RLS
Methods
# allowForAdminOwnerAndAdmTable (ctxt: ubMethodParams) static
For members of Admin group and for users root and admin do nothing.
For other users adds condition what
- either current user is a record owner
- OR user or one of user role in
{$entity}_admsub-table
Arguments:
ctxt: ubMethodParams
# currentUserInGroup (sender, roleName) → * static deprecated
Use functional RLS instead
is current ( Session.userID) user have role with name roleName
Arguments:
sender:roleName:
# federalize () static
Dirty hack for federalized entities (for example ubs_numcounter) work without FED model.
FED model define good realization of RLS.federalize - this is only stub
# getDefaultAclRlsSubjects (mixinCfgopt: object) → Array.<number> static
Default behavior for get aclRls subjects - return array of IDs for currently logged in user:
- if
uba_subjectin onEntities: userID + user roles IDs + user groups IDs - if
org_unitin onEntities: orgUnitIDs
Arguments:
mixinCfg: object
# isSuperUserOrInAdminGroup () → boolean static
Returns true in case current user is Superuser ( build-in root or admin) or member of Admin group
# isUserAdminOrInAdminGroup () → boolean static
Returns true in case current user is admin or root or Admin group member.
Used as default for aclRls.skipIfFn
# userInAdmSubtable (sender, user) static deprecated
Use functional RLS instead
Check user in adm sub-table. No user group check performed!
Arguments:
sender:user:
# userInGroup (user: number, groupname: string) → string static deprecated
Use functional RLS instead
todo - OPTIMIZE using role cache
# userOrUserGroupInAdmSubtable (sender, user) static deprecated
Use functional RLS instead
Check user or any of user groups in adm subtable /* xmax using ORACLE _todo check oracle syntax!!
Arguments:
sender:user: