UFN_SECURITY_APPUSER_GRANTED_KPIINSTANCE
Returns true if user has been granted and not denied the KPI instance for a system role
Return
| Return Type |
|---|
| bit |
Parameters
| Parameter | Parameter Type | Mode | Description |
|---|---|---|---|
| @APPUSERID | uniqueidentifier | IN | |
| @KPIINSTANCEID | uniqueidentifier | IN |
Definition
Copy
create function dbo.UFN_SECURITY_APPUSER_GRANTED_KPIINSTANCE
(@APPUSERID uniqueidentifier,@KPIINSTANCEID uniqueidentifier)
returns bit
as
/*
Returns true if user has been granted and not denied the KPI instance for a System Role.
*/
begin
--If at least one grant and no deny then return true
--otherwise, false
declare @grant bit;
declare @KPICATALOGID uniqueidentifier;
set @grant=0;
select @grant = ISSYSADMIN from dbo.APPUSER where ID = @APPUSERID;
--User isn't a system administrator; heck to see if the user has rights to the KPI on which the instance is based.
if @grant = 0
begin
select @KPICATALOGID = KPICATALOGID from dbo.KPIINSTANCE where KPIINSTANCE.ID = @KPIINSTANCEID;
select @grant = dbo.UFN_SECURITY_APPUSER_GRANTED_KPI(@APPUSERID, @KPICATALOGID);
end;
--User doesn't have rights to the KPI on which the instance is based; check to see if the user has been granted explicit
--rights to the KPI instance.
if @grant = 0
begin
if exists
(select SYSTEMROLEKPIINSTANCE.KPIINSTANCEID from dbo.SYSTEMROLEKPIINSTANCE
inner join dbo.SYSTEMROLEAPPUSER AS SRAU on SYSTEMROLEKPIINSTANCE.SYSTEMROLEID = SRAU.SYSTEMROLEID
where SYSTEMROLEKPIINSTANCE.KPIINSTANCEID = @KPIINSTANCEID and SRAU.APPUSERID = @APPUSERID)
begin
set @grant = 1;
end
else
begin
set @grant = 0;
end;
end;
return @grant;
end