Fix: Permissions.
This commit is contained in:
@@ -19,6 +19,7 @@ BEGIN
|
||||
DECLARE v_id_access_level_edit INT;
|
||||
DECLARE v_is_super_user BIT;
|
||||
DECLARE v_can_edit_user BIT;
|
||||
DECLARE v_priority_access_level_admin INT;
|
||||
DECLARE v_priority_access_level_none INT;
|
||||
DECLARE v_priority_access_level_user INT;
|
||||
DECLARE v_time_start TIMESTAMP(6);
|
||||
@@ -61,6 +62,7 @@ BEGIN
|
||||
SET v_id_type_error_bad_data := (SELECT ERROR_TYPE.id_type FROM fetchmetrics.CORE_Msg_Error_Type ERROR_TYPE WHERE ERROR_TYPE.code = v_code_type_error_bad_data LIMIT 1);
|
||||
SET v_id_access_level_edit := (SELECT ACCESS_LEVEL.id_access_level FROM fetchmetrics.DOG_Access_Level ACCESS_LEVEL WHERE ACCESS_LEVEL.code = 'EDIT' LIMIT 1);
|
||||
SET v_id_permission_user_edit := (SELECT GROUP_CONCAT(PERMISSION.id_permission SEPARATOR ',') FROM fetchmetrics.DOG_Permission PERMISSION WHERE PERMISSION.code = 'USER_CREATE' LIMIT 1);
|
||||
SET v_priority_access_level_admin := (SELECT ACCESS_LEVEL.priority FROM fetchmetrics.DOG_Access_Level ACCESS_LEVEL WHERE ACCESS_LEVEL.code = 'ADMIN' LIMIT 1);
|
||||
SET v_priority_access_level_none := (SELECT ACCESS_LEVEL.priority FROM fetchmetrics.DOG_Access_Level ACCESS_LEVEL WHERE ACCESS_LEVEL.code = 'NONE' LIMIT 1);
|
||||
|
||||
CALL fetchmetrics.p_core_validate_guid ( a_guid );
|
||||
@@ -311,7 +313,7 @@ BEGIN
|
||||
|
||||
IF (
|
||||
v_is_super_user = 0
|
||||
AND v_priority_access_level_user > v_priority_access_level_admin
|
||||
AND v_priority_access_level_user >= v_priority_access_level_admin
|
||||
AND EXISTS (
|
||||
SELECT *
|
||||
FROM tmp_User_Save_User t_USER
|
||||
@@ -519,5 +521,40 @@ CALL fetchmetrics.p_dog_clear_calc_user_access(
|
||||
, 0 -- debug
|
||||
);
|
||||
|
||||
select *
|
||||
from demo.DOG_User_Change_Set
|
||||
;
|
||||
select *
|
||||
from demo.DOG_Role
|
||||
;
|
||||
select *
|
||||
from demo.DOG_Permission
|
||||
;
|
||||
|
||||
|
||||
-- INSERT INTO demo.DOG_User_Change_Set (comment ) VALUES ( 'Client role permissions' );
|
||||
|
||||
UPDATE demo.DOG_Role_Permission_Link ROLE_PERMISSION_LINK
|
||||
SET
|
||||
ROLE_PERMISSION_LINK.id_change_set = (SELECT UCS.id_change_set FROM demo.DOG_User_Change_Set UCS ORDER BY UCS.id_change_set DESC LIMIT 1)
|
||||
, ROLE_PERMISSION_LINK.id_access_level = 2
|
||||
WHERE
|
||||
ROLE_PERMISSION_LINK.id_permission = 15
|
||||
AND ROLE_PERMISSION_LINK.id_role <> 1
|
||||
;
|
||||
|
||||
|
||||
SELECT
|
||||
USERS.email
|
||||
, ROLE.name
|
||||
, PERMISSION.name
|
||||
, ACCESS_LEVEL.name
|
||||
FROM demo.DOG_User USERS
|
||||
INNER JOIN demo.DOG_User_Role_Link URL ON USERS.id_user = URL.id_user
|
||||
INNER JOIN demo.DOG_Role ROLE ON URL.id_role = ROLE.id_role
|
||||
INNER JOIN demo.DOG_Role_Permission_Link RPL ON URL.id_role = RPL.id_role
|
||||
INNER JOIN demo.DOG_Permission PERMISSION ON RPL.id_permission = PERMISSION.id_permission
|
||||
INNER JOIN demo.DOG_Access_Level ACCESS_LEVEL ON RPL.id_access_level = ACCESS_LEVEL.id_access_level
|
||||
;
|
||||
*/
|
||||
|
||||
|
||||
Reference in New Issue
Block a user