IDEMPIERE-4239 Web Services : AD_User_OrgAccess table is not used on login
This commit is contained in:
Nicolas Micoud
Carlos Ruiz
parent
e7b227200e
commit
d368c2583a
|
|
@ -182,22 +182,25 @@ public class CompiereService {
|
|||
// Get Login Info
|
||||
String loginInfo = null;
|
||||
// Verify existence of User/Client/Org/Role and User's acces to Client & Org
|
||||
String sql = "SELECT u.Name || '@' || c.Name || '.' || o.Name AS Text "
|
||||
+ "FROM AD_User u, AD_Client c, AD_Org o, AD_User_Roles ur, AD_Role r "
|
||||
+ "WHERE u.AD_User_ID=?" // #1
|
||||
+ " AND c.AD_Client_ID=?" // #2
|
||||
+ " AND o.AD_Org_ID=?" // #3
|
||||
+ " AND ur.AD_Role_ID=?" // #4
|
||||
+ " AND ur.AD_User_ID=u.AD_User_ID"
|
||||
+ " AND ur.AD_Role_ID=r.AD_Role_ID"
|
||||
+ " AND (o.AD_Client_ID = 0 OR o.AD_Client_ID=c.AD_Client_ID)"
|
||||
+ " AND (r.IsAccessAllOrgs='Y' OR (c.AD_Client_ID IN (SELECT AD_Client_ID FROM AD_Role_OrgAccess ca WHERE ca.AD_Role_ID=ur.AD_Role_ID)"
|
||||
+ " AND o.AD_Org_ID IN (SELECT AD_Org_ID FROM AD_Role_OrgAccess ca WHERE ca.AD_Role_ID=ur.AD_Role_ID)))";
|
||||
|
||||
StringBuilder sql = new StringBuilder("SELECT u.Name || '@' || c.Name || '.' || o.Name AS Text")
|
||||
.append(" FROM AD_User u, AD_Client c, AD_Org o, AD_Role r")
|
||||
.append(" WHERE u.AD_User_ID = ?") // #1
|
||||
.append(" AND c.AD_Client_ID = ?") // #2
|
||||
.append(" AND o.AD_Org_ID = ?") // #3
|
||||
.append(" AND r.AD_Role_ID = ?") // #4
|
||||
.append(" AND (o.AD_Client_ID = 0 OR o.AD_Client_ID=c.AD_Client_ID)")
|
||||
.append(" AND ( ")
|
||||
.append(" r.IsAccessAllOrgs='Y'")
|
||||
.append(" OR (r.IsUseUserOrgAccess='N' AND o.AD_Org_ID IN (SELECT AD_Org_ID FROM AD_Role_OrgAccess ra WHERE ra.AD_Role_ID=r.AD_Role_ID AND ra.IsActive='Y'))")
|
||||
.append(" OR (r.IsUseUserOrgAccess='Y' AND o.AD_Org_ID IN (SELECT AD_Org_ID FROM AD_User_OrgAccess ua WHERE ua.AD_User_ID=u.AD_User_ID AND ua.IsActive='Y'))")
|
||||
.append(")");
|
||||
|
||||
PreparedStatement pstmt = null;
|
||||
ResultSet rs = null;
|
||||
try
|
||||
{
|
||||
pstmt = DB.prepareStatement(sql, null);
|
||||
pstmt = DB.prepareStatement(sql.toString(), null);
|
||||
pstmt.setInt(1, AD_User_ID);
|
||||
pstmt.setInt(2, AD_Client_ID);
|
||||
pstmt.setInt(3, AD_Org_ID);
|
||||
|
|
|
|||
Loading…
Reference in New Issue