IDEMPIERE-4239 Web Services : AD_User_OrgAccess table is not used on login

This commit is contained in:
Nicolas Micoud 2020-04-11 15:01:45 +02:00 committed by Carlos Ruiz
parent e7b227200e
commit d368c2583a
1 changed files with 15 additions and 12 deletions

View File

@ -182,22 +182,25 @@ public class CompiereService {
// Get Login Info
String loginInfo = null;
// Verify existence of User/Client/Org/Role and User's acces to Client & Org
String sql = "SELECT u.Name || '@' || c.Name || '.' || o.Name AS Text "
+ "FROM AD_User u, AD_Client c, AD_Org o, AD_User_Roles ur, AD_Role r "
+ "WHERE u.AD_User_ID=?" // #1
+ " AND c.AD_Client_ID=?" // #2
+ " AND o.AD_Org_ID=?" // #3
+ " AND ur.AD_Role_ID=?" // #4
+ " AND ur.AD_User_ID=u.AD_User_ID"
+ " AND ur.AD_Role_ID=r.AD_Role_ID"
+ " AND (o.AD_Client_ID = 0 OR o.AD_Client_ID=c.AD_Client_ID)"
+ " AND (r.IsAccessAllOrgs='Y' OR (c.AD_Client_ID IN (SELECT AD_Client_ID FROM AD_Role_OrgAccess ca WHERE ca.AD_Role_ID=ur.AD_Role_ID)"
+ " AND o.AD_Org_ID IN (SELECT AD_Org_ID FROM AD_Role_OrgAccess ca WHERE ca.AD_Role_ID=ur.AD_Role_ID)))";
StringBuilder sql = new StringBuilder("SELECT u.Name || '@' || c.Name || '.' || o.Name AS Text")
.append(" FROM AD_User u, AD_Client c, AD_Org o, AD_Role r")
.append(" WHERE u.AD_User_ID = ?") // #1
.append(" AND c.AD_Client_ID = ?") // #2
.append(" AND o.AD_Org_ID = ?") // #3
.append(" AND r.AD_Role_ID = ?") // #4
.append(" AND (o.AD_Client_ID = 0 OR o.AD_Client_ID=c.AD_Client_ID)")
.append(" AND ( ")
.append(" r.IsAccessAllOrgs='Y'")
.append(" OR (r.IsUseUserOrgAccess='N' AND o.AD_Org_ID IN (SELECT AD_Org_ID FROM AD_Role_OrgAccess ra WHERE ra.AD_Role_ID=r.AD_Role_ID AND ra.IsActive='Y'))")
.append(" OR (r.IsUseUserOrgAccess='Y' AND o.AD_Org_ID IN (SELECT AD_Org_ID FROM AD_User_OrgAccess ua WHERE ua.AD_User_ID=u.AD_User_ID AND ua.IsActive='Y'))")
.append(")");
PreparedStatement pstmt = null;
ResultSet rs = null;
try
{
pstmt = DB.prepareStatement(sql, null);
pstmt = DB.prepareStatement(sql.toString(), null);
pstmt.setInt(1, AD_User_ID);
pstmt.setInt(2, AD_Client_ID);
pstmt.setInt(3, AD_Org_ID);