static void JobSecurityRoleEntryPoints(Args _args)
{
SecurityTaskEntryPoint taskEntryPoint;
SecurityRole role;
SecurityRoleTaskGrant taskGrant;
SecuritySubTask subTask;
SecurityTask privilege;
SecurityTask securityTask;
SecurableObject securableObject;
RecId roleRecId;
#AOT
str userlicense, maintainlicense, privName;
TreeNode treeMenuItem;
TreeNode treeMenu;
while select RecId, Name from role where role.AotName == 'TradeCustomer'
{
roleRecId = role.RecId;
while select securityTask, SecurityRole from taskGrant
join RecId, Type, AOTName from securitytask where securityTask.RecId == taskGrant.SecurityTask
&& taskGrant.SecurityRole == roleRecId && securitytask.Type == SecurityTaskType::Duty
join securityTask, SecuritySubTask from subTask where subTask.SecurityTask == securityTask.RecId
join securityTask, EntryPoint from taskEntryPoint where taskEntryPoint.SecurityTask == subtask.SecuritySubTask
{
select RecId, Type, Name from securableObject
where securableObject.RecId == taskEntryPoint.EntryPoint && (securableObject.Type == SecurableType::MenuItemDisplay
|| securableObject.Type == SecurableType::MenuItemAction || securableObject.Type == SecurableType::MenuItemOutput);
if( securableObject)
{
select RecId, Type, AOTName from privilege where privilege.RecId == subTask.SecuritySubTask && SecurityTaskType::Privilege == privilege.Type;
privName = privilege.AotName;
info(strFmt("Role: %1 Duty: %2 Priv: %3 Menu item : %4", role.Name,securitytask.AotName,privName,securableObject.Name));
}
}
//sometimes a role has a privielge direclty assigned instead of a duty. So this code is for those privileges. In this case duty will not exist.
while select SecurityTask, SecurityRole from taskGrant
join RecId, Type, AOTName from securitytask where securityTask.RecId == taskGrant.SecurityTask
&& taskGrant.SecurityRole == roleRecId && securitytask.Type == SecurityTaskType::Privilege
join securityTask, EntryPoint from taskEntryPoint where taskEntryPoint.SecurityTask == securitytask.RecId
{
select RecId, Type, Name from securableObject
where securableObject.RecId == taskEntryPoint.EntryPoint && (securableObject.Type == SecurableType::MenuItemDisplay
|| securableObject.Type == SecurableType::MenuItemAction || securableObject.Type == SecurableType::MenuItemOutput);
if( securableObject)
{
info(strFmt("Role: %1 Duty: Priv: %2 Menu item : %3", role.Name,securitytask.AotName,securableObject.Name));
}
}
}
}
{
SecurityTaskEntryPoint taskEntryPoint;
SecurityRole role;
SecurityRoleTaskGrant taskGrant;
SecuritySubTask subTask;
SecurityTask privilege;
SecurityTask securityTask;
SecurableObject securableObject;
RecId roleRecId;
#AOT
str userlicense, maintainlicense, privName;
TreeNode treeMenuItem;
TreeNode treeMenu;
while select RecId, Name from role where role.AotName == 'TradeCustomer'
{
roleRecId = role.RecId;
while select securityTask, SecurityRole from taskGrant
join RecId, Type, AOTName from securitytask where securityTask.RecId == taskGrant.SecurityTask
&& taskGrant.SecurityRole == roleRecId && securitytask.Type == SecurityTaskType::Duty
join securityTask, SecuritySubTask from subTask where subTask.SecurityTask == securityTask.RecId
join securityTask, EntryPoint from taskEntryPoint where taskEntryPoint.SecurityTask == subtask.SecuritySubTask
{
select RecId, Type, Name from securableObject
where securableObject.RecId == taskEntryPoint.EntryPoint && (securableObject.Type == SecurableType::MenuItemDisplay
|| securableObject.Type == SecurableType::MenuItemAction || securableObject.Type == SecurableType::MenuItemOutput);
if( securableObject)
{
select RecId, Type, AOTName from privilege where privilege.RecId == subTask.SecuritySubTask && SecurityTaskType::Privilege == privilege.Type;
privName = privilege.AotName;
info(strFmt("Role: %1 Duty: %2 Priv: %3 Menu item : %4", role.Name,securitytask.AotName,privName,securableObject.Name));
}
}
//sometimes a role has a privielge direclty assigned instead of a duty. So this code is for those privileges. In this case duty will not exist.
while select SecurityTask, SecurityRole from taskGrant
join RecId, Type, AOTName from securitytask where securityTask.RecId == taskGrant.SecurityTask
&& taskGrant.SecurityRole == roleRecId && securitytask.Type == SecurityTaskType::Privilege
join securityTask, EntryPoint from taskEntryPoint where taskEntryPoint.SecurityTask == securitytask.RecId
{
select RecId, Type, Name from securableObject
where securableObject.RecId == taskEntryPoint.EntryPoint && (securableObject.Type == SecurableType::MenuItemDisplay
|| securableObject.Type == SecurableType::MenuItemAction || securableObject.Type == SecurableType::MenuItemOutput);
if( securableObject)
{
info(strFmt("Role: %1 Duty: Priv: %2 Menu item : %3", role.Name,securitytask.AotName,securableObject.Name));
}
}
}
}
No comments:
Post a Comment