UFN_SECURITY_APPUSER_GRANTED_BATCHTEMPLATE_FORREVENUE
Returns true if a user has access to a batch template for a revenue.
Return
| Return Type |
|---|
| bit |
Parameters
| Parameter | Parameter Type | Mode | Description |
|---|---|---|---|
| @APPUSERID | uniqueidentifier | IN | |
| @BATCHTEMPLATEID | uniqueidentifier | IN | |
| @REVENUEID | uniqueidentifier | IN |
Definition
Copy
CREATE function [dbo].[UFN_SECURITY_APPUSER_GRANTED_BATCHTEMPLATE_FORREVENUE]
(
@APPUSERID uniqueidentifier,
@BATCHTEMPLATEID uniqueidentifier,
@REVENUEID uniqueidentifier
)
returns bit as
/*
Returns true if the given user has permissions to the given form
in a role whose SITE is either
1.) Blank and record security mode=0
2.) Assigned to a SITE that exists on the given Revenue.
This function is optimized for use from the Blackbaud.AppFx.Security.Catalog.SiteRecordSecurityService
class which implements the RecordSecurity service for Site record security.
As such, it assumes that a check for DENY occurs outside this function
and also assumes that a check for if the user is ISSYSADMIN occurs outside
this function.
*/
begin
--If user granted permission to the feature in a role with no ringfence then
--the user has permission regardless of the record in question.
if exists
(
select
1
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHTEMPLATE as SECURITYVIEW
with (NOEXPAND, INDEX(IX_V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHTEMPLATE_BATCHTEMPLATEID_APPUSERID))
inner join dbo.SYSTEMROLEAPPUSER on SYSTEMROLEAPPUSER.APPUSERID = SECURITYVIEW.APPUSERID
left join dbo.SITEPERMISSION on SITEPERMISSION.APPUSERID = SECURITYVIEW.APPUSERID
where
SECURITYVIEW.APPUSERID = @APPUSERID AND
SECURITYVIEW.BATCHTEMPLATEID = @BATCHTEMPLATEID AND
SECURITYVIEW.GRANTORDENY=1 AND
(
SYSTEMROLEAPPUSER.SECURITYMODECODE = 0
OR
dbo.UFN_SECURITY_APPUSER_SITEINREVENUE(@REVENUEID, SITEPERMISSION.SITEID) = 1
)
union all
select
1
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHTYPE as SECURITYVIEW
inner join dbo.BATCHTEMPLATE on BATCHTEMPLATE.BATCHTYPECATALOGID = SECURITYVIEW.BATCHTYPECATALOGID
inner join dbo.SYSTEMROLEAPPUSER on SYSTEMROLEAPPUSER.APPUSERID = SECURITYVIEW.APPUSERID
left join dbo.SITEPERMISSION on SITEPERMISSION.APPUSERID = SECURITYVIEW.APPUSERID
where
SECURITYVIEW.APPUSERID=@APPUSERID AND
BATCHTEMPLATE.ID=@BATCHTEMPLATEID AND
SECURITYVIEW.GRANTORDENY=1 AND
(
SYSTEMROLEAPPUSER.SECURITYMODECODE = 0
OR
dbo.UFN_SECURITY_APPUSER_SITEINREVENUE(@REVENUEID, SITEPERMISSION.SITEID) = 1
)
union all
select
1
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHWORKFLOWSTATE as SECURITYVIEW
with (NOEXPAND, INDEX(IX_V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHWORKFLOWSTATE_BATCHWORKFLOWSTATEID_APPUSERID))
inner join dbo.BATCH on BATCH.BATCHWORKFLOWSTATEID = SECURITYVIEW.BATCHWORKFLOWSTATEID
inner join dbo.SYSTEMROLEAPPUSER on SYSTEMROLEAPPUSER.APPUSERID = SECURITYVIEW.APPUSERID
left join dbo.SITEPERMISSION on SITEPERMISSION.APPUSERID = SECURITYVIEW.APPUSERID
where
SECURITYVIEW.APPUSERID=@APPUSERID AND
BATCH.BATCHTEMPLATEID=@BATCHTEMPLATEID AND
SECURITYVIEW.GRANTORDENY=1 AND
(
SYSTEMROLEAPPUSER.SECURITYMODECODE = 0
OR
dbo.UFN_SECURITY_APPUSER_SITEINREVENUE(@REVENUEID, SITEPERMISSION.SITEID) = 1
)
union all
select
1
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHPROCESSOR as SECURITYVIEW
with (NOEXPAND, INDEX(IX_V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHTEMPLATEPROCESSOR_BATCHTEMPLATEID_APPUSERID))
inner join dbo.SYSTEMROLEAPPUSER on SYSTEMROLEAPPUSER.APPUSERID = SECURITYVIEW.APPUSERID
left join dbo.SITEPERMISSION on SITEPERMISSION.APPUSERID = SECURITYVIEW.APPUSERID
where
SECURITYVIEW.APPUSERID=@APPUSERID AND
SECURITYVIEW.BATCHTEMPLATEID=@BATCHTEMPLATEID AND
SECURITYVIEW.GRANTORDENY=1 AND
(
SYSTEMROLEAPPUSER.SECURITYMODECODE = 0
OR
dbo.UFN_SECURITY_APPUSER_SITEINREVENUE(@REVENUEID, SITEPERMISSION.SITEID) = 1
)
union all
select
1
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHTEMPLATEAPPROVER as SECURITYVIEW
with (NOEXPAND, INDEX(IX_V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BATCHTEMPLATEAPPROVER_BATCHTEMPLATEID_APPUSERID))
inner join dbo.SYSTEMROLEAPPUSER on SYSTEMROLEAPPUSER.APPUSERID = SECURITYVIEW.APPUSERID
left join dbo.SITEPERMISSION on SITEPERMISSION.APPUSERID = SECURITYVIEW.APPUSERID
where
SECURITYVIEW.APPUSERID=@APPUSERID AND
SECURITYVIEW.BATCHTEMPLATEID=@BATCHTEMPLATEID AND
SECURITYVIEW.GRANTORDENY=1 AND
(
SYSTEMROLEAPPUSER.SECURITYMODECODE = 0
OR
dbo.UFN_SECURITY_APPUSER_SITEINREVENUE(@REVENUEID, SITEPERMISSION.SITEID) = 1
)
) return 1;
return 0;
end