project BLF > class Database Component > method ValidateActivityCode

Description

check if current user has permission to perform current activity on current object(s)


Parameters


oiReturnStatusoutputintegerReturn status of the method.


Internal usage


BLF
method database.ValidateComponent


program code (program1/database.p)

if vcActivityCode = ""
and vlTransactionMainInstance
then do:
    <M-65 run StartCacher
       (output vhFcComponent (ohCacher), 
        output viFcReturnSuper (oiReturnStatus)) in database>
        
    <M-32 run GetLogicalValueFromSession
       (input  viSessionID (iiSessionId), 
        input  'SynchronizeIsRunning' (icDataItemName), 
        output vlSynchronizeIsRunning (olValue), 
        output viFcReturnSuper (oiReturnStatus)) in Cacher>
        
    if viFcReturnSuper < 0
    then assign vlSynchronizeIsRunning = false.
    
    if vlSynchronizeIsRunning <> true
    then do:
        <I-45 {bFcRun
             &PARAMETERS           = "output vcValidateActivityList"
             &PROCEDURE            = "gipr_GetDefaultActivity"}>
    end.
end.
else vcValidateActivityList = vcActivityCode.

do vidx = 1 to num-entries(vcValidateActivityList):

    <M-9 run apiActivityIsAllowed
       (input  vcUserLogin (icUsrLogin), 
        input  '' (icCompanyCode), 
        input  entry(vidx,vcValidateActivityList) (icActivityCode), 
        output vlFcOk (olIsAllowed), 
        output viFcReturnSuper (oiReturnStatus)) in database>
    if viFcReturnSuper <> 0
    then assign oiReturnStatus = viFcReturnSuper.
    if viFcReturnSuper < 0
    then return.
    
    if vlFcOk = no
    then do:
        <M-10 run SetMessage
           (input  #T-1'You have no permission to perform this activity ($1) in component $2.':100(8579)T-1# (icMessage), 
            input  entry(vidx,vcValidateActivityList) + chr(2) + vcfccomponentName (icArguments), 
            input  '' (icFieldName), 
            input  '' (icFieldValue), 
            input  'D':U (icType), 
            input  3 (iiSeverity), 
            input  '' (icRowid), 
            input  'BLF-325':U (icFcMsgNumber), 
            input  '' (icFcExplanation), 
            input  '' (icFcIdentification), 
            input  '' (icFcContext), 
            output viFcReturnSuper (oiReturnStatus)) in database>
        assign oiReturnStatus = -3.
        return.
    end.
end.
    
<M-8 run DataDescription
   (input  '' (icRowids), 
    input  '' (icPkey), 
    input  '' (icObjectIds), 
    input  no (ilAllTables), 
    output viFcReturnSuper (oiReturnStatus)) in database>
if viFcReturnSuper <> 0
then assign oiReturnStatus = viFcReturnSuper.
if viFcReturnSuper < 0
then return.

find first tFcDynRel where tFcDynRel.tcFcFrom = "" no-error.
if available tFcDynRel
then do:
    <M-3 run GetKeyFields (input-output tFcDynRel.tcFcTo (bcTableName), 
                           output vcDummy (ocPrimaryKey), 
                           output vcDummy (ocAlternateKey), 
                           output vcObjectName (ocObjectID), 
                           output vcObjectStatus (ocObjectStatus), 
                           output viFcReturnSuper (oiReturnStatus)) in database>
    if viFcReturnSuper <> 0
    then assign oiReturnStatus = viFcReturnSuper.
    if viFcReturnSuper < 0
    then return.
end.

if vcObjectName   <> "" and
   vcObjectStatus <> ""
then do:
    assign vhField = tFcDynRel.thFcBuffer:buffer-field(vcObjectName).
    
    create query vhQuery in widget-pool "non-persistent".
    vhQuery:forward-only = yes.
    vhQuery:set-buffers(tFcDynRel.thFcBuffer).
    vhQuery:query-prepare("for each t_o":U + tFcDynRel.tcFcTo).
    vhQuery:query-open().
    vhQuery:get-first().
    
    do while not vhQuery:query-off-end:
    
        assign viObjectId = vhField:buffer-value.
    
        /* ================================================================= */
        /* Check activity on object status                                   */
        /* ================================================================= */
        <M-4 run GetActivitiesForStatus
           (input  viObjectId (iiObjectId), 
            output vcFcMaskList (ocActivityCodes), 
            output viFcReturnSuper (oiReturnStatus)) in database>
        if viFcReturnSuper <> 0
        then oiReturnStatus = viFcReturnSuper.
        if viFcReturnSuper < 0
        then return.

        if vcFcMaskList <> ""
        then do vidx = 1 to num-entries(vcValidateActivityList):
            if not can-do (vcFcMaskList,entry(vidx,vcValidateActivityList))
            then do:
                <M-5 run SetMessage
                   (input  #T-2'You have no permission to perform this activity ($1) on current object.':100(471)T-2# (icMessage), 
                    input  entry(vidx,vcValidateActivityList) (icArguments), 
                    input  '' (icFieldName), 
                    input  '' (icFieldValue), 
                    input  'D':U (icType), 
                    input  3 (iiSeverity), 
                    input  '' (icRowid), 
                    input  'BLF-323':U (icFcMsgNumber), 
                    input  '' (icFcExplanation), 
                    input  'current object = ':U + string(viObjectId) (icFcIdentification), 
                    input  'allowed activities = ':U + vcFcMaskList (icFcContext), 
                    output viFcReturnSuper (oiReturnStatus)) in database>
                assign oiReturnStatus = -3.
                return.
            end.
        end.
        
        /* ================================================================= */
        /* Check if current activity can be performed on current object      */
        /* by current user (row security)                                    */
        /* ================================================================= */
        if  vlObjectSecurityActive
        and vcUserName <> ""
        then do vidx = 1 to num-entries(vcValidateActivityList):
            <M-11 run GetPKValues (input  tFcDynRel.thFcBuffer (ihBuffer), 
                           output vcPK (ocPKValue), 
                           output viFcReturnSuper (oiReturnStatus)) in database>
            if viFcReturnSuper <> 0
            then assign oiReturnStatus = viFcReturnSuper.
            if viFcReturnSuper < 0
            then return.
    
            <Q-6 run ObjectActivities (all) (Read) (NoCache)
          (input vcPK, (ObjectRef)
           input vcFcComponentName, (BusCompCode)
           output dataset tqObjectActivities) in BObjectSecurity >
            if      can-find (first tqObjectActivities where
                                    tqObjectActivities.tcBusComponentCode = vcFcComponentName and
                                    tqObjectActivities.tcBusActivityCode  = entry(vidx,vcValidateActivityList))
            and not can-find (first tqObjectActivities where
                                    tqObjectActivities.tcBusComponentCode = vcFcComponentName and
                                    tqObjectActivities.tcBusActivityCode  = entry(vidx,vcValidateActivityList) and
                                    tqObjectActivities.tcUsrLogin         = vcUserLogin)
            then do:
                <M-7 run SetMessage
                   (input  #T-3'You have no permission to perform this activity ($1) on current object.':100(471)T-3# (icMessage), 
                    input  entry(vidx,vcValidateActivityList) (icArguments), 
                    input  '' (icFieldName), 
                    input  '' (icFieldValue), 
                    input  'D':U (icType), 
                    input  3 (iiSeverity), 
                    input  '' (icRowid), 
                    input  'BLF-324':U (icFcMsgNumber), 
                    input  '' (icFcExplanation), 
                    input  '' (icFcIdentification), 
                    input  '' (icFcContext), 
                    output viFcReturnSuper (oiReturnStatus)) in database>
                assign oiReturnStatus = -3.
                return.
            end.
        end.
    
        vhQuery:get-next().
    end.
end.

finally:
    if vhQuery <> ?
    then do:
        vhQuery:query-close().
        delete object vhQuery.
    end.
end finally.