project BLF > class BUser > method ApiEntitySecurityCheck

Description

Checks if a certain user has access to a certain entity.

Parameters


icUsrLogininputcharacterSame value as the mfgpro userid.
icEntityCodeinputcharacterCompanyCode
olAuthorizedoutputlogicalLogical that indicates that the user has access to this company or not.
oiReturnStatusoutputintegerReturn status of the method.

Internal usage


unused

program code (program3/buser.p)

If oiReturnStatus = 0 
Then Assign oiReturnStatus = -98.

Assign olAuthorized = False.
    
If icUsrLogin = ? Or
   icUsrLogin = ''
Then Do:
    Assign vcMessage = Trim(#T-1'The userlogin parameter is mandatory.':255(8699)T-1#)
           oiReturnStatus = -1.
    <M-2 run SetMessage
       (input  vcMessage (icMessage), 
        input  '' (icArguments), 
        input  '' (icFieldName), 
        input  '' (icFieldValue), 
        input  'E':U (icType), 
        input  3 (iiSeverity), 
        input  '' (icRowid), 
        input  'BLF-232':U (icFcMsgNumber), 
        input  '' (icFcExplanation), 
        input  '' (icFcIdentification), 
        input  '' (icFcContext), 
        output viFcReturnSuper (oiReturnStatus)) in BUser>
    Return.
End.

If icEntityCode = ? Or
   icEntityCode = ''
Then Do:
    Assign vcMessage = Trim(#T-4'The entitycode parameter is mandatory.':255(8700)T-4#)
           oiReturnStatus = -1.
    <M-3 run SetMessage
       (input  vcMessage (icMessage), 
        input  '' (icArguments), 
        input  '' (icFieldName), 
        input  '' (icFieldValue), 
        input  'E':U (icType), 
        input  3 (iiSeverity), 
        input  '' (icRowid), 
        input  'BLF-233':U (icFcMsgNumber), 
        input  '' (icFcExplanation), 
        input  '' (icFcIdentification), 
        input  '' (icFcContext), 
        output viFcReturnSuper (oiReturnStatus)) in BUser>
    Return.
End.

<Q-10 run CompanyPrim (all) (Read) (NoCache)
   (input ?, (LookupCompanyId)
    input icEntityCode, (CompanyCode)
    output dataset tqCompanyPrim) in BCompany >
find first tqCompanyPrim no-error.
if not available tqCompanyPrim
Then Do:
    Assign vcMessage = Trim(substitute(#T-12'The entity (&1) is not known.':255(9385)T-12#,icEntityCode))
           oiReturnStatus = -1.
    <M-11 run SetMessage
       (input  vcMessage (icMessage), 
        input  '' (icArguments), 
        input  '' (icFieldName), 
        input  '' (icFieldValue), 
        input  'E':U (icType), 
        input  3 (iiSeverity), 
        input  '' (icRowid), 
        input  'BLF-234':U (icFcMsgNumber), 
        input  '' (icFcExplanation), 
        input  '' (icFcIdentification), 
        input  '' (icFcContext), 
        output viFcReturnSuper (oiReturnStatus)) in BUser>
    Return.
End.

<Q-13 assign vlFcQueryRecordsAvailable = UserCompanies (NoCache)
   (input icUsrLogin, (UserLogin)
    input tqCompanyPrim.tiCompany_ID, (CyId)
    input ?, (DomainId)) in BUser >

assign olAuthorized = vlFcQueryRecordsAvailable.

If oiReturnStatus = -98 
Then Assign oiReturnStatus = 0.

Sample code: how to call this method through RPCRequestService (QXtend Inbound)

define temp-table ttContext no-undo
    field propertyQualifier as character
    field propertyName as character
    field propertyValue as character
    index entityContext is primary unique
        propertyQualifier
        propertyName
    index propertyQualifier
        propertyQualifier.

define dataset dsContext for ttContext.

define variable vhContextDS as handle no-undo.
define variable vhExceptionDS as handle no-undo.
define variable vhServer as handle no-undo.
define variable vhInputDS as handle no-undo.
define variable vhInputOutputDS as handle no-undo.
define variable vhOutputDS as handle no-undo.
define variable vhParameter as handle no-undo.

/* Create context */
create ttContext.
assign ttContext.propertyName = "programName"
       ttContext.propertyValue = "BUser".
create ttContext.
assign ttContext.propertyName = "methodName"
       ttContext.propertyValue = "ApiEntitySecurityCheck".
create ttContext.
assign ttContext.propertyName = "applicationId"
       ttContext.propertyValue = "fin".
create ttContext.
assign ttContext.propertyName = "entity"
       ttContext.propertyValue = "1000".
create ttContext.
assign ttContext.propertyName = "userName"
       ttContext.propertyValue = "mfg".
create ttContext.
assign ttContext.propertyName = "password"
       ttContext.propertyValue = "".

/* Create input dataset */
create dataset vhInputDS.
vhInputDS:read-xmlschema("file", "xml/buser.apientitysecuritycheck.i.xsd", ?).
vhParameter = vhInputDS:get-buffer-handle("tParameterI").
vhParameter:buffer-create().
assign vhParameter::icUsrLogin = <parameter value>
       vhParameter::icEntityCode = <parameter value>.

/* Connect the AppServer */
create server vhServer.
vhServer:connect("-URL <appserver-url>").

if not vhServer:connected()
then do:
    message "Could not connect AppServer" view-as alert-box error title "Error".
    return.
end.

/* Run */
assign vhContextDS = dataset dsContext:handle.

run program/rpcrequestservice.p on vhServer
    (input-output dataset-handle vhContextDS by-reference,
           output dataset-handle vhExceptionDS,
     input        dataset-handle vhInputDS by-reference,
     input-output dataset-handle vhInputOutputDS by-reference,
           output dataset-handle vhOutputDS).

/* Handle output however you want, in this example, we dump it to xml */
if valid-handle(vhExceptionDS)
then vhExceptionDS:write-xml("file", "Exceptions.xml", true).

if valid-handle(vhOutputDS)
then vhOutputDS:write-xml("file", "Output.xml", true).

/* Cleanup */
vhServer:disconnect().
assign vhServer = ?.

if valid-handle(vhInputDS)
then delete object vhInputDS.

if valid-handle(vhOutputDS)
then delete object vhOutputDS.

if valid-handle(vhExceptionDS)
then delete object vhExceptionDS.