UFN_SECURITY_APPUSER_GRANTED_BUSINESSPROCESS_FORSITE
Returns a table of site ids for which the user has been granted the business process according to the role security.
Return
| Return Type |
|---|
| bit |
Parameters
| Parameter | Parameter Type | Mode | Description |
|---|---|---|---|
| @APPUSERID | uniqueidentifier | IN | |
| @BUSINESSPROCESSCATALOGID | uniqueidentifier | IN | |
| @SITEID | uniqueidentifier | IN |
Definition
Copy
CREATE function dbo.UFN_SECURITY_APPUSER_GRANTED_BUSINESSPROCESS_FORSITE
(
@APPUSERID uniqueidentifier,
@BUSINESSPROCESSCATALOGID uniqueidentifier,
@SITEID uniqueidentifier
)
returns bit as
/*
Returns true if the given user has permissions to the given BUSINESSPROCESS
in a role whose SITE is either
1.) Blank and record security mode=0
2.) Assigned to the given SITE.
3.) Blank and record security mode=1 and the SITEID IS NULL.
This function is optimized for use from the Blackbaud.AppFx.Security.Catalog.SiteRecordSecurityService
class which implements the RecordSecurity service for Site record security.
As such, it assumes that a check for DENY occurs outside this function
and also assumes that a check for if the user is ISSYSADMIN occurs outside
this function.
If UFN_SECURITY_APPUSER_GRANTED_BUSINESSPROCESS_IN_NONSITEROLE returns true then you should not be calling this function,
although this function will handle such cases.
*/
begin
if exists
(
select
1
from
dbo.V_SECURITY_SYSTEMROLEASSIGNMENT_USER_BUSINESSPROCESS as SECURITYVIEW
left join dbo.SITEPERMISSION on SITEPERMISSION.APPUSERID = SECURITYVIEW.APPUSERID and SITEPERMISSION.SYSTEMROLEID = SECURITYVIEW.SYSTEMROLEID
where
SECURITYVIEW.APPUSERID = @APPUSERID and
SECURITYVIEW.BUSINESSPROCESSCATALOGID = @BUSINESSPROCESSCATALOGID and
SECURITYVIEW.GRANTORDENY=1 and
(
(SECURITYVIEW.SITESECURITYMODE = 0)
or
(SITEPERMISSION.SITEID = @SITEID and (SECURITYVIEW.SITESECURITYMODE = 2 or SECURITYVIEW.SITESECURITYMODE = 3))
or
(SECURITYVIEW.SITESECURITYMODE = 1 and @SITEID is null)
)
)
return 1;
return 0;
end