IDEMPIERE-5180 : Add client name on RoleAccessUpdate process and add … (#1159)
* IDEMPIERE-5180 : Add client name on RoleAccessUpdate process and add client validation * IDEMPIERE-5181 : RoleAccessUpdate add role validation * IDEMPIERE-5181 : RoleAccessUpdate fix client validation * IDEMPIERE-5181 : RoleAccessUpdate - remove on Client parameter
This commit is contained in:
parent
d8278d9026
commit
ee3df039bf
|
@ -0,0 +1,30 @@
|
||||||
|
SET SQLBLANKLINES ON
|
||||||
|
SET DEFINE OFF
|
||||||
|
|
||||||
|
-- IDEMPIERE-5180
|
||||||
|
-- Feb 5, 2022, 10:01:05 AM CET
|
||||||
|
INSERT INTO AD_Val_Rule (AD_Val_Rule_ID,Name,Description,Type,Code,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,EntityType,AD_Val_Rule_UU) VALUES (200153,'AD_Role of Client - Not manual only','Not manual roles of current client','S','AD_Role.AD_Client_ID=@#AD_Client_ID@ AND AD_Role.IsManual=''N''',0,0,'Y',TO_DATE('2022-02-05 10:01:05','YYYY-MM-DD HH24:MI:SS'),0,TO_DATE('2022-02-05 10:01:05','YYYY-MM-DD HH24:MI:SS'),0,'D','c79f3aa1-27ec-429f-b8e9-72b7ddc95dc2')
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 5, 2022, 10:01:16 AM CET
|
||||||
|
UPDATE AD_Process_Para SET AD_Val_Rule_ID=200153,Updated=TO_DATE('2022-02-05 10:01:16','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=0 WHERE AD_Process_Para_ID=539
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 8:25:06 AM CET
|
||||||
|
UPDATE AD_Process SET Help='Update the access rights of a role or all roles of a client to windows, forms, processes and workflows. Note that a role is only updated if it is not marked as manual.',Updated=TO_DATE('2022-02-08 08:25:06','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=0 WHERE AD_Process_ID=295
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 1:24:16 PM CET
|
||||||
|
DELETE FROM AD_Process_Para_Trl WHERE AD_Process_Para_ID=538
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 1:24:16 PM CET
|
||||||
|
DELETE FROM AD_Process_Para WHERE AD_Process_Para_ID=538
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 1:25:37 PM CET
|
||||||
|
UPDATE AD_Process SET Help='Update the access rights of a role or all roles of a client to windows, forms, processes and workflows. Note that a role is only updated if it is not marked as manual. Note that if is executed from System client and role is not set, all tenant will be udpated',Updated=TO_DATE('2022-02-08 13:25:37','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=0 WHERE AD_Process_ID=295
|
||||||
|
;
|
||||||
|
|
||||||
|
SELECT register_migration_script('202202041530_IDEMPIERE-5180.sql') FROM dual
|
||||||
|
;
|
|
@ -0,0 +1,27 @@
|
||||||
|
-- IDEMPIERE-5180
|
||||||
|
-- Feb 5, 2022, 10:01:05 AM CET
|
||||||
|
INSERT INTO AD_Val_Rule (AD_Val_Rule_ID,Name,Description,Type,Code,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,EntityType,AD_Val_Rule_UU) VALUES (200153,'AD_Role of Client - Not manual only','Not manual roles of current client','S','AD_Role.AD_Client_ID=@#AD_Client_ID@ AND AD_Role.IsManual=''N''',0,0,'Y',TO_TIMESTAMP('2022-02-05 10:01:05','YYYY-MM-DD HH24:MI:SS'),0,TO_TIMESTAMP('2022-02-05 10:01:05','YYYY-MM-DD HH24:MI:SS'),0,'D','c79f3aa1-27ec-429f-b8e9-72b7ddc95dc2')
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 5, 2022, 10:01:16 AM CET
|
||||||
|
UPDATE AD_Process_Para SET AD_Val_Rule_ID=200153,Updated=TO_TIMESTAMP('2022-02-05 10:01:16','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=0 WHERE AD_Process_Para_ID=539
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 8:25:06 AM CET
|
||||||
|
UPDATE AD_Process SET Help='Update the access rights of a role or all roles of a client to windows, forms, processes and workflows. Note that a role is only updated if it is not marked as manual.',Updated=TO_TIMESTAMP('2022-02-08 08:25:06','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=0 WHERE AD_Process_ID=295
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 1:24:16 PM CET
|
||||||
|
DELETE FROM AD_Process_Para_Trl WHERE AD_Process_Para_ID=538
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 1:24:16 PM CET
|
||||||
|
DELETE FROM AD_Process_Para WHERE AD_Process_Para_ID=538
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Feb 8, 2022, 1:25:37 PM CET
|
||||||
|
UPDATE AD_Process SET Help='Update the access rights of a role or all roles of a client to windows, forms, processes and workflows. Note that a role is only updated if it is not marked as manual. Note that if is executed from System client and role is not set, all tenant will be udpated',Updated=TO_TIMESTAMP('2022-02-08 13:25:37','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=0 WHERE AD_Process_ID=295
|
||||||
|
;
|
||||||
|
|
||||||
|
SELECT register_migration_script('202202041530_IDEMPIERE-5180.sql') FROM dual
|
||||||
|
;
|
|
@ -21,6 +21,7 @@ import java.util.List;
|
||||||
import java.util.logging.Level;
|
import java.util.logging.Level;
|
||||||
|
|
||||||
import org.compiere.Adempiere;
|
import org.compiere.Adempiere;
|
||||||
|
import org.compiere.model.MClient;
|
||||||
import org.compiere.model.MRole;
|
import org.compiere.model.MRole;
|
||||||
import org.compiere.model.Query;
|
import org.compiere.model.Query;
|
||||||
import org.compiere.model.SystemIDs;
|
import org.compiere.model.SystemIDs;
|
||||||
|
@ -38,7 +39,7 @@ import org.compiere.util.Env;
|
||||||
* <li>BF [ 3018005 ] Role Access Update: updates all roles if I log in as System
|
* <li>BF [ 3018005 ] Role Access Update: updates all roles if I log in as System
|
||||||
* https://sourceforge.net/p/adempiere/bugs/2437/
|
* https://sourceforge.net/p/adempiere/bugs/2437/
|
||||||
*/
|
*/
|
||||||
@org.adempiere.base.annotation.Process
|
@org.adempiere.base.annotation.Process
|
||||||
public class RoleAccessUpdate extends SvrProcess
|
public class RoleAccessUpdate extends SvrProcess
|
||||||
{
|
{
|
||||||
/** Static Logger */
|
/** Static Logger */
|
||||||
|
@ -46,12 +47,9 @@ public class RoleAccessUpdate extends SvrProcess
|
||||||
|
|
||||||
/** Update Role */
|
/** Update Role */
|
||||||
private int p_AD_Role_ID = -1;
|
private int p_AD_Role_ID = -1;
|
||||||
/** Update Roles of Client */
|
|
||||||
private int p_AD_Client_ID = -1;
|
|
||||||
/** Reset Existing Access */
|
/** Reset Existing Access */
|
||||||
private boolean p_IsReset = true;
|
private boolean p_IsReset = true;
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Prepare
|
* Prepare
|
||||||
*/
|
*/
|
||||||
|
@ -65,8 +63,6 @@ public class RoleAccessUpdate extends SvrProcess
|
||||||
;
|
;
|
||||||
else if (name.equals("AD_Role_ID"))
|
else if (name.equals("AD_Role_ID"))
|
||||||
p_AD_Role_ID = para[i].getParameterAsInt();
|
p_AD_Role_ID = para[i].getParameterAsInt();
|
||||||
else if (name.equals("AD_Client_ID"))
|
|
||||||
p_AD_Client_ID = para[i].getParameterAsInt();
|
|
||||||
else if (name.equals("ResetAccess"))
|
else if (name.equals("ResetAccess"))
|
||||||
p_IsReset = "Y".equals(para[i].getParameter());
|
p_IsReset = "Y".equals(para[i].getParameter());
|
||||||
else
|
else
|
||||||
|
@ -81,7 +77,7 @@ public class RoleAccessUpdate extends SvrProcess
|
||||||
*/
|
*/
|
||||||
protected String doIt () throws Exception
|
protected String doIt () throws Exception
|
||||||
{
|
{
|
||||||
if (log.isLoggable(Level.INFO)) log.info("AD_Client_ID=" + p_AD_Client_ID + ", AD_Role_ID=" + p_AD_Role_ID);
|
if (log.isLoggable(Level.INFO)) log.info("AD_Role_ID=" + p_AD_Role_ID);
|
||||||
//
|
//
|
||||||
if (p_AD_Role_ID > 0)
|
if (p_AD_Role_ID > 0)
|
||||||
updateRole (new MRole (getCtx(), p_AD_Role_ID, get_TrxName()));
|
updateRole (new MRole (getCtx(), p_AD_Role_ID, get_TrxName()));
|
||||||
|
@ -89,21 +85,16 @@ public class RoleAccessUpdate extends SvrProcess
|
||||||
{
|
{
|
||||||
List<Object> params = new ArrayList<Object>();
|
List<Object> params = new ArrayList<Object>();
|
||||||
StringBuilder whereClause = new StringBuilder("1=1");
|
StringBuilder whereClause = new StringBuilder("1=1");
|
||||||
if (p_AD_Client_ID > 0)
|
|
||||||
{
|
|
||||||
whereClause.append(" AND AD_Client_ID=? ");
|
|
||||||
params.add(p_AD_Client_ID);
|
|
||||||
}
|
|
||||||
if (p_AD_Role_ID == SystemIDs.ROLE_SYSTEM) // System Role
|
if (p_AD_Role_ID == SystemIDs.ROLE_SYSTEM) // System Role
|
||||||
{
|
{
|
||||||
whereClause.append(" AND AD_Role_ID=?");
|
whereClause.append(" AND AD_Role_ID=?");
|
||||||
params.add(p_AD_Role_ID);
|
params.add(p_AD_Role_ID);
|
||||||
}
|
}
|
||||||
//sql += "ORDER BY AD_Client_ID, Name";
|
|
||||||
|
|
||||||
List<MRole> roles = new Query(getCtx(), MRole.Table_Name, whereClause.toString(), get_TrxName())
|
List<MRole> roles = new Query(getCtx(), MRole.Table_Name, whereClause.toString(), get_TrxName())
|
||||||
.setOnlyActiveRecords(true)
|
.setOnlyActiveRecords(true)
|
||||||
.setParameters(params)
|
.setParameters(params)
|
||||||
|
.setClient_ID(getAD_Client_ID() > 0) // to avoid Cross tenant PO reading if running from a client > 0 with no role
|
||||||
.setOrderBy("AD_Client_ID, Name")
|
.setOrderBy("AD_Client_ID, Name")
|
||||||
.list();
|
.list();
|
||||||
|
|
||||||
|
@ -122,7 +113,7 @@ public class RoleAccessUpdate extends SvrProcess
|
||||||
*/
|
*/
|
||||||
private void updateRole (MRole role)
|
private void updateRole (MRole role)
|
||||||
{
|
{
|
||||||
StringBuilder msglog = new StringBuilder(role.getName()).append(": ")
|
StringBuilder msglog = new StringBuilder(MClient.get(role.getAD_Client_ID()).getName()).append(" - ").append(role.getName()).append(": ")
|
||||||
.append(role.updateAccessRecords(p_IsReset));
|
.append(role.updateAccessRecords(p_IsReset));
|
||||||
addLog(0, null, null, msglog.toString());
|
addLog(0, null, null, msglog.toString());
|
||||||
} // updateRole
|
} // updateRole
|
||||||
|
|
Loading…
Reference in New Issue