# # # get_profile_data_util.cfv # # # # get_is_valid_profile() # get_profile_version() # # get_profiles_with_permissions() # get_profiles_dat() # # # # # # # get_is_valid_profile() # # # subroutine(get_is_valid_profile( node profile), ( # This checks the profile to be a valid version 8.5+ profile. # The profile subnode "database.options.server.type" only exists since version 8 # The profile subnode "field_options" exists only prior version 8.5 bool is_valid_profile = (?(profile . ".database.options.server.type") and profile?{"snapons"}); # return is_valid_profile; )); # # # # get_profile_version() # # # subroutine(get_profile_version( node profile), ( # This returns the profile version depending on the given subnodes of the profile. # It is used to indicate version 7 profiles which must be imported # or 8.0/8.1 profiles which must be converted to version 8.5. # # Returns 7.0 for all versions prior 8.0 # Returns 8.0 for all versions prior 8.5 string version = ""; if (!?(profile . ".database.options.server.type")) then ( version = "7.0" ) else if (?(profile . ".database.options.server.type") and !profile?{"snapons"}) then ( # This must be a 8.0 or 8.1 version because version 8.5 does not anymore contain log.field_options version = "8.0" ); # return version; )); # # # # get_profiles_with_permissions() # # # subroutine(get_profiles_with_permissions, ( debug_message("\n\n#### get_profiles_with_permissions START \n"); string session_id = volatile.session_id; node user_grants = "sessions_cache." . session_id . ".session_info.user_grants"; node all_profiles = "profiles"; delete_node("v.my_profiles"); v.my_profiles = ""; node my_profiles = "v.my_profiles"; node profile; string profile_name; if (num_subnodes(all_profiles) > 0) then ( node all_profiles_grants = user_grants{"all_profiles_grants"}; node profiles_grants = user_grants{"profiles_grants"}; bool view_reports_of_all_profiles = @all_profiles_grants{"access_reports"}; bool view_config_of_all_profiles = @all_profiles_grants{"access_config"}; bool has_rename_in_all_profiles = @all_profiles_grants{"rename_profile"}; bool has_delete_in_all_profiles = @all_profiles_grants{"delete_profile"}; bool is_view_reports; bool is_view_config; bool is_rename; bool is_delete; if (view_reports_of_all_profiles or view_config_of_all_profiles or has_rename_in_all_profiles or has_delete_in_all_profiles) then ( # # The user accesses all profiles # node individual_profile_grants; foreach profile all_profiles ( profile_name = node_name(profile); if (!profiles_grants?{profile_name}) then ( # There are no individual profile grants for this profile, so we use the all profiles grants is_view_reports = view_reports_of_all_profiles; is_view_config = view_config_of_all_profiles; is_rename = has_rename_in_all_profiles; is_delete = has_delete_in_all_profiles; ) else ( # This profile exists in profiles_grants, so we use the specific profile grants individual_profile_grants = profiles_grants{profile_name}; is_view_reports = @individual_profile_grants{"access_reports"}; is_view_config = @individual_profile_grants{"access_config"}; is_rename = @individual_profile_grants{"rename_profile"}; is_delete = @individual_profile_grants{"delete_profile"}; ); # Add the profile to my_profiles my_profiles . "." . profile_name . ".label" = @(all_profiles . "." . profile_name . ".label"); my_profiles . "." . profile_name . ".is_view_reports" = is_view_reports; my_profiles . "." . profile_name . ".is_view_config" = is_view_config; my_profiles . "." . profile_name . ".is_rename" = is_rename; my_profiles . "." . profile_name . ".is_delete" = is_delete; ); ) else ( # # The user accesses specific profiles only, if at all # foreach profile profiles_grants ( profile_name = node_name(profile); # Make sure the profile exists in all_profiles if (all_profiles?{profile_name}) then ( # Add the profile to my_profiles my_profiles . "." . profile_name . ".label" = @(all_profiles . "." . profile_name . ".label"); my_profiles . "." . profile_name . ".is_view_reports" = @profile{"access_reports"}; my_profiles . "." . profile_name . ".is_view_config" = @profile{"access_config"}; my_profiles . "." . profile_name . ".is_rename" = @profile{"rename_profile"}; my_profiles . "." . profile_name . ".is_delete" = @profile{"delete_profile"}; ); ); ); ); debug_message("\n" . node_as_string(my_profiles) . "\n"); # # Return my_profiles # my_profiles; )); # # # # get_profiles_dat() # # # subroutine(get_profiles_dat( bool is_root_admin, string active_user_node_name), ( # This creates the profilesDb object. The subroutine is used in finish_wizard.cfv # and get_profile_data! # # # Get the profiles # # node the_profiles; if (is_root_admin) then ( the_profiles = "profiles"; ) else ( # # Handle RBAC permissions # # We create a separate profiles node where each profile node indicates the permissions the_profiles = get_profiles_with_permissions(); ); string profiles_dat = "["; bool number_of_profiles = num_subnodes(the_profiles); if (number_of_profiles > 0) then ( # Sort profiles # KHP 05/Nov/2008, moved sorting to client side because the list must be re-sorted upon client side anyway # when a new profile is created. # # Get the profiles data # node profile; string profile_name; string profile_label; string database_name; string default_date_filter; int count; bool is_valid_profile; bool is_view_reports; bool is_view_config; bool is_rename; bool is_delete; string created_by_user; string username; string version; # only required for invalid profiles node users = "users"; node the_profile; foreach profile the_profiles ( profile_name = node_name(profile); profile_label = @profile{"label"}; if (is_root_admin) then ( the_profile = profile; is_view_reports = true; is_view_config = true; is_rename = true; is_delete = true; ) else ( the_profile = "profiles." . profile_name; is_view_reports = @profile{"is_view_reports"}; is_view_config = @profile{"is_view_config"}; is_rename = @profile{"is_rename"}; is_delete = @profile{"is_delete"}; ); # Make sure that the profile isn't from an older version is_valid_profile = get_is_valid_profile(the_profile); if (is_valid_profile) then ( database_name = @(the_profile . ".database.options.server.database_name"); default_date_filter = if (?(the_profile . ".statistics.miscellaneous.date_filter.df")) then (@(the_profile . ".statistics.miscellaneous.date_filter.df")) else (""); version = ""; username = ""; created_by_user = if (the_profile?{"created_by_user"} and (@the_profile{"created_by_user"} ne "")) then (@the_profile{"created_by_user"}) else ("root_admin"); if (created_by_user ne active_user_node_name) then ( # This profile has been created by another user, so we show the username # next to the profile name, i.e. "profile 1 (by user 2)" if (users?{created_by_user}) then ( username = @(users . "." . created_by_user . ".username"); ) else ( username = lang_admin.profiles.unknown_user; ); ); ) else ( # Invalid profile. This is most likely a version 8.0, 8.1 or 7.x profile version = get_profile_version(the_profile); username = ""; created_by_user = ""; database_name = ""; default_date_filter = ""; is_view_reports = false; is_view_config = false; is_rename = false; ); profiles_dat .= "{"; profiles_dat .= add_json("isValidProfile", is_valid_profile, "bool"); profiles_dat .= add_json("version", version, "string"); profiles_dat .= add_json("name", profile_name, "string"); profiles_dat .= add_json("label", profile_label, "string"); profiles_dat .= add_json("databaseName", database_name, "string"); profiles_dat .= add_json("username", username, "string"); profiles_dat .= add_json("df", default_date_filter, "string"); profiles_dat .= add_json("isViewReports", is_view_reports, "bool"); profiles_dat .= add_json("isViewConfig", is_view_config, "bool"); profiles_dat .= add_json("isRename", is_rename, "bool"); profiles_dat .= add_json("isDelete", is_delete, "bool"); profiles_dat = close_json(profiles_dat) . ","; count++; ); profiles_dat = replace_last(profiles_dat, ",", "]"); ) else ( profiles_dat .= "]"; ); # Return profiles_dat profiles_dat; ));