )PermissionType = aRows( InxPermissionType, rowNum )Permission = aRows( InxPermission, rowNum )Control = aRows( InxControl, rowNum )If RefColumnVal = 0 Then'--- Set Table Default Permission (i.e. "0" wildcard for "all records") ---key = TableName & "_" & Control & "_" & PermissionType'' Data appears to be wrong and useless' Don't populate this table'mobjTablePermissions.Item ( key ) = PermissionElse'--- Set Row Permission ---key = TableName & "_" & RefColumnVal & "_" & Control & "_" & PermissionTypemobjRowPermissions.Item ( key ) = PermissionEnd IfNext'Response.Write "</pre><br>Pretty Dictionary mobjRowPermissions<pre>"'Response.Write DICToutput(mobjRowPermissions)'Response.Write "</pre><br>Pretty Dictionary mobjTablePermissions<pre>"'Response.Write DICToutput(mobjTablePermissions)'Response.write "</pre>"End Sub'-----------------------------------------------------------------------------------------------------------------Public Sub LoadDataPermissionVariations ( aRows )Dim numOfRows, rowNumDim InxTableName, InxRefColumnVal, InxPermissionType, InxPermissionInxTableName = 0InxRefColumnVal = 1InxPermissionType = 2InxPermission = 3numOfRows = UBound( aRows, 2 )For rowNum = 0 To numOfRowsIf mobjRowPermissions.Exists ( aRows( InxTableName, rowNum ) &"_"& enumDB_ALL_DATA &"_"& aRows( InxPermissionType, rowNum ) )ThenmobjRowPermissions.Remove ( aRows( InxTableName, rowNum ) &"_"& enumDB_ALL_DATA &"_"& aRows( InxPermissionType, rowNum ) )End IfmobjRowPermissions.Item ( aRows( InxTableName, rowNum ) &"_"& aRows( InxRefColumnVal, rowNum ) &"_"& aRows( InxPermissionType, rowNum ) ) = CStr( aRows( InxPermission, rowNum ) )If aRows( InxPermission, rowNum ) = enumDB_NO ThenmobjTablePermissions.Item ( aRows( InxTableName, rowNum ) &"_"& aRows( InxPermissionType, rowNum ) ) = enumDB_YESElsemobjTablePermissions.Item ( aRows( InxTableName, rowNum ) &"_"& aRows( InxPermissionType, rowNum ) ) = enumDB_NOEnd IfNext'Response.write "mobjRowPermissions.Keys="& Join ( mobjRowPermissions.Keys, ", ")End Sub'-----------------------------------------------------------------------------------------------------------------Public Sub LoadStaticPermissions ( aRows )Dim numOfRows, rowNumDim InxObjName, InxPermissionType, InxPermissionDim dKey, dValueInxObjName = 0InxPermissionType = 1InxPermission = 2numOfRows = UBound( aRows, 2 )For rowNum = 0 To numOfRowsdKey = aRows( InxObjName, rowNum ) &"_"& aRows( InxPermissionType, rowNum )dValue = CStr( aRows( InxPermission, rowNum ) )mobjStaticControl.Add ( dKey ), dValueNext'Response.Write "<br>Pretty Dictionary LoadStaticPermissions mobjStaticControl<pre>"'Response.Write DICToutput(mobjStaticControl)'Response.Write "</pre>"End Sub'-----------------------------------------------------------------------------------------------------------------Private Function AutoLogonUser ( sUserId )Dim rsQry, query, is_OnlineAutoLogonUser = FALSE'-- Kill Any pervious User Permissions stored in session --Session.Contents.Remove(enumUSER_STATIC_PERMISSIONS)Session.Contents.Remove(enumUSER_DATA_PERMISSIONS)'--- Get if user is logged on from DB ---moOraDatabase.Parameters.Add "USER_ID", sUserId, ORAPARM_INPUT, ORATYPE_NUMBERquery = "SELECT usr.IS_ONLINE FROM USERS usr WHERE usr.USER_ID = :USER_ID"Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Thenis_Online = rsQry("is_online")End IfmoOraDatabase.Parameters.Remove "USER_ID"rsQry.CloseSet rsQry = Nothing'--- Check if User is still Logged on ---If is_Online = "Y" ThenCall SessionsAndCookieSetup ( sUserId )End IfEnd Function'-----------------------------------------------------------------------------------------------------------------Public Sub LogonUser ( sUserName, sUserPassword )Dim rsQry, query, sMessagesMessage = NULL'-- Kill Any pervious User Permissions stored in session --Session.Contents.Remove(enumUSER_STATIC_PERMISSIONS)Session.Contents.Remove(enumUSER_DATA_PERMISSIONS)moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2query = "SELECT usr.* FROM USERS usr WHERE usr.USER_NAME = :USER_NAME"Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )moOraDatabase.Parameters.Remove "USER_NAME"'--- Try Authenticating ---If (NOT rsQry.BOF) AND (NOT rsQry.EOF) Then' User Found !If rsQry("is_disabled") = enumDB_YES Then' User Disabled !sMessage = "Account <b>"& sUserName &"</b> is Disabled!"'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )'-- Raise Exception --Err.Raise 8, sMessage, ""Else' Proceed with authenticationIf Authenticated( sUserName, sUserPassword, rsQry("user_password"), rsQry("domain") ) Then' Login OK.Call SessionsAndCookieSetup ( rsQry("user_id") )' Tag user loginCall TagLogon ( rsQry )End IfEnd IfElse' User Not Found !sMessage = "Account <b>"& sUserName &"</b> Not Found!"'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )'-- Raise Exception --Err.Raise 8, sMessage, "Make sure your Username is correct <br>OR <br>Please go back and register if you are new user. "End If'--------------------------rsQry.Close()Set rsQry = NothingEnd Sub'-----------------------------------------------------------------------------------------------------------------Public Function RequiresPasswordUpdate ( sUserName )Dim rsQry, query, sMessagesMessage = NULLmoOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2query = "SELECT usr.* FROM USERS usr WHERE usr.USER_NAME = :USER_NAME"Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )'--- Try Authenticating ---RequiresPasswordUpdate = FALSEIf (NOT rsQry.BOF) AND (NOT rsQry.EOF) ThenIf IsNull(rsQry("user_password")) AND IsNull(rsQry("domain")) ThenRequiresPasswordUpdate = TRUEEnd IfEnd If'--------------------------moOraDatabase.Parameters.Remove "USER_NAME"rsQry.Close()Set rsQry = NothingEnd Function'-----------------------------------------------------------------------------------------------------------------Public Sub LogoffUser ()'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGOFF, UserName, NULL )'-- Kill User Session --Session.AbandonEnd Sub'-----------------------------------------------------------------------------------------------------------------Private Sub SessionsAndCookieSetup ( nUserId )' Store User details in sessionCall SetUserEnvironment ( nUserId )' Aquire Login Token for Single ApplicationSession(enumLOGIN_TOKEN_SESSION) = Session.SessionIDSession.Timeout = enumSESSION_TIMEOUTEnd Sub'-----------------------------------------------------------------------------------------------------------------Private Function Authenticated ( ByRef sUserName, ByRef sUserPassword, sDBUserPassword, sDBdomain )Dim objLoginAuth, return, sMessagesMessage = NULLAuthenticated = FALSE' Hook for testing access control features' Any login allowed to the Test Database'If isDevSystem() ThenAuthenticated = TRUE'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_SUCCESS, sUserName, NULL )ElseIf NOT IsNull(sDBdomain) Then' DOMAIN auth.Set objLoginAuth = Server.CreateObject("LoginAdmin.ImpersonateUser")return = -1return = objLoginAuth.AuthenticateUser ( sUserName, sUserPassword, sDBdomain )' From MSDN System Error Codes' 0 - The operation completed successfully.' 1326 - Logon failure: unknown user name or bad password.' 1385 - Logon failure: the user has not been granted the requested logon type at this computer.' 1909 - The referenced account is currently locked out and may not be used to log on.Select Case returnCase 0, 1385'Login okAuthenticated = TRUE'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_SUCCESS, sUserName, NULL )Case 1909sMessage = "Account <b>"& sUserName &"</b> at "& sDBdomain &" domain is currently locked!"'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )'-- Raise Exception --Err.Raise 8, sMessage, ""Case ElsesMessage = "Password is incorrect for <b>"& sUserName &"</b> at "& sDBdomain &" domain!"'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )'-- Raise Exception --Err.Raise 8, sMessage, sDBdomain &" domain returns system error code "& returnEnd SelectSet objLoginAuth = NothingElse' LOCAL auth.If IsLocaPasswordCorrect ( sUserName, sUserPassword ) Then'Login okAuthenticated = TRUE'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_SUCCESS, sUserName, NULL )ElsesMessage = "Password is incorrect for <b>"& sUserName &"</b>!"'-- Login Trail --Call LoginTrail ( enumACCESS_MANAGER_EVENT_LOGON_FAIL, sUserName, sMessage )'-- Raise Exception --Err.Raise 8, sMessage, "Please try again and make sure you do not have Caps Lock on."End IfEnd IfEnd Function'-----------------------------------------------------------------------------------------------------------------Private Function IsLocaPasswordCorrect ( sUserName, sPassword )moOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "PASSWORD", sPassword, ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "RETURN_CODE", 0, ORAPARM_OUTPUT, ORATYPE_NUMBERmoOraDatabase.ExecuteSQL _"BEGIN :RETURN_CODE := PK_SECURITY.IS_LOCAL_PASSWORD_CORRECT ( :USER_NAME, :PASSWORD ); END;"If CInt(OraDatabase.Parameters("RETURN_CODE").Value) = 1 ThenIsLocaPasswordCorrect = TRUEElseIsLocaPasswordCorrect = FALSEEnd IfmoOraDatabase.Parameters.Remove "USER_NAME"moOraDatabase.Parameters.Remove "PASSWORD"moOraDatabase.Parameters.Remove "RETURN_CODE"End Function'-----------------------------------------------------------------------------------------------------------------Public Sub SetPassword ( sUserName, sPasswordA, sPasswordB )If (sUserName = "") OR (sPasswordA = "") OR (sPasswordB = "") ThenErr.Raise 8, "Username and both Passwords are required !", ""Exit SubEnd IfmoOraDatabase.Parameters.Add "USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "PASSWORDA", sPasswordA, ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "PASSWORDB", sPasswordB, ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "RETURN_CODE", 0, ORAPARM_OUTPUT, ORATYPE_NUMBERobjEH.TryORA ( moOraSession )On Error Resume NextmoOraDatabase.ExecuteSQL _"BEGIN :RETURN_CODE := PK_SECURITY.SET_PASSWORD ( :USER_NAME, :PASSWORDA, :PASSWORDB ); END;"objEH.CatchORA ( moOraSession )If CInt(OraDatabase.Parameters("RETURN_CODE").Value) = -1 ThenErr.Raise 8, "Passwords do not match !", "Make sure that you type correctly both passwords."End IfmoOraDatabase.Parameters.Remove "USER_NAME"moOraDatabase.Parameters.Remove "PASSWORDA"moOraDatabase.Parameters.Remove "PASSWORDB"moOraDatabase.Parameters.Remove "RETURN_CODE"End Sub'-----------------------------------------------------------------------------------------------------------------Private Sub LoginTrail ( nEvent, sUserName, sMessage )moOraDatabase.Parameters.Add "EVENT_ENUM", nEvent, ORAPARM_INPUT, ORATYPE_NUMBERmoOraDatabase.Parameters.Add "LOGIN_USER_NAME", sUserName, ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "CLIENT_IP", Request.ServerVariables("REMOTE_ADDR"), ORAPARM_INPUT, ORATYPE_VARCHAR2moOraDatabase.Parameters.Add "APPLICATION_ID", APPLICATION_ID, ORAPARM_INPUT, ORATYPE_NUMBERmoOraDatabase.Parameters.Add "LOGIN_COMMENTS", sMessage, ORAPARM_INPUT, ORATYPE_VARCHAR2objEH.TryORA ( moOraSession )On Error Resume NextmoOraDatabase.ExecuteSQL _"BEGIN pk_AMUtils.Log_Access ( :EVENT_ENUM, :LOGIN_USER_NAME, :CLIENT_IP, :APPLICATION_ID, :LOGIN_COMMENTS ); END;"objEH.CatchORA ( moOraSession )moOraDatabase.Parameters.Remove "EVENT_ENUM"moOraDatabase.Parameters.Remove "LOGIN_USER_NAME"moOraDatabase.Parameters.Remove "CLIENT_IP"moOraDatabase.Parameters.Remove "APPLICATION_ID"moOraDatabase.Parameters.Remove "LOGIN_COMMENTS"End Sub'-----------------------------------------------------------------------------------------------------------------Private Sub TagLogon ( oRsQry )oRsQry.Edit()oRsQry("is_online").Value = "Y"oRsQry("online_at").Value = Request.ServerVariables("REMOTE_ADDR")oRsQry.Update()End Sub'-----------------------------------------------------------------------------------------------------------------Private Sub SetUserEnvironment ( nUser_id )Dim rsUser, query, tempSTRmoOraDatabase.Parameters.Add "USER_ID", nUser_id, ORAPARM_INPUT, ORATYPE_NUMBER'---- Get User Details ----query = "SELECT usr.* FROM USERS usr WHERE usr.USER_ID = :USER_ID"Set rsUser = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )If (NOT rsUser.BOF) AND (NOT rsUser.EOF) ThenSession(enumUSER_ID_SESSION) = rsUser("user_id")Session(enumUSER_DETAILS_SESSION) = _"user_name="& rsUser("user_name") & sSEPARATOR &_"full_name="& rsUser("full_name") & sSEPARATOR &_"user_email="& rsUser("user_email") & sSEPARATOR &_"last_visit="& rsUser("last_visit") & sSEPARATOR &_"domain="& rsUser("domain")End If'---- Get User Applications ----query = "SELECT ua.APP_ID FROM USER_APPLICATIONS ua WHERE ua.USER_ID = :USER_ID"Set rsUser = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )tempSTR = ""While (NOT rsUser.BOF) AND (NOT rsUser.EOF)tempSTR = tempSTR & sSEPARATOR & rsUser("app_id")rsUser.MoveNext()WEndIf tempSTR <> "" ThenSession(enumUSER_APPLICATIONS_SESSION) = Right( tempSTR, Len(tempSTR) - Len(sSEPARATOR) ) 'Remove first separatorElseSession(enumUSER_APPLICATIONS_SESSION) = 0End IfmoOraDatabase.Parameters.Remove "USER_ID"rsUser.Close()Set rsUser = NothingEnd Sub'-----------------------------------------------------------------------------------------------------------------Private Sub GetApplicationRunningLevel ( )Dim rsQry, query'--- Get if user is loged on from DB ---moOraDatabase.Parameters.Add "APP_ID", APPLICATION_ID, ORAPARM_INPUT, ORATYPE_NUMBERquery = _" SELECT app.APP_ID,"&_" app.APPLICATION_NAME,"&_" app.IS_RUNNING"&_" FROM APPLICATIONS app"&_" WHERE app.APP_ID = :APP_ID"Set rsQry = moOraDatabase.DbCreateDynaset( query , ORADYN_DEFAULT )If (NOT rsQry.BOF) AND (NOT rsQry.EOF) ThenmbIsApplicationRunning = FALSEIf rsQry("is_running") = enumDB_YES ThenmbIsApplicationRunning = TRUEEnd IfEnd IfmoOraDatabase.Parameters.Remove "APP_ID"rsQry.CloseSet rsQry = NothingEnd Sub'-----------------------------------------------------------------------------------------------------------------Private Sub Class_Initialize()'// Perform action on creation of object. e.g. Set myObj = New ThisClassNameSet mobjStaticControl = CreateObject("Scripting.Dictionary")Set mobjTablePermissions = CreateObject("Scripting.Dictionary")Set mobjRowPermissions = CreateObject("Scripting.Dictionary")mbIsApplicationRunning = NULL ' The state of applicationsSEPARATOR = "||"bDebug = falseEnd Sub'-----------------------------------------------------------------------------------------------------------------Private Sub Class_Terminate()'// Perform action on object disposal. e.g. Set myObj = NothingSet mobjStaticControl = NothingSet mobjRowPermissions = NothingSet mobjTablePermissions = NothingEnd Sub'-----------------------------------------------------------------------------------------------------------------End Class%>