Java > Open Source Codes > org > compiere > model > MRole


1 /******************************************************************************
2  * The contents of this file are subject to the Compiere License Version 1.1
3  * ("License"); You may not use this file except in compliance with the License
4  * You may obtain a copy of the License at http://www.compiere.org/license.html
5  * Software distributed under the License is distributed on an "AS IS" basis,
6  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
7  * the specific language governing rights and limitations under the License.
8  * The Original Code is Compiere ERP & CRM Business Solution
9  * The Initial Developer of the Original Code is Jorg Janke and ComPiere, Inc.
10  * Portions created by Jorg Janke are Copyright (C) 1999-2003 Jorg Janke, parts
11  * created by ComPiere are Copyright (C) ComPiere, Inc.; All Rights Reserved.
12  * Contributor(s): ______________________________________.
13  *****************************************************************************/
14 package org.compiere.model;
15
16 import java.net.*;
17 import java.sql.*;
18 import java.util.*;
19
20 import org.compiere.util.*;
21
22 /**
23  * Role Model.
24  * The class is final, so that you cannot overwrite the security rules.
25  *
26  * @author Jorg Janke
27  * @version $Id: MRole.java,v 1.10 2003/11/07 06:37:56 jjanke Exp $
28  */
29 public final class MRole extends X_AD_Role
30 {
31     /**
32      * Get Default Role
33      * @return role
34      */
35     public static MRole getDefault ()
36     {
37         if (s_defaultRole == null && Ini.isClient())
38             return getDefault (Env.getCtx(), false);
39         return s_defaultRole;
40     } // getDefault
41
42     /**
43      * Get/Set Default Role.
44      * @see org.compiere.util.DB#loadPreferences
45      * @param ctx context
46      * @param reload if true forces load
47      * @return role
48      */
49     public static MRole getDefault (Properties ctx, boolean reload)
50     {
51         int AD_Role_ID = Env.getContextAsInt(ctx, "#AD_Role_ID");
52         int AD_User_ID = Env.getContextAsInt(ctx, "#AD_User_ID");
53         if (reload || s_defaultRole == null)
54         {
55             s_defaultRole = get (ctx, AD_Role_ID, AD_User_ID, reload);
56         }
57         else if (s_defaultRole.getAD_Role_ID() != AD_Role_ID
58             || s_defaultRole.getAD_User_ID() != AD_User_ID)
59         {
60             s_defaultRole = get (ctx, AD_Role_ID, AD_User_ID, reload);
61         }
62         return s_defaultRole;
63     } // getDefault
64
65     /**
66      * Get Role for User
67      * @param ctx, context
68      * @param AD_Role_ID role
69      * @param AD_User_ID user
70      * @param reload if true forces load
71      * @return role
72      */
73     public static MRole get (Properties ctx, int AD_Role_ID, int AD_User_ID, boolean reload)
74     {
75         s_log.info("get - AD_Role_ID=" + AD_Role_ID + ", AD_User_ID=" + AD_User_ID + ", reload=" + reload);
76         String key = AD_Role_ID + "_" + AD_User_ID;
77         MRole role = (MRole)s_roles.get (key);
78         if (role == null || reload)
79         {
80             role = new MRole (ctx, AD_Role_ID);
81             s_roles.put (key, role);
82             if (AD_Role_ID == 0)
83                 role.load(); // special Handling
84 role.setAD_User_ID(AD_User_ID);
85             s_log.info("get - " + role);
86         }
87         return role;
88     } // get
89
90     
91     /** Default Role */
92     private static MRole s_defaultRole = null;
93     /** Role/User Cache */
94     private static CCache s_roles = new CCache("MRole", 5);
95     /** Log */
96     private static Logger s_log = Logger.getCLogger(MRole.class);
97     
98     /** Access SQL Read Write */
99     public static final boolean SQL_RW = true;
100     /** Access SQL Read Only */
101     public static final boolean SQL_RO = false;
102     /** Access SQL Fully Qualified */
103     public static final boolean SQL_FULLYQUALIFIED = true;
104     /** Access SQL Not Fully Qualified */
105     public static final boolean SQL_NOTQUALIFIED = false;
106
107     
108     
109     /*************************************************************************/
110     
111     /**
112      * Standard Constructor
113      * @param ctx context
114      * @param AD_Role_ID id
115      */
116     public MRole (Properties ctx, int AD_Role_ID)
117     {
118         super(ctx, AD_Role_ID);
119         if (AD_Role_ID == 0)
120         {
121         /**
122         // setAD_Role_ID (0);
123             setIsCanExport (false);
124             setIsCanReport (false);
125             setIsManual (false);
126             setIsPersonalAccess (false);
127             setIsPersonalLock (false);
128             setIsShowAcct (false);
129         // setName (null);
130             setUserLevel (USERLEVEL_Client);
131         // setClientList (null);
132         // setOrgList (null);
133         **/
134         }
135     } // MRole
136
137     /**
138      * Load Constructor
139      * @param ctx context
140      * @param rs result set
141      */
142     public MRole(Properties ctx, ResultSet rs)
143     {
144         super(ctx, rs);
145     } // MRole
146
147     /**
148      * String Representation
149      * @return info
150      */
151     public String toString()
152     {
153         StringBuffer sb = new StringBuffer ("MRole[");
154         sb.append(getAD_Role_ID()).append(",").append(getName())
155             .append(",UserLevel=").append(getUserLevel())
156             .append(",").append(getClientWhere(false))
157             .append(",").append(getOrgWhere(false))
158             .append("]");
159         return sb.toString();
160     } // toString
161
162     /**
163      * Extended String Representation
164      * @return extended info
165      */
166     public String toStringX (Properties ctx)
167     {
168         StringBuffer sb = new StringBuffer ();
169         sb.append(Msg.translate(ctx, "AD_Role_ID")).append("=").append(getName())
170             .append(" - ").append(Msg.translate(ctx, "IsCanExport")).append("=").append(isCanExport())
171             .append(" - ").append(Msg.translate(ctx, "IsCanReport")).append("=").append(isCanReport())
172             .append(Env.NL).append(Env.NL);
173         //
174 for (int i = 0; i < m_orgAccess.length; i++)
175             sb.append(m_orgAccess[i].toStringX(ctx)).append(Env.NL);
176         sb.append(Env.NL);
177         //
178 loadTableAccess(false);
179         for (int i = 0; i < m_tableAccess.length; i++)
180             sb.append(m_tableAccess[i].toStringX(ctx)).append(Env.NL);
181         if (m_tableAccess.length > 0)
182             sb.append(Env.NL);
183         //
184 loadColumnAccess(false);
185         for (int i = 0; i < m_columnAccess.length; i++)
186             sb.append(m_columnAccess[i].toStringX(ctx)).append(Env.NL);
187         if (m_columnAccess.length > 0)
188             sb.append(Env.NL);
189         //
190 loadRecordAccess(false);
191         for (int i = 0; i < m_recordAccess.length; i++)
192             sb.append(m_recordAccess[i].toStringX(ctx)).append(Env.NL);
193         return sb.toString();
194     } // toStringX
195
196
197     /**
198      * Load Access Info
199      * @param reload re-load from disk
200      */
201     public void loadAccess (boolean reload)
202     {
203         loadOrgAccess(reload);
204         loadTableAccess(reload);
205         loadTableInfo(reload);
206         loadColumnAccess(reload);
207         loadRecordAccess(reload);
208         if (reload)
209         {
210             m_windowAccess = null;
211             m_processAccess = null;
212             m_taskAccess = null;
213             m_workflowAccess = null;
214             m_formAccess = null;
215         }
216     } // loadAccess
217
218
219     /*************************************************************************/
220
221     /** User */
222     private int m_AD_User_ID = -1;
223
224     /** Positive List of Organizational Access */
225     private MRoleOrgAccess[] m_orgAccess = null;
226     /** List of Table Access */
227     private MTableAccess[] m_tableAccess = null;
228     /** List of Column Access */
229     private MColumnAccess[] m_columnAccess = null;
230     /** List of Record Access */
231     private MRecordAccess[] m_recordAccess = null;
232     /** List of Dependent Record Access */
233     private MRecordAccess[] m_recordDependentAccess = null;
234     
235     /** Table Data Access Level */
236     private HashMap m_tableAccessLevel = null;
237     /** Table Name */
238     private HashMap m_tableName = null;
239     
240     /** Window Access */
241     private HashMap m_windowAccess = null;
242     /** Process Access */
243     private HashMap m_processAccess = null;
244     /** Task Access */
245     private HashMap m_taskAccess = null;
246     /** Workflow Access */
247     private HashMap m_workflowAccess = null;
248     /** Form Access */
249     private HashMap m_formAccess = null;
250
251     /**
252      * Set Logged in user
253      * @param AD_User_ID user requesting info
254      */
255     public void setAD_User_ID(int AD_User_ID)
256     {
257         m_AD_User_ID = AD_User_ID;
258     } // setAD_User_ID
259
260     /**
261      * Get Logged in user
262      * @return AD_User_ID user requesting info
263      */
264     public int getAD_User_ID()
265     {
266         return m_AD_User_ID;
267     } // getAD_User_ID
268
269     /**
270      * Load Org Access
271      * @param reload reload
272      */
273     private void loadOrgAccess (boolean reload)
274     {
275         if (!(reload || m_orgAccess == null))
276             return;
277         ArrayList list = new ArrayList();
278         PreparedStatement pstmt = null;
279         String sql = "SELECT * FROM AD_Role_OrgAccess "
280             + "WHERE AD_Role_ID=? AND IsActive='Y'";
281         try
282         {
283             pstmt = DB.prepareCall(sql);
284             pstmt.setInt(1, getAD_Role_ID());
285             ResultSet rs = pstmt.executeQuery();
286             while (rs.next())
287                 list.add(new MRoleOrgAccess(getCtx(), rs));
288             rs.close();
289             pstmt.close();
290             pstmt = null;
291         }
292         catch (Exception e)
293         {
294             log.error("loadOrgAccess", e);
295         }
296         try
297         {
298             if (pstmt != null)
299                 pstmt.close();
300             pstmt = null;
301         }
302         catch (Exception e)
303         {
304             pstmt = null;
305         }
306         m_orgAccess = new MRoleOrgAccess[list.size()];
307         list.toArray(m_orgAccess);
308         log.debug("loadOrgAccess - #" + m_orgAccess.length + (reload ? " - reload" : ""));
309     } // loadOrgAccess
310
311     /**
312      * Load Table Access
313      * @param reload reload
314      */
315     private void loadTableAccess(boolean reload)
316     {
317         if (m_tableAccess != null && !reload)
318             return;
319         ArrayList list = new ArrayList();
320         PreparedStatement pstmt = null;
321         String sql = "SELECT * FROM AD_Table_Access "
322             + "WHERE AD_Role_ID=? AND IsActive='Y'";
323         try
324         {
325             pstmt = DB.prepareCall(sql);
326             pstmt.setInt(1, getAD_Role_ID());
327             ResultSet rs = pstmt.executeQuery();
328             while (rs.next())
329                 list.add(new MTableAccess(getCtx(), rs));
330             rs.close();
331             pstmt.close();
332             pstmt = null;
333         }
334         catch (Exception e)
335         {
336             log.error("loadTableAccess", e);
337         }
338         try
339         {
340             if (pstmt != null)
341                 pstmt.close();
342             pstmt = null;
343         }
344         catch (Exception e)
345         {
346             pstmt = null;
347         }
348         m_tableAccess = new MTableAccess[list.size()];
349         list.toArray(m_tableAccess);
350         log.debug("loadTableAccess - #" + m_tableAccess.length);
351     } // loadTableAccess
352
353     /**
354      * Load Table Access and Name
355      * @param reload reload
356      */
357     private void loadTableInfo (boolean reload)
358     {
359         if (m_tableAccessLevel != null && m_tableName != null && !reload)
360             return;
361         m_tableAccessLevel = new HashMap(300);
362         m_tableName = new HashMap(300);
363         PreparedStatement pstmt = null;
364         String sql = "SELECT AD_Table_ID, AccessLevel, TableName "
365             + "FROM AD_Table WHERE IsActive='Y'";
366         try
367         {
368             pstmt = DB.prepareCall(sql);
369             ResultSet rs = pstmt.executeQuery();
370             while (rs.next())
371             {
372                 Integer ii = new Integer (rs.getInt(1));
373                 m_tableAccessLevel.put(ii, rs.getString(2));
374                 m_tableName.put(rs.getString(3), ii);
375             }
376             rs.close();
377             pstmt.close();
378             pstmt = null;
379         }
380         catch (Exception e)
381         {
382             log.error("loadTableAccessLevel", e);
383         }
384         try
385         {
386             if (pstmt != null)
387                 pstmt.close();
388             pstmt = null;
389         }
390         catch (Exception e)
391         {
392             pstmt = null;
393         }
394         log.debug("loadTableAccessLevel - #" + m_tableAccessLevel.size());
395     } // loadTableAccessLevel
396
397     
398     /**
399      * Load Column Access
400      * @param reload reload
401      */
402     private void loadColumnAccess(boolean reload)
403     {
404         if (m_columnAccess != null && !reload)
405             return;
406         ArrayList list = new ArrayList();
407         PreparedStatement pstmt = null;
408         String sql = "SELECT * FROM AD_Column_Access "
409             + "WHERE AD_Role_ID=? AND IsActive='Y'";
410         try
411         {
412             pstmt = DB.prepareCall(sql);
413             pstmt.setInt(1, getAD_Role_ID());
414             ResultSet rs = pstmt.executeQuery();
415             while (rs.next())
416                 list.add(new MColumnAccess(getCtx(), rs));
417             rs.close();
418             pstmt.close();
419             pstmt = null;
420         }
421         catch (Exception e)
422         {
423             log.error("loadColumnAccess", e);
424         }
425         try
426         {
427             if (pstmt != null)
428                 pstmt.close();
429             pstmt = null;
430         }
431         catch (Exception e)
432         {
433             pstmt = null;
434         }
435         m_columnAccess = new MColumnAccess[list.size()];
436         list.toArray(m_columnAccess);
437         log.debug("loadColumnAccess - #" + m_columnAccess.length);
438     } // loadColumnAccess
439
440     /**
441      * Load Record Access
442      * @param reload reload
443      */
444     private void loadRecordAccess(boolean reload)
445     {
446         if (!(reload || m_recordAccess == null || m_recordDependentAccess == null))
447             return;
448         ArrayList list = new ArrayList();
449         ArrayList dependent = new ArrayList();
450         PreparedStatement pstmt = null;
451         String sql = "SELECT * FROM AD_Record_Access "
452             + "WHERE AD_Role_ID=? AND IsActive='Y'";
453         try
454         {
455             pstmt = DB.prepareCall(sql);
456             pstmt.setInt(1, getAD_Role_ID());
457             ResultSet rs = pstmt.executeQuery();
458             while (rs.next())
459             {
460                 MRecordAccess ra = new MRecordAccess(getCtx(), rs);
461                 list.add(ra);
462                 if (ra.isDependentEntities())
463                     dependent.add(ra);
464             }
465             rs.close();
466             pstmt.close();
467             pstmt = null;
468         }
469         catch (Exception e)
470         {
471             log.error("loadRecordAccess", e);
472         }
473         try
474         {
475             if (pstmt != null)
476                 pstmt.close();
477             pstmt = null;
478         }
479         catch (Exception e)
480         {
481             pstmt = null;
482         }
483         m_recordAccess = new MRecordAccess[list.size()];
484         list.toArray(m_recordAccess);
485         m_recordDependentAccess = new MRecordAccess[dependent.size()];
486         dependent.toArray(m_recordDependentAccess);
487         log.debug("loadRecordAccess - #" + m_recordAccess.length + " - Dependent #" + m_recordDependentAccess.length);
488     } // loadRecordAccess
489
490     /*************************************************************************/
491     
492     /**
493      * Get Client Where Clause Value
494      * @param rw read write
495      * @return "AD_Client_ID=0" or "AD_Client_ID IN(0,1)"
496      */
497     public String getClientWhere (boolean rw)
498     {
499         loadOrgAccess(false);
500         // Unique Strings
501 HashSet set = new HashSet();
502         if (!rw)
503             set.add("0");
504         // Positive List
505 for (int i = 0; i < m_orgAccess.length; i++)
506             set.add(String.valueOf(m_orgAccess[i].getAD_Client_ID()));
507         //
508 StringBuffer sb = new StringBuffer ();
509         Iterator it = set.iterator();
510         boolean oneOnly = true;
511         while (it.hasNext())
512         {
513             if (sb.length() > 0)
514             {
515                 sb.append(",");
516                 oneOnly = false;
517             }
518             sb.append(it.next());
519         }
520         if (oneOnly)
521         {
522             if (sb.length() > 0)
523                 return "AD_Client_ID=" + sb.toString();
524             else
525             {
526                 log.error("getClientWhere - No Access Org records");
527                 return "AD_Client_ID=-1"; // No Access Record
528 }
529         }
530         return "AD_Client_ID IN(" + sb.toString() + ")";
531     } // getClientWhereValue
532
533     /**
534      * Access to Client
535      * @param AD_Client_ID client
536      * @param rw read write access
537      * @return true if access
538      */
539     public boolean isClientAccess(int AD_Client_ID, boolean rw)
540     {
541         if (AD_Client_ID == 0 && !rw) // can always read System
542 return true;
543         loadOrgAccess(false);
544         // Positive List
545 for (int i = 0; i < m_orgAccess.length; i++)
546         {
547             if (m_orgAccess[i].getAD_Client_ID() == AD_Client_ID)
548                 return true;
549         }
550         return false;
551     } // isClientAccess
552
553     /**
554      * Get Org Where Clause Value
555      * @param rw read write
556      * @return "AD_Org_ID=0" or "AD_Org_ID IN(0,1)"
557      */
558     public String getOrgWhere (boolean rw)
559     {
560         loadOrgAccess(false);
561         // Unique Strings
562 HashSet set = new HashSet();
563         if (!rw)
564             set.add("0");
565         // Positive List
566 for (int i = 0; i < m_orgAccess.length; i++)
567             set.add(String.valueOf(m_orgAccess[i].getAD_Org_ID()));
568         //
569 StringBuffer sb = new StringBuffer ();
570         Iterator it = set.iterator();
571         boolean oneOnly = true;
572         while (it.hasNext())
573         {
574             if (sb.length() > 0)
575             {
576                 sb.append(",");
577                 oneOnly = false;
578             }
579             sb.append(it.next());
580         }
581         if (oneOnly)
582         {
583             if (sb.length() > 0)
584                 return "AD_Org_ID=" + sb.toString();
585             else
586             {
587                 log.error("getOrgWhere - No Access Org records");
588                 return "AD_Org_ID=-1"; // No Access Record
589 }
590         }
591         return "AD_Org_ID IN(" + sb.toString() + ")";
592     } // getOrgWhereValue
593
594     /**
595      * Access to Org
596      * @param AD_Org_ID org
597      * @param rw read write access
598      * @return true if access
599      */
600     public boolean isOrgAccess(int AD_Org_ID, boolean rw)
601     {
602         if (AD_Org_ID == 0 && !rw) // can always read common org
603 return true;
604         loadOrgAccess(false);
605         
606         // Positive List
607 for (int i = 0; i < m_orgAccess.length; i++)
608         {
609             if (m_orgAccess[i].getAD_Org_ID() == AD_Org_ID)
610                 return true;
611         }
612         return false;
613     } // isOrgAccess
614
615
616     /**
617      * Can Report on table
618      * @param AD_Table_ID table
619      * @return true if access
620      */
621     public boolean isCanReport (int AD_Table_ID)
622     {
623         if (!isCanReport()) // Role Level block
624 {
625             log.warn ("isCanReport - Role denied");
626             return false;
627         }
628         if (!isTableAccess(AD_Table_ID, true)) // No R/O Access to Table
629 return false;
630         //
631 boolean canReport = true;
632         for (int i = 0; i < m_tableAccess.length; i++)
633         {
634             if (!MTableAccess.ACCESSTYPERULE_Reporting.equals(m_tableAccess[i].getAccessTypeRule()))
635                 continue;
636             if (m_tableAccess[i].isExclude()) // Exclude
637 {
638                 if (m_tableAccess[i].getAD_Table_ID() == AD_Table_ID)
639                 {
640                     canReport = m_tableAccess[i].isCanReport();
641                     log.debug ("isCanReport - Exclude " + AD_Table_ID + " - " + canReport);
642                     return canReport;
643                 }
644             }
645             else // Include
646 {
647                 canReport = false;
648                 if (m_tableAccess[i].getAD_Table_ID() == AD_Table_ID)
649                 {
650                     canReport = m_tableAccess[i].isCanReport();
651                     log.debug ("isCanReport - Include " + AD_Table_ID + " - " + canReport);
652                     return canReport;
653                 }
654             }
655         } // for all Table Access
656 log.debug ("isCanReport - " + AD_Table_ID + " - " + canReport);
657         return canReport;
658     } // isCanReport
659
660     /**
661      * Can Export Table
662      * @param AD_Table_ID
663      * @return true if access
664      */
665     public boolean isCanExport (int AD_Table_ID)
666     {
667         if (!isCanExport()) // Role Level block
668 {
669             log.warn ("isCanExport - Role denied");
670             return false;
671         }
672         if (!isTableAccess(AD_Table_ID, true)) // No R/O Access to Table
673 return false;
674         if (!isCanReport (AD_Table_ID))
675             return false;
676         //
677 boolean canExport = true;
678         for (int i = 0; i < m_tableAccess.length; i++)
679         {
680             if (!MTableAccess.ACCESSTYPERULE_Exporting.equals(m_tableAccess[i].getAccessTypeRule()))
681                 continue;
682             if (m_tableAccess[i].isExclude()) // Exclude
683 {
684                 canExport = m_tableAccess[i].isCanExport();
685                 log.debug ("isCanExport - Exclude " + AD_Table_ID + " - " + canExport);
686                 return canExport;
687             }
688             else // Include
689 {
690                 canExport = false;
691                 canExport = m_tableAccess[i].isCanExport();
692                 log.debug ("isCanExport - Include " + AD_Table_ID + " - " + canExport);
693                 return canExport;
694             }
695         } // for all Table Access
696 log.debug ("isCanExport - " + AD_Table_ID + " - " + canExport);
697         return canExport;
698     } // isCanExport
699
700     /**
701      * Access to Table
702      * @param AD_Table_ID table
703      * @param ro check read only access otherwise read write access level
704      * @return has RO/RW access to table
705      */
706     public boolean isTableAccess (int AD_Table_ID, boolean ro)
707     {
708         if (!isTableAccessLevel (AD_Table_ID, ro)) // Role Based Access
709 return false;
710         loadTableAccess(false);
711         //
712 boolean hasAccess = true; // assuming exclusive rule
713 for (int i = 0; i < m_tableAccess.length; i++)
714         {
715             if (!MTableAccess.ACCESSTYPERULE_Accessing.equals(m_tableAccess[i].getAccessTypeRule()))
716                 continue;
717             if (m_tableAccess[i].isExclude()) // Exclude
718 // If you Exclude Access to a table and select Read Only,
719 // you can only read data (otherwise no access).
720 {
721                 if (m_tableAccess[i].getAD_Table_ID() == AD_Table_ID)
722                 {
723                     if (ro)
724                         hasAccess = m_tableAccess[i].isReadOnly();
725                     else
726                         hasAccess = false;
727                     log.debug("isTableAccess - Exclude AD_Table_ID=" + AD_Table_ID
728                         + " (ro=" + ro + ",TableAccessRO=" + m_tableAccess[i].isReadOnly() + ") = " + hasAccess);
729                     return hasAccess;
730                 }
731             }
732             else // Include
733 // If you Include Access to a table and select Read Only,
734 // you can only read data (otherwise full access).
735 {
736                 hasAccess = false;
737                 if (m_tableAccess[i].getAD_Table_ID() == AD_Table_ID)
738                 {
739                     if (!ro) // rw only if not r/o
740 hasAccess = !m_tableAccess[i].isReadOnly();
741                     else
742                         hasAccess = true;
743                     log.debug("isTableAccess - Include AD_Table_ID=" + AD_Table_ID
744                         + " (ro=" + ro + ",TableAccessRO=" + m_tableAccess[i].isReadOnly() + ") = " + hasAccess);
745                     return hasAccess;
746                 }
747             }
748         } // for all Table Access
749 if (!hasAccess)
750             log.debug("isTableAccess - AD_Table_ID=" + AD_Table_ID
751                 + "(ro=" + ro + ") = " + hasAccess);
752         return hasAccess;
753     } // isTableAccess
754
755     /**
756      * Access to Table based on Role User Level Table Access Level
757      * @param AD_Table_ID table
758      * @param ro check read only access otherwise read write access level
759      * @return has RO/RW access to table
760      */
761     public boolean isTableAccessLevel (int AD_Table_ID, boolean ro)
762     {
763         if (ro) // role can always read
764 return true;
765         //
766 loadTableInfo(false);
767         // AccessLevel
768 // 1 = Org - 2 = Client - 4 = System
769 // 3 = Org+Client - 6 = Client+System - 7 = All
770 String accessLevel = (String )m_tableAccessLevel.get(new Integer (AD_Table_ID));
771         if (accessLevel == null)
772         {
773             log.debug("isTableAccessLevel - NO - No AccessLevel - AD_Table_ID=" + AD_Table_ID);
774             return false;
775         }
776         // Access to all User Levels
777 if (accessLevel.equals(X_AD_Table.ACCESSLEVEL_All))
778             return true;
779         // User Level = SCO
780 String userLevel = getUserLevel();
781         //
782 if (userLevel.charAt(0) == 'S'
783             && (accessLevel.equals(X_AD_Table.ACCESSLEVEL_SystemOnly)
784                 || accessLevel.equals(X_AD_Table.ACCESSLEVEL_SystemPlusClient)))
785             return true;
786         if (userLevel.charAt(1) == 'C'
787             && (accessLevel.equals(X_AD_Table.ACCESSLEVEL_ClientOnly)
788                 || accessLevel.equals(X_AD_Table.ACCESSLEVEL_SystemPlusClient)))
789             return true;
790         if (userLevel.charAt(2) == 'O'
791             && (accessLevel.equals(X_AD_Table.ACCESSLEVEL_Organization)
792                 || accessLevel.equals(X_AD_Table.ACCESSLEVEL_ClientPlusOrganization)))
793             return true;
794         log.debug("isTableAccessLevel - NO - AD_Table_ID=" + AD_Table_ID
795             + ", UserLebel=" + userLevel + ", AccessLevel=" + accessLevel);
796         return false;
797     } // isTableAccessLevel
798
799
800     /**
801      * Access to Column
802      * @param AD_Table_ID table
803      * @param AD_Column_ID column
804      * @param ro read only
805      * @return true if access
806      */
807     public boolean isColumnAccess (int AD_Table_ID, int AD_Column_ID, boolean ro)
808     {
809         if (!isTableAccess(AD_Table_ID, ro)) // No Access to Table
810 return false;
811         loadColumnAccess(false);
812         
813         boolean retValue = true; // assuming exclusive
814 for (int i = 0; i < m_columnAccess.length; i++)
815         {
816             if (m_columnAccess[i].isExclude()) // Exclude
817 // If you Exclude Access to a column and select Read Only,
818 // you can only read data (otherwise no access).
819 {
820                 if (m_columnAccess[i].getAD_Table_ID() == AD_Table_ID
821                     && m_columnAccess[i].getAD_Column_ID() == AD_Column_ID)
822                 {
823                     if (ro) // just R/O Access requested
824 retValue = m_columnAccess[i].isReadOnly();
825                     else
826                         retValue = false;
827                     if (!retValue)
828                         log.debug("isColumnAccess - Exclude AD_Table_ID=" + AD_Table_ID + ", AD_Column_ID=" + AD_Column_ID
829                             + " (ro=" + ro + ",ColumnAccessRO=" + m_columnAccess[i].isReadOnly() + ") = " + retValue);
830                     return retValue;
831                 }
832             }
833             else // Include
834 // If you Include Access to a column and select Read Only,
835 // you can only read data (otherwise full access).
836 {
837                 if (m_columnAccess[i].getAD_Table_ID() == AD_Table_ID)
838                 {
839                     retValue = false;
840                     if (m_columnAccess[i].getAD_Column_ID() == AD_Column_ID)
841                     {
842                         if (!ro) // rw only if not r/o
843 retValue = !m_columnAccess[i].isReadOnly();
844                         else
845                             retValue = true;
846                         if (!retValue)
847                             log.debug("isColumnAccess - Include AD_Table_ID=" + AD_Table_ID + ", AD_Column_ID=" + AD_Column_ID
848                                 + " (ro=" + ro + ",ColumnAccessRO=" + m_columnAccess[i].isReadOnly() + ") = " + retValue);
849                         return retValue;
850                     }
851                 } // same table
852 } // include
853 } // for all Table Access
854 if (!retValue)
855             log.debug("isColumnAccess - AD_Table_ID=" + AD_Table_ID + ", AD_Column_ID=" + AD_Column_ID
856                 + " (ro=" + ro + ") = " + retValue);
857         return retValue;
858     } // isColumnAccess
859
860     /**
861      * Access to Record
862      * @param AD_Table_ID table
863      * @param Record_ID
864      * @param ro
865      * @return
866      */
867     public boolean isRecordAccess (int AD_Table_ID, int Record_ID, boolean ro)
868     {
869         if (!isTableAccess(AD_Table_ID, ro)) // No Access to Table
870 return false;
871         loadRecordAccess(false);
872         
873         boolean negativeList = true;
874         for (int i = 0; i < m_tableAccess.length; i++)
875         {
876             if (m_recordAccess[i].isExclude()) // Exclude
877 // If you Exclude Access to a column and select Read Only,
878 // you can only read data (otherwise no access).
879 {
880                 if (m_recordAccess[i].getAD_Table_ID() == AD_Table_ID)
881                 {
882                     if (ro)
883                         return m_tableAccess[i].isReadOnly();
884                     else
885                         return false;
886                 }
887             }
888             else // Include
889 // If you Include Access to a column and select Read Only,
890 // you can only read data (otherwise full access).
891 {
892                 negativeList = false;
893                 if (m_recordAccess[i].getAD_Table_ID() == AD_Table_ID)
894                 {
895                     if (!ro) // rw only if not r/o
896 return !m_tableAccess[i].isReadOnly();
897                     else
898                         return true;
899                 }
900             }
901         } // for all Table Access
902 return negativeList;
903     } // isRecordAccess
904
905     /**
906      * Get Window Access
907      * @param AD_Window_ID window
908      * @return null in no access, TRUE if r/w and FALSE if r/o
909      */
910     public Boolean getWindowAccess (int AD_Window_ID)
911     {
912         if (m_windowAccess == null)
913         {
914             m_windowAccess = new HashMap(100);
915             String sql = "SELECT AD_Window_ID, IsReadWrite FROM AD_Window_Access WHERE AD_Role_ID=? AND IsActive='Y'";
916             PreparedStatement pstmt = null;
917             try
918             {
919                 pstmt = DB.prepareCall(sql);
920                 pstmt.setInt(1, getAD_Role_ID());
921                 ResultSet rs = pstmt.executeQuery();
922                 while (rs.next())
923                     m_windowAccess.put(new Integer (rs.getInt(1)), new Boolean ("Y".equals(rs.getString(2))));
924                 rs.close();
925                 pstmt.close();
926                 pstmt = null;
927             }
928             catch (Exception e)
929             {
930                 log.error("getWindowAccess", e);
931             }
932             try
933             {
934                 if (pstmt != null)
935                     pstmt.close();
936                 pstmt = null;
937             }
938             catch (Exception e)
939             {
940                 pstmt = null;
941             }
942             log.debug("getWindowAccess #" + m_windowAccess.size());
943         } // reload
944 Boolean retValue = (Boolean )m_windowAccess.get(new Integer (AD_Window_ID));
945     // log.debug("getWindowAccess - AD_Window_ID=" + AD_Window_ID + " - " + retValue);
946 return retValue;
947     } // getWindowAccess
948
949     /**
950      * Get Process Access
951      * @param AD_Process_ID process
952      * @return null in no access, TRUE if r/w and FALSE if r/o
953      */
954     public Boolean getProcessAccess (int AD_Process_ID)
955     {
956         if (m_processAccess == null)
957         {
958             m_processAccess = new HashMap(50);
959             String sql = "SELECT AD_Process_ID, IsReadWrite FROM AD_Process_Access WHERE AD_Role_ID=? AND IsActive='Y'";
960             PreparedStatement pstmt = null;
961             try
962             {
963                 pstmt = DB.prepareCall(sql);
964                 pstmt.setInt(1, getAD_Role_ID());
965                 ResultSet rs = pstmt.executeQuery();
966                 while (rs.next())
967                     m_processAccess.put(new Integer (rs.getInt(1)), new Boolean ("Y".equals(rs.getString(2))));
968                 rs.close();
969                 pstmt.close();
970                 pstmt = null;
971             }
972             catch (Exception e)
973             {
974                 log.error("getProcessAccess", e);
975             }
976             try
977             {
978                 if (pstmt != null)
979                     pstmt.close();
980                 pstmt = null;
981             }
982             catch (Exception e)
983             {
984                 pstmt = null;
985             }
986         } // reload
987 return (Boolean )m_processAccess.get(new Integer (AD_Process_ID));
988     } // getProcessAccess
989
990     /**
991      * Get Task Access
992      * @param AD_Task_ID task
993      * @return null in no access, TRUE if r/w and FALSE if r/o
994      */
995     public Boolean getTaskAccess (int AD_Task_ID)
996     {
997         if (m_taskAccess == null)
998         {
999             m_taskAccess = new HashMap(10);
1000            String sql = "SELECT AD_Task_ID, IsReadWrite FROM AD_Task_Access WHERE AD_Role_ID=? AND IsActive='Y'";
1001            PreparedStatement pstmt = null;
1002            try
1003            {
1004                pstmt = DB.prepareCall(sql);
1005                pstmt.setInt(1, getAD_Role_ID());
1006                ResultSet rs = pstmt.executeQuery();
1007                while (rs.next())
1008                    m_taskAccess.put(new Integer (rs.getInt(1)), new Boolean ("Y".equals(rs.getString(2))));
1009                rs.close();
1010                pstmt.close();
1011                pstmt = null;
1012            }
1013            catch (Exception e)
1014            {
1015                log.error("getTaskAccess", e);
1016            }
1017            try
1018            {
1019                if (pstmt != null)
1020                    pstmt.close();
1021                pstmt = null;
1022            }
1023            catch (Exception e)
1024            {
1025                pstmt = null;
1026            }
1027        } // reload
1028 return (Boolean )m_taskAccess.get(new Integer (AD_Task_ID));
1029    } // getTaskAccess
1030
1031    /**
1032     * Get Form Access
1033     * @param AD_Form_ID form
1034     * @return null in no access, TRUE if r/w and FALSE if r/o
1035     */
1036    public Boolean getFormAccess (int AD_Form_ID)
1037    {
1038        if (m_formAccess == null)
1039        {
1040            m_formAccess = new HashMap(20);
1041            String sql = "SELECT AD_Form_ID, IsReadWrite FROM AD_Form_Access WHERE AD_Role_ID=? AND IsActive='Y'";
1042            PreparedStatement pstmt = null;
1043            try
1044            {
1045                pstmt = DB.prepareCall(sql);
1046                pstmt.setInt(1, getAD_Role_ID());
1047                ResultSet rs = pstmt.executeQuery();
1048                while (rs.next())
1049                    m_formAccess.put(new Integer (rs.getInt(1)), new Boolean ("Y".equals(rs.getString(2))));
1050                rs.close();
1051                pstmt.close();
1052                pstmt = null;
1053            }
1054            catch (Exception e)
1055            {
1056                log.error("getFormAccess", e);
1057            }
1058            try
1059            {
1060                if (pstmt != null)
1061                    pstmt.close();
1062                pstmt = null;
1063            }
1064            catch (Exception e)
1065            {
1066                pstmt = null;
1067            }
1068        } // reload
1069 return (Boolean )m_formAccess.get(new Integer (AD_Form_ID));
1070    } // getTaskAccess
1071
1072    /**
1073     * Get Workflow Access
1074     * @param AD_Workflow_ID workflow
1075     * @return null in no access, TRUE if r/w and FALSE if r/o
1076     */
1077    public Boolean getWorkflowAccess (int AD_Workflow_ID)
1078    {
1079        if (m_workflowAccess == null)
1080        {
1081            m_workflowAccess = new HashMap(20);
1082            String sql = "SELECT AD_Workflow_ID, IsReadWrite FROM AD_Workflow_Access WHERE AD_Role_ID=? AND IsActive='Y'";
1083            PreparedStatement pstmt = null;
1084            try
1085            {
1086                pstmt = DB.prepareCall(sql);
1087                pstmt.setInt(1, getAD_Role_ID());
1088                ResultSet rs = pstmt.executeQuery();
1089                while (rs.next())
1090                    m_workflowAccess.put(new Integer (rs.getInt(1)), new Boolean ("Y".equals(rs.getString(2))));
1091                rs.close();
1092                pstmt.close();
1093                pstmt = null;
1094            }
1095            catch (Exception e)
1096            {
1097                log.error("getWorkflowAccess", e);
1098            }
1099            try
1100            {
1101                if (pstmt != null)
1102                    pstmt.close();
1103                pstmt = null;
1104            }
1105            catch (Exception e)
1106            {
1107                pstmt = null;
1108            }
1109        } // reload
1110 return (Boolean )m_workflowAccess.get(new Integer (AD_Workflow_ID));
1111    } // getTaskAccess
1112
1113    /*************************************************************************
1114
1115    /**
1116     * Appends where clause to SQL statement for Table
1117     *
1118     * @param SQL existing SQL statement
1119     * @param TableNameIn Table Name or list of table names AAA, BBB or AAA a, BBB b
1120     * @param fullyQualified fullyQualified names
1121     * @param rw if false, includes System Data
1122     * @return updated SQL statement
1123     */
1124    public String addAccessSQL (String SQL, String TableNameIn,
1125        boolean fullyQualified, boolean rw)
1126    {
1127        StringBuffer retSQL = new StringBuffer ();
1128
1129        // Cut off last ORDER BY clause
1130 String orderBy = "";
1131        int posOrder = SQL.lastIndexOf(" ORDER BY ");
1132        if (posOrder != -1)
1133        {
1134            orderBy = SQL.substring(posOrder);
1135            retSQL.append(SQL.substring(0, posOrder));
1136        }
1137        else
1138            retSQL.append(SQL);
1139
1140        // Parse SQL
1141 AccessSqlParser asp = new AccessSqlParser(retSQL.toString());
1142        AccessSqlParser.TableInfo[] ti = asp.getTableInfo(asp.getMainSqlIndex());
1143
1144        // Do we have to add WHERE or AND
1145 if (asp.getMainSql().indexOf(" WHERE ") == -1)
1146            retSQL.append(" WHERE ");
1147        else
1148            retSQL.append(" AND ");
1149
1150        // Use First Table
1151 String tableName = "";
1152        if (ti.length > 0)
1153        {
1154            tableName = ti[0].getSynonym();
1155            if (tableName.length() == 0)
1156                tableName = ti[0].getTableName();
1157        }
1158        if (!tableName.equals(TableNameIn) && TableNameIn != null)
1159        {
1160            String msg = "addAccessSQL - TableName not correctly parsed - TableNameIn="
1161                + TableNameIn + " - " + asp;
1162            if (ti.length > 0)
1163                msg += " - #1 " + ti[0];
1164            msg += "\n = " + SQL;
1165            log.error(msg);
1166            Trace.printStack();
1167            tableName = TableNameIn;
1168        }
1169
1170        // Client Access
1171 if (fullyQualified)
1172            retSQL.append(tableName).append(".");
1173        retSQL.append(getClientWhere(rw));
1174        
1175        // Org Access
1176 retSQL.append(" AND ");
1177        if (fullyQualified)
1178            retSQL.append(tableName).append(".");
1179        retSQL.append(getOrgWhere(rw));
1180
1181            
1182        // ** Data Access **
1183 for (int i = 0; i < ti.length; i++)
1184        {
1185            String TableName = ti[i].getTableName();
1186            int AD_Table_ID = getAD_Table_ID (TableName);
1187            // Data Table Access
1188 if (AD_Table_ID != 0 && !isTableAccess(AD_Table_ID, !rw))
1189            {
1190                retSQL.append(" AND 1=3"); // prevent access at all
1191 log.debug("addAccessSQL - no access to AD_Table_ID=" + AD_Table_ID
1192                    + " - " + TableName + " - " + retSQL);
1193                break; // no need to check further
1194 }
1195            
1196            // Data Column Access
1197
1198    
1199        
1200            // Data Record Access
1201 String keyColumnName = "";
1202            if (fullyQualified)
1203            {
1204                keyColumnName = ti[i].getSynonym(); // table synonym
1205 if (keyColumnName.length() == 0)
1206                    keyColumnName = TableName;
1207                keyColumnName += ".";
1208            }
1209            keyColumnName += TableName + "_ID"; // derived from table
1210
1211        // log.debug("addAccessSQL - " + TableName + "(" + AD_Table_ID + ") " + keyColumnName);
1212 String recordWhere = getRecordWhere (AD_Table_ID, keyColumnName);
1213            if (recordWhere.length() > 0)
1214            {
1215                retSQL.append(" AND ").append(recordWhere);
1216                if (Log.isTraceLevel(9))
1217                    log.debug("addAccessSQL - adding record access - " + recordWhere);
1218            }
1219        } // for all table info
1220
1221        // Dependent Records (only for main SQL)
1222 String mainSql = asp.getMainSql();
1223        loadRecordAccess(false);
1224        for (int i = 0; i < m_recordDependentAccess.length; i++)
1225        {
1226            String columnName = m_recordDependentAccess[i].getKeyColumnName(asp.getTableInfo(asp.getMainSqlIndex()) );
1227            if (columnName == null)
1228                continue; // no key column
1229 int posColumn = mainSql.indexOf(columnName);
1230            if (posColumn == -1)
1231                continue;
1232            // we found the column name - make sure it's a clumn name
1233 char charCheck = mainSql.charAt(posColumn-1); // before
1234 if (!(charCheck == ',' || charCheck == '.' || charCheck == ' ' || charCheck == '('))
1235                continue;
1236            charCheck = mainSql.charAt(posColumn+columnName.length()); // after
1237 if (!(charCheck == ',' || charCheck == ' ' || charCheck == ')'))
1238                continue;
1239                
1240            // *** we found the column in the main query
1241 log.debug("DEPENDENT " + columnName + " - " + m_recordDependentAccess[i]);
1242            StringBuffer where = new StringBuffer ();
1243            where.append(getDependentRecordWhereColumn (mainSql, columnName))
1244                .append((m_recordDependentAccess[i].isExclude() ? "<>" : "="))
1245                .append(m_recordDependentAccess[i].getRecord_ID());
1246            if (Log.isTraceLevel(9))
1247                log.debug("addAccessSQL - adding dependent access - " + where);
1248            retSQL.append(" AND ").append(where);
1249        } // for all dependent records
1250
1251        //
1252 retSQL.append(orderBy);
1253        if (Log.isTraceLevel(10))
1254            log.debug("addAccessSQL - " + retSQL);
1255        return retSQL.toString();
1256    } // addAccessSQL
1257
1258    /**
1259     * Get Dependent Record Where clause
1260     * @param mainSql sql to examine
1261     * @param columnName columnName
1262     * @return where clause column "x.columnName"
1263     */
1264    private String getDependentRecordWhereColumn (String mainSql, String columnName)
1265    {
1266        String retValue = columnName; // if nothing else found
1267 int index = mainSql.indexOf(columnName);
1268        // see if there are table synonym
1269 int offset = index - 1;
1270        char c = mainSql.charAt(offset);
1271        if (c == '.')
1272        {
1273            StringBuffer sb = new StringBuffer ();
1274            while (c != ' ' && c != ',' && c != '(') // delimeter
1275 {
1276                sb.insert(0, c);
1277                c = mainSql.charAt(--offset);
1278            }
1279            sb.append(columnName);
1280            return sb.toString();
1281        }
1282        return retValue;
1283    } // getDependentRecordWhereColumn
1284
1285
1286
1287    /**
1288     * UPADATE - Can I Update the record
1289     * Access error info (AccessTableNoUpdate) is saved in the log
1290     *
1291     * @see org.compiere.model.MTable#save(boolean)
1292     *
1293     * @param ctx comntext to derive client/org/user level
1294     * @param WindowNo number of the current window to retrieve context
1295     * @return true if you can update
1296     */
1297    public boolean canUpdate (int AD_Client_ID, int AD_Org_ID,
1298        int AD_Table_ID, boolean createError)
1299    {
1300        String userLevel = getUserLevel(); // Format 'SCO'
1301
1302        if (userLevel.indexOf("S") != -1) // System can change anything
1303 return true;
1304
1305        boolean retValue = true;
1306        String whatMissing = "";
1307
1308        // System == Client=0 & Org=0
1309 if (AD_Client_ID == 0 && AD_Org_ID == 0
1310            && userLevel.charAt(0) != 'S')
1311        {
1312            retValue = false;
1313            whatMissing += "S";
1314        }
1315
1316        // Client == Client!=0 & Org=0
1317 else if (AD_Client_ID != 0 && AD_Org_ID == 0
1318            && userLevel.charAt(1) != 'C')
1319        {
1320            retValue = false;
1321            whatMissing += "C";
1322        }
1323
1324        // Organization == Client!=0 & Org!=0
1325 else if (AD_Client_ID != 0 && AD_Org_ID != 0
1326            && userLevel.charAt(2) != 'O')
1327        {
1328            retValue = false;
1329            whatMissing += "O";
1330        }
1331
1332        // Data Access
1333 // get Table.IsSecurityEnabled
1334 // if yes: get UserAcess info => Where Table.TableKey in (List)
1335 // and Access=r/w
1336
1337        if (!retValue && createError)
1338        {
1339            Log.saveError("AccessTableNoUpdate",
1340                "AD_Client_ID=" + AD_Client_ID + ", AD_Org_ID=" + AD_Org_ID + ", UserLevel=" + userLevel
1341                + " => missing=" + whatMissing);
1342            log.error ("canUpdate - " + toString());
1343        }
1344        return retValue;
1345    } // canUpdate
1346
1347    /**
1348     * VIEW - Can I view record in Table with given TableLevel
1349     * <code>
1350     * TableLevel S__ 100 4 System info
1351     * SCO 111 7 System shared info
1352     * SC_ 110 6 System/Client info
1353     * _CO 011 3 Client shared info
1354     * _C_ 011 2 Client shared info
1355     * __O 001 1 Organization info
1356     * </code>
1357     *
1358     * @see org.compiere.model.MTabVO#loadTabDetails (MTabVO, ResultSet)
1359     * @param ctx context
1360     * @param TableLevel AccessLevel
1361     * @param forInsert true for Insert, false for View
1362     * @return true/false
1363     * Access error info (AccessTableNoUpdate, AccessTableNoView) is saved in the log
1364     */
1365    public boolean canView(Properties ctx, String TableLevel)
1366    {
1367        String userLevel = getUserLevel(); // Format 'SCO'
1368
1369        boolean retValue = true;
1370
1371        // 7 - All
1372 if (X_AD_Table.ACCESSLEVEL_All.equals(TableLevel))
1373            retValue = true;
1374             
1375        // 4 - System data requires S
1376 else if (X_AD_Table.ACCESSLEVEL_SystemOnly.equals(TableLevel)
1377            && userLevel.charAt(0) != 'S')
1378            retValue = false;
1379
1380        // 2 - Client data requires C
1381 else if (X_AD_Table.ACCESSLEVEL_ClientOnly.equals(TableLevel)
1382            && userLevel.charAt(1) != 'C')
1383            retValue = false;
1384
1385        // 1 - Organization data requires O
1386 else if (X_AD_Table.ACCESSLEVEL_Organization.equals(TableLevel)
1387            && userLevel.charAt(2) != 'O')
1388            retValue = false;
1389
1390        // 3 - Client Shared requires C or O
1391 else if (X_AD_Table.ACCESSLEVEL_ClientPlusOrganization.equals(TableLevel)
1392            && (!(userLevel.charAt(1) == 'C' || userLevel.charAt(2) == 'O')) )
1393                retValue = false;
1394
1395        // 6 - System/Client requires S or C
1396 else if (X_AD_Table.ACCESSLEVEL_SystemPlusClient.equals(TableLevel)
1397            && (!(userLevel.charAt(0) == 'S' || userLevel.charAt(1) == 'C')) )
1398            retValue = false;
1399
1400        if (retValue)
1401            return retValue;
1402
1403        // Notification
1404 /**
1405        if (forInsert)
1406            Log.saveError("AccessTableNoUpdate",
1407                "(Required=" + TableLevel + "("
1408                + getTableLevelString(Env.getAD_Language(ctx), TableLevel)
1409                + ") != UserLevel=" + userLevel);
1410        else
1411        **/
1412            Log.saveError("AccessTableNoView",
1413                "Required=" + TableLevel + "("
1414                + getTableLevelString(Env.getAD_Language(ctx), TableLevel)
1415                + ") != UserLevel=" + userLevel);
1416        log.error ("canView - " + toString());
1417        return retValue;
1418    } // canView
1419
1420
1421    /**
1422     * Returns clear text String of TableLevel
1423     * @param AD_Language language
1424     * @param TableLevel level
1425     * @return info
1426     */
1427    private String getTableLevelString (String AD_Language, String TableLevel)
1428    {
1429        String level = TableLevel + "??";
1430        if (TableLevel.equals("1"))
1431            level = "AccessOrg";
1432        else if (TableLevel.equals("2"))
1433            level = "AccessClient";
1434        else if (TableLevel.equals("3"))
1435            level = "AccessClientOrg";
1436        else if (TableLevel.equals("4"))
1437            level = "AccessSystem";
1438        else if (TableLevel.equals("6"))
1439            level = "AccessSystemClient";
1440        else if (TableLevel.equals("7"))
1441            level = "AccessShared";
1442
1443        return Msg.getMsg(AD_Language, level);
1444    } // getTableLevelString
1445
1446    /**
1447     * Get Table ID from name
1448     * @param tableName table name
1449     * @return AD_Table_ID or 0
1450     */
1451    private int getAD_Table_ID (String tableName)
1452    {
1453        loadTableInfo(false);
1454        Integer ii = (Integer )m_tableName.get(tableName);
1455        if (ii != null)
1456            return ii.intValue();
1457    // log.warn("getAD_Table_ID - not found (" + tableName + ")");
1458 return 0;
1459    } // getAD_Table_ID
1460
1461    /**
1462     * Return Where clause for Record Access
1463     * @param AD_Table_ID table
1464     * @param keyColumnName (fully qualified) key column name
1465     * @return where clause or ""
1466     */
1467    private String getRecordWhere (int AD_Table_ID, String keyColumnName)
1468    {
1469        loadRecordAccess(false);
1470        //
1471 StringBuffer sb = new StringBuffer ();
1472        // Role Access
1473 for (int i = 0; i < m_recordAccess.length; i++)
1474        {
1475            if (m_recordAccess[i].getAD_Table_ID() == AD_Table_ID)
1476            {
1477                if (sb.length() > 0)
1478                    sb.append(" AND ");
1479                sb.append(keyColumnName)
1480                    .append((m_recordAccess[i].isExclude() ? "<>" : "="))
1481                    .append(m_recordAccess[i].getRecord_ID());
1482            }
1483        } // for all Table Access
1484
1485        // Don't ignore Privacy Access
1486 if (!isPersonalAccess())
1487        {
1488            String lockedIDs = MPrivateAccess.getLockedRecordWhere(AD_Table_ID, m_AD_User_ID);
1489            if (lockedIDs != null)
1490            {
1491                if (sb.length() > 0)
1492                    sb.append(" AND ");
1493                sb.append(keyColumnName).append(lockedIDs);
1494            }
1495        }
1496        //
1497 return sb.toString();
1498    } // getRecordWhere
1499
1500} // MRole
1501

A to Z: JavaDoc & Examples

---

Daily Java News & Articles

---

Open Source Projects

---

Open Source Codes

---

Free Computer Books

---

Remove Frame

---

Popular Tags