Skip to content

Commit

Permalink
Merge pull request #4897 from yog-it/issue4573
Browse files Browse the repository at this point in the history
Fixed getting Folders by Permissions
  • Loading branch information
david-poindexter authored Nov 3, 2021
2 parents 82eaefa + 657e2e0 commit 2d25791
Showing 1 changed file with 125 additions and 0 deletions.
Original file line number Diff line number Diff line change
@@ -0,0 +1,125 @@
/****************************************************************
* SPROC: GetFoldersByPermission
****************************************************************/
IF (OBJECT_ID(N'{databaseOwner}[{objectQualifier}GetFoldersByPermissions]') IS NOT NULL)
DROP PROCEDURE {databaseOwner}[{objectQualifier}GetFoldersByPermissions]
GO

CREATE PROCEDURE {databaseOwner}[{objectQualifier}GetFoldersByPermissions]
@PortalID int,
@Permissions nvarchar(300),
@UserID int,
@FolderID int,
@FolderPath nvarchar(300)

AS
DECLARE @IsSuperUser bit = 0
DECLARE @IsAdmin bit = 0
DECLARE @ReadID int = 0
DECLARE @WriteID int = 0
DECLARE @BrowseID int = 0
DECLARE @AddID int = 0

--Define NULL
SELECT @PortalID = IsNull(@PortalID, -1)
,@Permissions = IsNull(@Permissions, N'')
,@UserID = IsNull(@UserID, -1)
,@FolderID = IsNull(@FolderID, -1)
,@FolderPath = IsNull(@FolderPath, N'')

--Determine Admin or SuperUser
IF @UserID > 0
BEGIN
SELECT @IsSuperUser = IsSuperUser FROM {databaseOwner}[{objectQualifier}Users] WHERE UserId = @UserId
SELECT @IsAdmin = CASE WHEN @IsSuperUser = 1 THEN 1 -- superusers are the portal admin
WHEN @PortalID = -1 THEN 0 -- only superusers may access host files
WHEN {databaseOwner}[{objectQualifier}UserIsInRole](@UserId, {databaseOwner}[{objectQualifier}AdministratorRoleId](@PortalId)) = 1 THEN 1
END
END;

IF (@PortalID = -1 AND @IsSuperUser = 1) OR (@IsAdmin = 1)
BEGIN
--Retrieve All Folders
SELECT [FolderID]
,[PortalID]
,[FolderPath]
,[StorageLocation]
,[IsProtected]
,[IsCached]
,[LastUpdated]
,[CreatedByUserID]
,[CreatedOnDate]
,[LastModifiedByUserID]
,[LastModifiedOnDate]
,[UniqueId]
,[VersionGuid]
,[FolderMappingID]
,[ParentID]
,[IsVersioned]
,[WorkflowID]
,[MappedPath]
FROM {databaseOwner}[{objectQualifier}Folders]
WHERE IsNull(PortalID, -1) = @PortalId
AND (FolderID = @FolderID OR (@FolderID = -1))
AND (FolderPath = @FolderPath OR (@FolderPath = N''))
ORDER BY PortalID, FolderPath
OPTION (OPTIMIZE FOR (@PortalID UNKNOWN));
END
ELSE
BEGIN
--Retrieve Permission Ids
IF @Permissions LIKE '%WRITE%' SELECT TOP 1 @WriteID = PermissionID FROM {databaseOwner}[{objectQualifier}Permission] WHERE PermissionCode = 'SYSTEM_FOLDER' AND ModuleDefId = -1 AND PermissionKey = 'WRITE';
IF @Permissions LIKE '%READ%' SELECT TOP 1 @ReadID = PermissionID FROM {databaseOwner}[{objectQualifier}Permission] WHERE PermissionCode = 'SYSTEM_FOLDER' AND ModuleDefId = -1 AND PermissionKey = 'READ';
IF @Permissions LIKE '%BROWSE%' SELECT TOP 1 @BrowseID = PermissionID FROM {databaseOwner}[{objectQualifier}Permission] WHERE PermissionCode = 'SYSTEM_FOLDER' AND ModuleDefId = -1 AND PermissionKey = 'BROWSE';
IF @Permissions LIKE '%ADD%' SELECT TOP 1 @AddID = PermissionID FROM {databaseOwner}[{objectQualifier}Permission] WHERE PermissionCode = 'SYSTEM_FOLDER' AND ModuleDefId = -1 AND PermissionKey = 'ADD';

--Retreive Folders by User Roles
WITH UserPortalRoles AS (
SELECT RoleID
FROM {databaseOwner}[{objectQualifier}vw_UserRoles]
WHERE PortalID = @PortalID
AND UserID = @UserID
AND IsNull(EffectiveDate, GetDate()) <= GetDate()
AND IsNull(ExpiryDate, GetDate()) >= GetDate()
UNION (SELECT -1)
UNION (SELECT -3 WHERE @UserID <= 0))
SELECT [FolderID]
,[PortalID]
,[FolderPath]
,[StorageLocation]
,[IsProtected]
,[IsCached]
,[LastUpdated]
,[CreatedByUserID]
,[CreatedOnDate]
,[LastModifiedByUserID]
,[LastModifiedOnDate]
,[UniqueId]
,[VersionGuid]
,[FolderMappingID]
,[ParentID]
,[IsVersioned]
,[WorkflowID]
,[MappedPath]
FROM {databaseOwner}[{objectQualifier}Folders]
WHERE (IsNull(PortalID, -1) = @PortalId)
AND (FolderPath = @FolderPath OR @FolderPath = N'')
AND (FolderID = @FolderID OR @FolderID = -1)
AND FolderID IN -- granted folders
(SELECT P.FolderID FROM {databaseOwner}[{objectQualifier}FolderPermission] P
LEFT JOIN UserPortalRoles R ON P.RoleID = R.RoleID
WHERE (P.UserID = @UserID OR (R.RoleID IS NOT NULL))
AND PermissionID IN (@AddID, @ReadID, @BrowseID, @WriteID)
AND AllowAccess = 1
GROUP BY P.FolderID)
AND NOT FolderId IN -- denied folders
(SELECT P.FolderID FROM {databaseOwner}[{objectQualifier}FolderPermission] P
LEFT JOIN UserPortalRoles R ON P.RoleID = R.RoleID
WHERE (P.UserID = @UserID OR (R.RoleID IS NOT NULL))
AND PermissionID IN (@AddID, @ReadID, @BrowseID, @WriteID)
AND AllowAccess = 0
GROUP BY P.FolderID)
ORDER BY PortalID, FolderPath
OPTION (OPTIMIZE FOR (@FolderPath Unknown, @FolderID Unknown, @UserID Unknown));
END
GO

0 comments on commit 2d25791

Please sign in to comment.