project BLF > class BSystem > method ValidateComponent
Description
Write here all tests on database update (new / modify / delete) that cannot be coded with a validation mask.
The type of update can be found in tc_status (N/C/D).
If you find incorrect data, you must write an entry in tFcMessages (using SetMessage) and set the return status of this method to either +1 or -1.
Return status +1 = data will still be accepted.
Return status -1 = data will not be accepted.
This method is run from SetPublicTables, before transferring the received data into the class temp-tables.
Parameters
| oiReturnStatus | output | integer | |
Internal usage
unused
program code (program/bsystem.p)
define buffer Resources1 for Resources.
define buffer Resources2 for Resources.
define buffer RoleResource1 for RoleResource.
define buffer RoleResource2 for RoleResource.
define buffer Role1 for Role.
define buffer Role2 for Role.
define buffer UsrRoleCompany1 for UsrRoleCompany.
define buffer UsrRoleCompany2 for UsrRoleCompany.
/* ======================================================== */
/* Stop all previously accesed components */
/* ======================================================== */
<M-25 run StopExternalInstances
(output viFcReturnSuper (oiReturnStatus)) in BSystem>
/* ===================================================================== */
/* Make sure to validate tcLangCode and to set Lng_ID based on tcLngCode */
/* ===================================================================== */
for each t_sSyst where
t_sSyst.tc_Status = "N":U or
t_sSyst.tc_Status = "C":U on error undo, throw:
if t_sSyst.tcLngCode = "":U or
t_sSyst.tcLngCode = ?
then do:
assign vcMessage = trim(#T-9'You must enter the language code.':255(447)T-9#)
oiReturnStatus = -1.
<M-7 run SetMessage
(input vcMessage (icMessage),
input '':U (icArguments),
input 't_sSyst.tcLngCode':U (icFieldName),
input t_sSyst.tcLngCode (icFieldValue),
input 'E':U (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'BLF-220':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end. /* if tSys.tcLngCode = "":U or */
else do:
if t_sSyst.tc_Status = "N":U or
(t_sSyst.tc_Status = "C":U and
can-find (t_iSyst where
t_iSyst.tc_Rowid = t_sSyst.tc_Rowid and
t_iSyst.tcLngCode <> t_sSyst.tcLngCode))
then do :
<Q-4 run LanguagePrim (all) (Read) (Cache)
(input t_sSyst.tcLngCode, (LngCode)
input ?, (LngID)
output dataset tqLanguagePrim) in BLanguage >
find first tqLanguagePrim no-lock no-error.
if not available tqLanguagePrim
then do :
assign vcMessage = trim(substitute(#T-10'Invalid language code: &1.':255(448)T-10#,t_sSyst.tcLngCode))
oiReturnStatus = -1.
<M-8 run SetMessage
(input vcMessage (icMessage),
input '':U (icArguments),
input 'Syst.tcLngCode':U (icFieldName),
input t_sSyst.tcLngCode (icFieldValue),
input 'E':U (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'BLF-221':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end. /* if not available tqLanguagePrim */
else assign t_sSyst.Lng_ID = tqLanguagePrim.tiLng_ID.
end. /* end if t_sSyst.tc_Status = "N":U or .. */
end. /* if t_sSyst.tcLngCode <> "":U */
end. /* for each t_sSyst where */
<ANCESTOR-CODE>
/* Encode the password */
for each t_sSyst where
t_sSyst.tc_Status = "N":U on error undo, throw:
assign vhFcComponent = ?.
<M-11 run MainBlock
() in TCrypt>
assign vhCrypthandle = vhFcComponent.
<M-12 run EncryptString
(input t_sSyst.SystAdminUserPwd (icInputString),
output t_sSyst.SystAdminUserPwd (ocOutputString),
output viFcReturnSuper (oiReturnStatus)) in TCrypt>
run gipr_DeleteProcedure in vhCrypthandle.
delete procedure vhCrypthandle.
end.
for each t_sSyst where
t_sSyst.tc_Status = "C":U,
each t_iSyst where
t_iSyst.tc_Rowid = t_sSyst.tc_Rowid and
t_iSyst.SystAdminUserPwd <> t_sSyst.SystAdminUserPwd on error undo, throw:
assign vhFcComponent = ?.
<M-13 run MainBlock
() in TCrypt>
assign vhCrypthandle = vhFcComponent.
<M-14 run EncryptString
(input t_sSyst.SystAdminUserPwd (icInputString),
output t_sSyst.SystAdminUserPwd (ocOutputString),
output viFcReturnSuper (oiReturnStatus)) in TCrypt>
run gipr_DeleteProcedure in vhCrypthandle.
delete procedure vhCrypthandle.
end.
for each t_sSyst where
(t_sSyst.tc_Status = "N":U or
t_sSyst.tc_Status = "C":U) And
t_sSyst.tcSystAdminUsrLogin <> '' And
t_sSyst.tcSystAdminUsrLogin <> ? on error undo, throw:
assign vhFcComponent = ?.
<M-17 run MainBlock
() in TCrypt>
assign vhCrypthandle = vhFcComponent.
<M-18 run DecryptString
(input t_sSyst.SystAdminUserPwd (icInputString),
output vcPwd (ocOutputString),
output viFcReturnSuper (oiReturnStatus)) in TCrypt>
run gipr_DeleteProcedure in vhCrypthandle.
delete procedure vhCrypthandle.
<I-24 {bFcOpenInstance
&CLASS = "Session"}>
<M-23 run ValidateLogin
(input t_sSyst.tcSystAdminUsrLogin (icUsrLogin),
input vcPwd (icUsrPassword),
output viFcReturnSuper (oiReturnStatus)) in Session>
if viFcReturnSuper < 0
then Do:
Assign oiReturnStatus = viFcReturnSuper.
<M-20 run SetMessage
(input #T-22'Some errors occurred while validating user and password.':100(8460)T-22# (icMessage),
input '' (icArguments),
input 't_sSyst.tcSystAdminUsrLogin':U (icFieldName),
input t_sSyst.tcSystAdminUsrLogin (icFieldValue),
input 'E':U (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'BLF-222':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end.
<I-21 {bFcCloseInstance
&CLASS = "Session"}>
End. /*for each t_sSyst where*/
/* ===================================================================== */
/* SOD blocking flag can only be set when currently no violations exist. */
/* When SOD is already active, violations are available in the database. */
/* When SOD is not yet active, violations must be validated here. */
/* These validations may take a long time. Do not run them if other */
/* errors are already reported. */
/* ===================================================================== */
if oiReturnStatus >= 0
then
for each t_sSyst where
t_sSyst.SystSODBlockViolations and
(t_sSyst.tc_Status = "N" or
t_sSyst.tc_Status = "C")
on error undo, throw:
if t_sSyst.tc_Status = "C"
and can-find (first t_iSyst where t_iSyst.SystSODBlockViolations)
then next.
if can-find (first t_iSyst where t_iSyst.SystSODActive)
then do:
if can-find (first SODViolation1)
then do:
oiReturnStatus = -1.
<M-66 run SetMessage
(input #T-48'You cannot set the SOD blocking flag when violations ($1) still exist.':255(459643195)T-48# (icMessage),
input 'RULE 1' (icArguments),
input 'tSyst.SystSODBlockViolations' (icFieldName),
input 'true' (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'blf-286421':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end. /* can-find (first SODViolation1) */
if can-find (first SODViolation2)
then do:
oiReturnStatus = -1.
<M-31 run SetMessage
(input #T-80'You cannot set the SOD blocking flag when violations ($1) still exist.':255(459643195)T-80# (icMessage),
input 'RULE 2' (icArguments),
input 'tSyst.SystSODBlockViolations' (icFieldName),
input 'true' (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'blf-375127':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end. /* can-find (first SODViolation2) */
end. /* can-find (first t_iSyst) */
else if can-find (first SODExclusion)
then for each Role1 fields (Role_ID RoleName RoleSODException) no-lock where
Role1.RoleSODException = no on error undo, throw:
for each RoleResource1 fields (Role_ID Resource_ID) no-lock where
RoleResource1.Role_ID = Role1.Role_ID,
each Resources1 fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
Resources1.Resource_ID = RoleResource1.Resource_ID and
Resources1.SODcategory_ID <> 0
break by Resources1.SODcategory_ID:
/* If no violations are found for a SOD category then skip validations for all next resources in this SOD category.
* If violations are found keep validating because violations must be reported on resource level.
*/
if first-of (Resources1.SODcategory_ID)
then vlConflictFound = no.
/* validate rule 1 */
if first-of (Resources1.SODcategory_ID)
or vlConflictFound
then for each RoleResource2 fields (Role_ID Resource_ID) no-lock where
RoleResource2.Role_ID = Role1.Role_ID,
each Resources2 fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
Resources2.Resource_ID = RoleResource2.Resource_ID and
Resources2.SODcategory_ID <> 0,
each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
SODExclusion.SODCategory1_ID = Resources1.SODcategory_ID and
SODExclusion.SODCategory2_ID = Resources2.SODcategory_ID on error undo, throw:
vlConflictFound = yes.
viConflicts = viConflicts + 1.
if viConflicts > 100 then return.
vcSODCategoryCode1 = "".
for first SODCategory fields (SODCategory_ID SODCategoryCode) no-lock where
SODCategory.SODCategory_ID = Resources1.SODcategory_ID:
vcSODCategoryCode1 = SODCategory.SODCategoryCode.
end.
vcSODCategoryCode2 = "".
for first SODCategory fields (SODCategory_ID SODCategoryCode) no-lock where
SODCategory.SODCategory_ID = Resources2.SODcategory_ID:
vcSODCategoryCode2 = SODCategory.SODCategoryCode.
end.
oiReturnStatus = -1.
vcMessage = #T-63'You cannot set the SOD blocking flag when violations ($1) still exist.':255(459643195)T-63#.
vcContext = #T-87'Role Name':10(7027)T-87# + " = " + Role1.RoleName + chr(10)
+ #T-55'SOD Category 1 Code':20(583998413)T-55# + " = " + vcSODCategoryCode1 + chr(10)
+ #T-94'Resource 1 URI':20(998717657)T-94# + " = " + Resources1.ResourceURI + chr(10)
+ #T-78'SOD Category 2 Code':20(52834825)T-78# + " = " + vcSODCategoryCode2 + chr(10)
+ #T-61'Resource 2 URI':20(117798426)T-61# + " = " + Resources2.ResourceURI.
<M-60 run SetMessage
(input vcMessage (icMessage),
input 'RULE 1' (icArguments),
input 'tSyst.SystSODBlockViolations' (icFieldName),
input 'true' (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'blf-689644':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input vcContext (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end. /* each RoleResource2 */
/* validate rule 2 */
if first-of (Resources1.SODcategory_ID)
or vlConflictFound
then for each UsrRoleCompany1 fields (Usr_ID Role_ID Company_ID Domain_ID) no-lock where
UsrRoleCompany1.Role_ID = Role1.Role_ID,
each UsrRoleCompany2 fields (Usr_ID Role_ID Company_ID) no-lock where
UsrRoleCompany2.Usr_ID = UsrRoleCompany1.Usr_ID and
UsrRoleCompany2.Company_ID = UsrRoleCompany1.Company_ID and
UsrRoleCompany2.Role_ID <> Role1.Role_ID,
each Role2 fields (Role_ID RoleName RoleSODException) no-lock where
Role2.Role_ID = UsrRoleCompany2.Role_ID and
Role2.RoleSODException = no,
each RoleResource2 fields (Role_ID Resource_ID) no-lock where
RoleResource2.Role_ID = Role2.Role_ID,
each Resources2 fields (Resource_ID ResourceURI SODcategory_ID) no-lock where
Resources2.Resource_ID = RoleResource2.Resource_ID and
Resources2.SODcategory_ID <> 0,
each SODExclusion fields (SODCategory1_ID SODCategory2_ID) no-lock where
SODExclusion.SODCategory1_ID = Resources1.SODcategory_ID and
SODExclusion.SODCategory2_ID = Resources2.SODcategory_ID on error undo, throw:
vlPolicyException = no.
for each SODException fields (SODException_ID Usr_ID) no-lock where
SODException.Usr_ID = UsrRoleCompany1.Usr_ID:
if can-find (first SODExceptionLn where
SODExceptionLn.SODException_ID = SODException.SODException_ID and
SODExceptionLn.SODCategory1_ID = Resources1.SODcategory_ID and
SODExceptionLn.SODCategory2_ID = Resources2.SODcategory_ID and
(SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
(SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
or can-find (first SODExceptionLn where
SODExceptionLn.SODException_ID = SODException.SODException_ID and
SODExceptionLn.SODCategory1_ID = Resources2.SODcategory_ID and
SODExceptionLn.SODCategory2_ID = Resources1.SODcategory_ID and
(SODExceptionLn.Company_ID = UsrRoleCompany1.Company_ID or SODExceptionLn.Company_ID = 0) and
(SODExceptionLn.Domain_ID = UsrRoleCompany1.Domain_ID or SODExceptionLn.Domain_ID = 0))
then do:
vlPolicyException = yes.
leave.
end.
end. /* each SODException */
if vlPolicyException = no
then do:
/* conflict found. */
viConflicts = viConflicts + 1.
if viConflicts > 100 then return.
vcSODCompanyCode = "".
for first Company fields (Company_ID CompanyCode) no-lock where
Company.Company_ID = UsrRoleCompany1.Company_ID:
vcSODCompanyCode = Company.CompanyCode.
end.
vcSODUserName = "".
for first Usr fields (Usr_ID UsrName) no-lock where
Usr.Usr_ID = UsrRoleCompany1.Usr_ID:
vcSODUserName = Usr.UsrName.
end.
vcSODCategoryCode1 = "".
for first SODCategory fields (SODCategory_ID SODCategoryCode) no-lock where
SODCategory.SODCategory_ID = Resources1.SODcategory_ID:
vcSODCategoryCode1 = SODCategory.SODCategoryCode.
end.
vcSODCategoryCode2 = "".
for first SODCategory fields (SODCategory_ID SODCategoryCode) no-lock where
SODCategory.SODCategory_ID = Resources2.SODcategory_ID:
vcSODCategoryCode2 = SODCategory.SODCategoryCode.
end.
oiReturnStatus = -1.
vcMessage = #T-26'You cannot set the SOD blocking flag when violations ($1) still exist.':255(459643195)T-26#.
vcContext = #T-77'User Name':17(7033)T-77# + " = " + vcSODUserName + chr(10)
+ #T-831'Entity Code':24(8770)T-831# + " = " + vcSODCompanyCode + chr(10)
+ #T-57'Role 1 Name':20(733738256)T-57# + " = " + Role1.RoleName + chr(10)
+ #T-76'Resource 1 URI':20(998717657)T-76# + " = " + Resources1.ResourceURI + chr(10)
+ #T-91'SOD Category 1 Code':20(583998413)T-91# + " = " + vcSODCategoryCode1 + chr(10)
+ #T-6'Role 2 Name':20(73458301)T-6# + " = " + Role2.RoleName + chr(10)
+ #T-5'Resource 2 URI':20(117798426)T-5# + " = " + Resources2.ResourceURI + chr(10)
+ #T-35'SOD Category 2 Code':20(52834825)T-35# + " = " + vcSODCategoryCode2.
<M-47 run SetMessage
(input vcMessage (icMessage),
input 'RULE 2' (icArguments),
input 'tSyst.SystSODBlockViolations' (icFieldName),
input 'true' (icFieldValue),
input 'E' (icType),
input 3 (iiSeverity),
input t_sSyst.tc_Rowid (icRowid),
input 'blf-442229':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input vcContext (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end. /* vlPolicyException = no */
end. /* each UsrRoleCompany1 */
end. /* each RoleResource1 */
end. /* each Role */
end. /* each t_sSyst */
finally:
if viConflicts > 100
then do:
<M-45 run SetMessage
(input #T-29'Validation is aborted after 100 errors were reported.':255(415735840)T-29# (icMessage),
input '' (icArguments),
input '' (icFieldName),
input '' (icFieldValue),
input 'W' (icType),
input 3 (iiSeverity),
input '' (icRowid),
input 'blf-822986':U (icFcMsgNumber),
input '' (icFcExplanation),
input '' (icFcIdentification),
input '' (icFcContext),
output viFcReturnSuper (oiReturnStatus)) in BSystem>
end.
end finally.