project BLF > class BResource > method ValidateComponent
Description
Write here all tests on database update (new / modify / delete) that cannot be coded with a validation mask.
The type of update can be found in tc_status (N/C/D).
If you find incorrect data, you must write an entry in tFcMessages (using SetMessage) and set the return status of this method to either +1 or -1.
Return status +1 = data will still be accepted.
Return status -1 = data will not be accepted.
This method is run from SetPublicTables, before transferring the received data into the class temp-tables.
Parameters
| oiReturnStatus | output | integer | |
Internal usage
unused
program code (program/bresource.p)
define buffer RoleResource1 for RoleResource.
define buffer RoleResource2 for RoleResource.
define buffer Role1 for Role.
define buffer Role2 for Role.
define buffer UsrRoleCompany1 for UsrRoleCompany.
define buffer UsrRoleCompany2 for UsrRoleCompany.
<ANCESTOR-CODE>
if can-find (Syst where Syst.SystSODActive and Syst.SystSODBlockViolations)
then do:
vlSODBlock = yes.
/* Validate all resources on which SOD category was changed, skip new resources */
for each Role1 fields (Role_ID RoleName RoleSODException) no-lock where
Role1.RoleSODException = no on error undo, throw:
for each RoleResource1 fields (Resource_ID Role_ID) no-lock where
RoleResource1.Role_ID = Role1.Role_ID,
each t_sResources where
t_sResources.Resource_ID = RoleResource1.Resource_ID and
t_sResources.SODcategory_ID <> 0 and
t_sResources.tc_Status = "C" and
can-find (first t_iResources where
t_iResources.tc_Rowid = t_sResources.tc_Rowid and
t_iResources.SODcategory_ID <> t_sResources.SODcategory_ID)
break by t_sResources.SODcategory_ID on error undo, throw:
/* If no violations are found for a SOD category then skip validations for all next resources in this SOD category.
* If violations are found keep validating because violations must be reported on resource level.
*/
if first-of (t_sResources.SODcategory_ID)
then vlConflictFound = no.
/* ================================================================= */
/* Validate rule 1 conflicts with modified resources. */
/* ================================================================= */
if first-of (t_sResources.SODcategory_ID)
or vlConflictFound
then for each RoleResource2 fields (Resource_ID Role_ID) no-lock where
RoleResource2.Role_ID = Role1.Role_ID,
each bsResources where
bsResources.Resource_ID = RoleResource2.Resource_ID and
bsResources.SODcategory_ID <> t_sResources.SODcategory_ID and
bsResources.SODcategory_ID <> 0,
each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
SODExclusion.SODCategory2_ID = bsResources.SODcategory_ID on error undo, throw:
vlConflictFound = yes.
viErrorsReported = viErrorsReported + 1.
if viErrorsReported > 100
then return.
oiReturnStatus = -1.
<M-56 run SetMessage
(input #T-61'Cannot set SOD category on resource: conflict found with resource $1 in role $2.':255(860106386)T-61# (icMessage),
input bsResources.ResourceURI + chr(2) + Role1.RoleName (icArguments),
input 'tResources.tcSODCategoryCode' (icFieldName),
input t_sResources.tcSODCategoryCode (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sResources.tc_Rowid (icRowid),
input 'blf-202429':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BResource>
end. /* each RoleResource2 */
/* ================================================================= */
/* Validate rule 1 conflicts with unmodified resources. */
/* ================================================================= */
if first-of (t_sResources.SODcategory_ID)
or vlConflictFound
then for each RoleResource2 fields (Resource_ID Role_ID) no-lock where
RoleResource2.Role_ID = Role1.Role_ID,
each Resources fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
Resources.Resource_ID = RoleResource2.Resource_ID and
Resources.SODcategory_ID <> t_sResources.SODcategory_ID and
Resources.SODcategory_ID <> 0,
each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
SODExclusion.SODCategory2_ID = Resources.SODcategory_ID on error undo, throw:
if can-find (bsResources where bsResources.Resource_ID = Resources.Resource_ID)
then next.
vlConflictFound = yes.
viErrorsReported = viErrorsReported + 1.
if viErrorsReported > 100
then return.
oiReturnStatus = -1.
<M-53 run SetMessage
(input #T-82'Cannot set SOD category on resource: conflict found with resource $1 in role $2.':255(860106386)T-82# (icMessage),
input Resources.ResourceURI + chr(2) + Role1.RoleName (icArguments),
input 'tResources.tcSODCategoryCode' (icFieldName),
input t_sResources.tcSODCategoryCode (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sResources.tc_Rowid (icRowid),
input 'blf-928264':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BResource>
end. /* each RoleResource2 */
/* ================================================================= */
/* Validate rule 2 conflicts with modified resources. */
/* ================================================================= */
if first-of (t_sResources.SODcategory_ID)
or vlConflictFound
then for each UsrRoleCompany1 fields (Usr_ID Role_ID Company_ID Domain_ID) no-lock where
UsrRoleCompany1.Role_ID = Role1.Role_ID,
each UsrRoleCompany2 fields (Usr_ID Role_ID Company_ID) no-lock where
UsrRoleCompany2.Usr_id = UsrRoleCompany1.Usr_id and
UsrRoleCompany2.Company_ID = UsrRoleCompany1.Company_ID and
UsrRoleCompany2.Role_ID <> UsrRoleCompany1.Role_ID,
each Role2 fields (Role_ID RoleName RoleSODException) no-lock where
Role2.Role_ID = UsrRoleCompany2.Role_ID and
Role2.RoleSODException = no,
each RoleResource2 fields (Resource_ID Role_ID) no-lock where
RoleResource2.Role_ID = Role2.Role_ID,
each bsResources where
bsResources.Resource_ID = RoleResource2.Resource_ID and
bsResources.SODcategory_ID <> t_sResources.SODcategory_ID and
bsResources.SODcategory_ID <> 0,
each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
SODExclusion.SODCategory2_ID = bsResources.SODcategory_ID on error undo, throw:
vlPolicyException = no.
for each SODException fields (SODException_ID Usr_ID) no-lock where
SODException.Usr_ID = UsrRoleCompany1.Usr_ID:
if can-find (first SODExceptionLn where
SODExceptionLn.SODException_ID = SODException.SODException_ID and
SODExceptionLn.SODCategory1_ID = t_sResources.SODcategory_ID and
SODExceptionLn.SODCategory2_ID = bsResources.SODcategory_ID and
(SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
(SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
or can-find (first SODExceptionLn where
SODExceptionLn.SODException_ID = SODException.SODException_ID and
SODExceptionLn.SODCategory1_ID = bsResources.SODcategory_ID and
SODExceptionLn.SODCategory2_ID = t_sResources.SODcategory_ID and
(SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
(SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
then do:
vlPolicyException = yes.
leave.
end.
end. /* each SODException */
if vlPolicyException = no
then do:
vlConflictFound = yes.
viErrorsReported = viErrorsReported + 1.
if viErrorsReported > 100
then return.
vcSODCompanyCode = "".
for first Company fields (Company_ID CompanyCode) no-lock where
Company.Company_ID = UsrRoleCompany1.Company_ID:
vcSODCompanyCode = Company.CompanyCode.
end.
vcSODUserName = "".
for first Usr fields (Usr_ID UsrName) no-lock where
Usr.Usr_ID = UsrRoleCompany1.Usr_ID:
vcSODUserName = Usr.UsrName.
end.
oiReturnStatus = -1.
vcContext = #T-43'User Name':17(7033)T-43# + " = " + vcSODUserName + chr(10)
+ #T-93'Entity Code':24(8770)T-93# + " = " + vcSODCompanyCode + chr(10)
+ #T-72'Role 1 Name':20(733738256)T-72# + " = " + Role1.RoleName + chr(10)
+ #T-25'Resource 1 URI':20(998717657)T-25# + " = " + t_sResources.ResourceURI + chr(10)
+ #T-73'SOD category 1 code':20(583998413)T-73# + " = " + t_sResources.tcSODCategoryCode + chr(10)
+ #T-83'Role 2 Name':20(73458301)T-83# + " = " + Role2.RoleName + chr(10)
+ #T-44'Resource 2 URI':20(117798426)T-44# + " = " + bsResources.ResourceURI + chr(10)
+ #T-52'SOD category 2 code':20(52834825)T-52# + " = " + bsResources.tcSODCategoryCode.
<M-35 run SetMessage
(input #T-84'Cannot set SOD category on resource: conflict found for user $1.':255(140233697)T-84# (icMessage),
input vcSODUserName (icArguments),
input 'tResources.tcSODCategoryCode' (icFieldName),
input t_sResources.tcSODCategoryCode (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sResources.tc_Rowid (icRowid),
input 'blf-82030':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input vcContext (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BResource>
end. /* vlPolicyException = no */
end. /* each UsrRoleCompany1 */
/* ================================================================= */
/* Validate rule 2 conflicts with unmodified resources. */
/* ================================================================= */
if first-of (t_sResources.SODcategory_ID)
or vlConflictFound
then for each UsrRoleCompany1 fields (Usr_ID Role_ID Company_ID Domain_ID) no-lock where
UsrRoleCompany1.Role_ID = Role1.Role_ID,
each UsrRoleCompany2 fields (Usr_ID Role_ID Company_ID) no-lock where
UsrRoleCompany2.Usr_id = UsrRoleCompany1.Usr_id and
UsrRoleCompany2.Company_ID = UsrRoleCompany1.Company_ID and
UsrRoleCompany2.Role_ID <> UsrRoleCompany1.Role_ID,
each Role2 fields (Role_ID RoleName RoleSODException) no-lock where
Role2.Role_ID = UsrRoleCompany2.Role_ID and
Role2.RoleSODException = no,
each RoleResource2 fields (Resource_ID Role_ID) no-lock where
RoleResource2.Role_ID = Role2.Role_ID,
each Resources fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
Resources.Resource_ID = RoleResource2.Resource_ID and
Resources.SODcategory_ID <> t_sResources.SODcategory_ID and
Resources.SODcategory_ID <> 0,
each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
SODExclusion.SODCategory1_ID = t_sResources.SODcategory_ID and
SODExclusion.SODCategory2_ID = Resources.SODcategory_ID on error undo, throw:
if can-find (bsResources where bsResources.Resource_ID = Resources.Resource_ID)
then next.
vlPolicyException = no.
for each SODException fields (SODException_ID Usr_ID) no-lock where
SODException.Usr_ID = UsrRoleCompany1.Usr_ID:
if can-find (first SODExceptionLn where
SODExceptionLn.SODException_ID = SODException.SODException_ID and
SODExceptionLn.SODCategory1_ID = t_sResources.SODcategory_ID and
SODExceptionLn.SODCategory2_ID = Resources.SODcategory_ID and
(SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
(SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
or can-find (first SODExceptionLn where
SODExceptionLn.SODException_ID = SODException.SODException_ID and
SODExceptionLn.SODCategory1_ID = Resources.SODcategory_ID and
SODExceptionLn.SODCategory2_ID = t_sResources.SODcategory_ID and
(SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
(SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
then do:
vlPolicyException = yes.
leave.
end.
end. /* each SODException */
if vlPolicyException = no
then do:
vlConflictFound = yes.
viErrorsReported = viErrorsReported + 1.
if viErrorsReported > 100
then return.
vcSODCompanyCode = "".
for first Company fields (Company_ID CompanyCode) no-lock where
Company.Company_ID = UsrRoleCompany1.Company_ID:
vcSODCompanyCode = Company.CompanyCode.
end.
vcSODUserName = "".
for first Usr fields (Usr_ID UsrName) no-lock where
Usr.Usr_ID = UsrRoleCompany1.Usr_ID:
vcSODUserName = Usr.UsrName.
end.
vcSODCategoryCode = "".
for first SODCategory fields (SODCategory_ID SODCategoryCode) no-lock where
SODCategory.SODCategory_ID = Resources.SODcategory_ID:
vcSODCategoryCode = SODCategory.SODCategoryCode.
end.
oiReturnStatus = -1.
vcContext = #T-76'User Name':17(7033)T-76# + " = " + vcSODUserName + chr(10)
+ #T-29'Entity Code':24(8770)T-29# + " = " + vcSODCompanyCode + chr(10)
+ #T-47'Role 1 Name':20(733738256)T-47# + " = " + Role1.RoleName + chr(10)
+ #T-98'Resource 1 URI':20(998717657)T-98# + " = " + t_sResources.ResourceURI + chr(10)
+ #T-78'SOD Category 1 Code':20(583998413)T-78# + " = " + t_sResources.tcSODCategoryCode + chr(10)
+ #T-95'Role 2 Name':20(73458301)T-95# + " = " + Role2.RoleName + chr(10)
+ #T-94'Resource 2 URI':20(117798426)T-94# + " = " + Resources.ResourceURI + chr(10)
+ #T-20'SOD Category 2 Code':20(52834825)T-20# + " = " + vcSODCategoryCode.
<M-96 run SetMessage
(input #T-28'Cannot set SOD category on resource: conflict found for user $1.':255(140233697)T-28# (icMessage),
input vcSODUserName (icArguments),
input 'tResources.tcSODCategoryCode' (icFieldName),
input t_sResources.tcSODCategoryCode (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sResources.tc_Rowid (icRowid),
input 'blf-902369':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input vcContext (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BResource>
end. /* vlPolicyException = no */
end. /* each UsrRoleCompany1 */
end. /* each RoleResource1 */
end. /* each Role1 */
end. /* Syst.SystSODBlockViolations = yes */
finally:
if viErrorsReported > 100
then do:
<M-23 run SetMessage
(input #T-67'Validation is aborted after 100 errors were reported.':255(415735840)T-67# (icMessage),
input '' (icArguments),
input '' (icFieldName),
input '' (icFieldValue),
input 'W' (icType),
input 3 (iiSeverity),
input '' (icRowid),
input 'blf-156751':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BResource>
end.
end finally.