project BLF > class BResource > method ValidateComponent

Description

Write here all tests on database update (new / modify / delete) that cannot be coded with a validation mask.
The type of update can be found in tc_status (N/C/D).
If you find incorrect data, you must write an entry in tFcMessages (using SetMessage) and set the return status of this method to either +1 or -1.
Return status +1 = data will still be accepted.
Return status -1 = data will not be accepted.
This method is run from SetPublicTables, before transferring the received data into the class temp-tables.


Parameters


oiReturnStatusoutputinteger


Internal usage


unused


program code (program/bresource.p)

define buffer RoleResource1 for RoleResource.
define buffer RoleResource2 for RoleResource.
define buffer Role1 for Role.
define buffer Role2 for Role.
define buffer UsrRoleCompany1 for UsrRoleCompany.
define buffer UsrRoleCompany2 for UsrRoleCompany.


<ANCESTOR-CODE>

if can-find (Syst where Syst.SystSODActive and Syst.SystSODBlockViolations)
then do:
    vlSODBlock = yes.

    /* Validate all resources on which SOD category was changed, skip new resources */
    for each Role1 fields (Role_ID RoleName RoleSODException) no-lock where
             Role1.RoleSODException = no on error undo, throw:
        
        for each RoleResource1 fields (Resource_ID Role_ID) no-lock where
                 RoleResource1.Role_ID = Role1.Role_ID,
            each t_sResources where
                 t_sResources.Resource_ID = RoleResource1.Resource_ID and
                 t_sResources.SODcategory_ID <> 0 and
                 t_sResources.tc_Status = "C" and
                 can-find (first t_iResources where
                                 t_iResources.tc_Rowid = t_sResources.tc_Rowid and
                                 t_iResources.SODcategory_ID <> t_sResources.SODcategory_ID)
                 break by t_sResources.SODcategory_ID on error undo, throw:
            
            /* If no violations are found for a SOD category then skip validations for all next resources in this SOD category.
             * If violations are found keep validating because violations must be reported on resource level.
             */
            if first-of (t_sResources.SODcategory_ID)
            then vlConflictFound = no.
            
            /* ================================================================= */
            /* Validate rule 1 conflicts with modified resources.                */
            /* ================================================================= */
            if first-of (t_sResources.SODcategory_ID)
            or vlConflictFound
            then for each RoleResource2 fields (Resource_ID Role_ID) no-lock where
                          RoleResource2.Role_ID = Role1.Role_ID,
                     each bsResources where
                          bsResources.Resource_ID = RoleResource2.Resource_ID and
                          bsResources.SODcategory_ID <> t_sResources.SODcategory_ID and
                          bsResources.SODcategory_ID <> 0,
                     each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
                          SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
                          SODExclusion.SODCategory2_ID = bsResources.SODcategory_ID on error undo, throw:
                
                vlConflictFound = yes.
                viErrorsReported = viErrorsReported + 1.
                if viErrorsReported > 100
                then return.
            
                oiReturnStatus = -1.
                <M-56 run SetMessage
                   (input  #T-61'Cannot set SOD category on resource: conflict found with resource $1 in role $2.':255(860106386)T-61# (icMessage), 
                    input  bsResources.ResourceURI + chr(2) + Role1.RoleName (icArguments), 
                    input  'tResources.tcSODCategoryCode' (icFieldName), 
                    input  t_sResources.tcSODCategoryCode (icFieldValue), 
                    input  'E' (icType), 
                    input  3 (iiSeverity), 
                    input  t_sResources.tc_Rowid (icRowid), 
                    input  'blf-202429':U (icFcMsgNumber), 
                    input  '' (icFcExplanation), 
                    input  '' (icFcIdentification), 
                    input  '' (icFcContext), 
                    output viFcReturnSuper (oiReturnStatus)) in BResource>
            end.    /* each RoleResource2 */
            
            /* ================================================================= */
            /* Validate rule 1 conflicts with unmodified resources.              */
            /* ================================================================= */
            if first-of (t_sResources.SODcategory_ID)
            or vlConflictFound
            then for each RoleResource2 fields (Resource_ID Role_ID) no-lock where
                          RoleResource2.Role_ID = Role1.Role_ID,
                     each Resources fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
                          Resources.Resource_ID = RoleResource2.Resource_ID and
                          Resources.SODcategory_ID <> t_sResources.SODcategory_ID and
                          Resources.SODcategory_ID <> 0,
                     each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
                          SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
                          SODExclusion.SODCategory2_ID = Resources.SODcategory_ID on error undo, throw:
                
                if can-find (bsResources where bsResources.Resource_ID = Resources.Resource_ID)
                then next.
                
                vlConflictFound = yes.
                viErrorsReported = viErrorsReported + 1.
                if viErrorsReported > 100
                then return.
            
                oiReturnStatus = -1.
                <M-53 run SetMessage
                   (input  #T-82'Cannot set SOD category on resource: conflict found with resource $1 in role $2.':255(860106386)T-82# (icMessage), 
                    input  Resources.ResourceURI + chr(2) + Role1.RoleName (icArguments), 
                    input  'tResources.tcSODCategoryCode' (icFieldName), 
                    input  t_sResources.tcSODCategoryCode (icFieldValue), 
                    input  'E' (icType), 
                    input  3 (iiSeverity), 
                    input  t_sResources.tc_Rowid (icRowid), 
                    input  'blf-928264':U (icFcMsgNumber), 
                    input  '' (icFcExplanation), 
                    input  '' (icFcIdentification), 
                    input  '' (icFcContext), 
                    output viFcReturnSuper (oiReturnStatus)) in BResource>
            end.    /* each RoleResource2 */
            
            /* ================================================================= */
            /* Validate rule 2 conflicts with modified resources.                */
            /* ================================================================= */
            if first-of (t_sResources.SODcategory_ID)
            or vlConflictFound
            then for each UsrRoleCompany1 fields (Usr_ID Role_ID Company_ID Domain_ID) no-lock where
                          UsrRoleCompany1.Role_ID = Role1.Role_ID,
                     each UsrRoleCompany2 fields (Usr_ID Role_ID Company_ID) no-lock where
                          UsrRoleCompany2.Usr_id = UsrRoleCompany1.Usr_id and
                          UsrRoleCompany2.Company_ID = UsrRoleCompany1.Company_ID and
                          UsrRoleCompany2.Role_ID <> UsrRoleCompany1.Role_ID,
                     each Role2 fields (Role_ID RoleName RoleSODException) no-lock where
                          Role2.Role_ID = UsrRoleCompany2.Role_ID and
                          Role2.RoleSODException = no,
                     each RoleResource2 fields (Resource_ID Role_ID) no-lock where
                          RoleResource2.Role_ID = Role2.Role_ID,
                     each bsResources where
                          bsResources.Resource_ID = RoleResource2.Resource_ID and
                          bsResources.SODcategory_ID <> t_sResources.SODcategory_ID and
                          bsResources.SODcategory_ID <> 0,
                     each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
                          SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
                          SODExclusion.SODCategory2_ID = bsResources.SODcategory_ID on error undo, throw:

                vlPolicyException = no.
                for each SODException fields (SODException_ID Usr_ID) no-lock where
                         SODException.Usr_ID = UsrRoleCompany1.Usr_ID:
                    if can-find (first SODExceptionLn where
                         SODExceptionLn.SODException_ID = SODException.SODException_ID and
                         SODExceptionLn.SODCategory1_ID = t_sResources.SODcategory_ID and
                         SODExceptionLn.SODCategory2_ID = bsResources.SODcategory_ID and
                        (SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
                        (SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
                    or can-find (first SODExceptionLn where
                         SODExceptionLn.SODException_ID = SODException.SODException_ID and
                         SODExceptionLn.SODCategory1_ID = bsResources.SODcategory_ID and
                         SODExceptionLn.SODCategory2_ID = t_sResources.SODcategory_ID and
                        (SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
                        (SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
                    then do:
                        vlPolicyException = yes.
                        leave.
                    end.
                end.    /* each SODException */
                
                if vlPolicyException = no
                then do:
                    vlConflictFound = yes.
                    viErrorsReported = viErrorsReported + 1.
                    if viErrorsReported > 100
                    then return.
                    
                    vcSODCompanyCode = "".
                    for first Company fields (Company_ID CompanyCode) no-lock where
                              Company.Company_ID = UsrRoleCompany1.Company_ID:
                        vcSODCompanyCode = Company.CompanyCode.
                    end.
                    
                    vcSODUserName = "".
                    for first Usr fields (Usr_ID UsrName) no-lock where
                              Usr.Usr_ID = UsrRoleCompany1.Usr_ID:
                        vcSODUserName = Usr.UsrName.
                    end.
                    
                    oiReturnStatus = -1.
                    vcContext = #T-43'User Name':17(7033)T-43# + " = " + vcSODUserName + chr(10)
                              + #T-93'Entity Code':24(8770)T-93# + " = " + vcSODCompanyCode + chr(10)
                              + #T-72'Role 1 Name':20(733738256)T-72# + " = " + Role1.RoleName + chr(10)
                              + #T-25'Resource 1 URI':20(998717657)T-25# + " = " + t_sResources.ResourceURI + chr(10)
                              + #T-73'SOD category 1 code':20(583998413)T-73# + " = " + t_sResources.tcSODCategoryCode + chr(10)
                              + #T-83'Role 2 Name':20(73458301)T-83# + " = " + Role2.RoleName + chr(10)
                              + #T-44'Resource 2 URI':20(117798426)T-44# + " = " + bsResources.ResourceURI + chr(10)
                              + #T-52'SOD category 2 code':20(52834825)T-52# + " = " + bsResources.tcSODCategoryCode.
                    <M-35 run SetMessage
                       (input  #T-84'Cannot set SOD category on resource: conflict found for user $1.':255(140233697)T-84# (icMessage), 
                        input  vcSODUserName (icArguments), 
                        input  'tResources.tcSODCategoryCode' (icFieldName), 
                        input  t_sResources.tcSODCategoryCode (icFieldValue), 
                        input  'E' (icType), 
                        input  3 (iiSeverity), 
                        input  t_sResources.tc_Rowid (icRowid), 
                        input  'blf-82030':U (icFcMsgNumber), 
                        input  '' (icFcExplanation), 
                        input  '' (icFcIdentification), 
                        input  vcContext (icFcContext), 
                        output viFcReturnSuper (oiReturnStatus)) in BResource>
                end.    /* vlPolicyException = no */
            end.    /* each UsrRoleCompany1 */
            
            /* ================================================================= */
            /* Validate rule 2 conflicts with unmodified resources.              */
            /* ================================================================= */
            if first-of (t_sResources.SODcategory_ID)
            or vlConflictFound
            then for each UsrRoleCompany1 fields (Usr_ID Role_ID Company_ID Domain_ID) no-lock where
                          UsrRoleCompany1.Role_ID = Role1.Role_ID,
                     each UsrRoleCompany2 fields (Usr_ID Role_ID Company_ID) no-lock where
                          UsrRoleCompany2.Usr_id = UsrRoleCompany1.Usr_id and
                          UsrRoleCompany2.Company_ID = UsrRoleCompany1.Company_ID and
                          UsrRoleCompany2.Role_ID <> UsrRoleCompany1.Role_ID,
                     each Role2 fields (Role_ID RoleName RoleSODException) no-lock where
                          Role2.Role_ID = UsrRoleCompany2.Role_ID and
                          Role2.RoleSODException = no,
                     each RoleResource2 fields (Resource_ID Role_ID) no-lock where
                          RoleResource2.Role_ID = Role2.Role_ID,
                     each Resources fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
                          Resources.Resource_ID = RoleResource2.Resource_ID and
                          Resources.SODcategory_ID <> t_sResources.SODcategory_ID and
                          Resources.SODcategory_ID <> 0,
                     each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
                          SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
                          SODExclusion.SODCategory2_ID = Resources.SODcategory_ID on error undo, throw:

                if can-find (bsResources where bsResources.Resource_ID = Resources.Resource_ID)
                then next.

                vlPolicyException = no.
                for each SODException fields (SODException_ID Usr_ID) no-lock where
                         SODException.Usr_ID = UsrRoleCompany1.Usr_ID:
                    if can-find (first SODExceptionLn where
                         SODExceptionLn.SODException_ID = SODException.SODException_ID and
                         SODExceptionLn.SODCategory1_ID = t_sResources.SODcategory_ID and
                         SODExceptionLn.SODCategory2_ID = Resources.SODcategory_ID and
                        (SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
                        (SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
                    or can-find (first SODExceptionLn where
                         SODExceptionLn.SODException_ID = SODException.SODException_ID and
                         SODExceptionLn.SODCategory1_ID = Resources.SODcategory_ID and
                         SODExceptionLn.SODCategory2_ID = t_sResources.SODcategory_ID and
                        (SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
                        (SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
                    then do:
                        vlPolicyException = yes.
                        leave.
                    end.
                end.    /* each SODException */
                
                if vlPolicyException = no
                then do:
                    vlConflictFound = yes.
                    viErrorsReported = viErrorsReported + 1.
                    if viErrorsReported > 100
                    then return.
                    
                    vcSODCompanyCode = "".
                    for first Company fields (Company_ID CompanyCode) no-lock where
                              Company.Company_ID = UsrRoleCompany1.Company_ID:
                        vcSODCompanyCode = Company.CompanyCode.
                    end.
                    
                    vcSODUserName = "".
                    for first Usr fields (Usr_ID UsrName) no-lock where
                              Usr.Usr_ID = UsrRoleCompany1.Usr_ID:
                        vcSODUserName = Usr.UsrName.
                    end.
                    
                    vcSODCategoryCode = "".
                    for first SODCategory fields (SODCategory_ID SODCategoryCode) no-lock where
                              SODCategory.SODCategory_ID = Resources.SODcategory_ID:
                        vcSODCategoryCode = SODCategory.SODCategoryCode.
                    end.
                    
                    oiReturnStatus = -1.
                    vcContext = #T-76'User Name':17(7033)T-76# + " = " + vcSODUserName + chr(10)
                              + #T-29'Entity Code':24(8770)T-29# + " = " + vcSODCompanyCode + chr(10)
                              + #T-47'Role 1 Name':20(733738256)T-47# + " = " + Role1.RoleName + chr(10)
                              + #T-98'Resource 1 URI':20(998717657)T-98# + " = " + t_sResources.ResourceURI + chr(10)
                              + #T-78'SOD Category 1 Code':20(583998413)T-78# + " = " + t_sResources.tcSODCategoryCode + chr(10)
                              + #T-95'Role 2 Name':20(73458301)T-95# + " = " + Role2.RoleName + chr(10)
                              + #T-94'Resource 2 URI':20(117798426)T-94# + " = " + Resources.ResourceURI + chr(10)
                              + #T-20'SOD Category 2 Code':20(52834825)T-20# + " = " + vcSODCategoryCode.
                    <M-96 run SetMessage
                       (input  #T-28'Cannot set SOD category on resource: conflict found for user $1.':255(140233697)T-28# (icMessage), 
                        input  vcSODUserName (icArguments), 
                        input  'tResources.tcSODCategoryCode' (icFieldName), 
                        input  t_sResources.tcSODCategoryCode (icFieldValue), 
                        input  'E' (icType), 
                        input  3 (iiSeverity), 
                        input  t_sResources.tc_Rowid (icRowid), 
                        input  'blf-902369':U (icFcMsgNumber), 
                        input  '' (icFcExplanation), 
                        input  '' (icFcIdentification), 
                        input  vcContext (icFcContext), 
                        output viFcReturnSuper (oiReturnStatus)) in BResource>
                end.    /* vlPolicyException = no */
            end.    /* each UsrRoleCompany1 */
        end. /* each RoleResource1 */
    end.    /* each Role1 */
end.    /* Syst.SystSODBlockViolations = yes */

finally:    
    if viErrorsReported > 100
    then do:
        <M-23 run SetMessage
           (input  #T-67'Validation is aborted after 100 errors were reported.':255(415735840)T-67# (icMessage), 
            input  '' (icArguments), 
            input  '' (icFieldName), 
            input  '' (icFieldValue), 
            input  'W' (icType), 
            input  3 (iiSeverity), 
            input  '' (icRowid), 
            input  'blf-156751':U (icFcMsgNumber), 
            input  '' (icFcExplanation), 
            input  '' (icFcIdentification), 
            input  '' (icFcContext), 
            output viFcReturnSuper (oiReturnStatus)) in BResource>
    end.
end finally.