Notice: This Wiki is now read only and edits are no longer possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Scout/Tutorial/3.8/Minicrm/Permissions"
m (→Screenshot: h3) |
(→Person Form: Make sure you use the same class names if you want to copy and paste the SQL statements later in this section.) |
||
Line 56: | Line 56: | ||
== Person Form == | == Person Form == | ||
− | Create a Person Form and a Person Process Service to create and edit persons. | + | Create a Person Form and a Person Process Service to create and edit persons. Make sure you use the same class names if you want to copy and paste the SQL statements later in this section. |
{| cellpadding="10" | {| cellpadding="10" | ||
− | ! | + | !Label |
+ | !Class Name | ||
!Column Name | !Column Name | ||
!Type | !Type | ||
|- | |- | ||
|Name | |Name | ||
+ | |NameField | ||
|LAST_NAME | |LAST_NAME | ||
|String | |String | ||
|- | |- | ||
|First Name | |First Name | ||
+ | |FirstNameField | ||
|FIRST_NAME | |FIRST_NAME | ||
|- | |- | ||
|Employer | |Employer | ||
+ | |EmployerField | ||
|COMPANY_NR | |COMPANY_NR | ||
|SmartField (CompanyLookupCall) | |SmartField (CompanyLookupCall) | ||
|- | |- | ||
|Username | |Username | ||
+ | |UsernameField | ||
|USERNAME | |USERNAME | ||
|String | |String | ||
|- | |- | ||
|Roles | |Roles | ||
+ | |RolesField | ||
|USER_ROLE.ROLE_NR | |USER_ROLE.ROLE_NR | ||
|Listview (RoleLookupCall, Grid H 4) | |Listview (RoleLookupCall, Grid H 4) |
Revision as of 05:28, 24 October 2012
The Scout documentation has been moved to https://eclipsescout.github.io/.
Contents
What is this chapter about?
This chapter is about authorization and authentication.
When creating forms and table pages, the wizards have always created Permission classes in the background:
- CreateCompanyPermission
- ReadCompanyPermission
- UpdateCompanyPermission
- DeleteCompanyPermission (actually, you will have to create this permission yourself if you implement a delete menu)
We want to create an Administration View where Users get assigned Roles. These Roles have have Permissions. When a user logs in, the appropriate Permissions are loaded.
For this to work, users must be authenticated. We'll add a SecurityFilter to handle this.
This chapter assumes that you're pretty proficient at creating tables, forms and services. No more hand-holding. :)
Database
The sample database already contains the following tables:
ROLE ROLE_PERMISSION USER_ROLE --------- --------------- --------- ROLE_NR ROLE_NR USER_NR NAME PERMISSION_NAME ROLE_NR
The PERSON table has a USERNAME column.
Let us create two roles before we get started:
INSERT INTO minicrm.ROLE (role_nr, name) VALUES (1, 'Administrator'); INSERT INTO minicrm.ROLE (role_nr, name) VALUES (2, 'Standard');
Roles
Create a new Lookup Call RoleLookupCall.
The RoleLookupService uses this statement:
return "" + "SELECT ROLE_NR, " + " NAME " + "FROM ROLE " + "WHERE 1=1 " + "<key> AND ROLE_NR = :key </key> " + "<text> AND UPPER(NAME) LIKE UPPER(:text||'%') </text> " + "<all> </all> ";
Person Form
Create a Person Form and a Person Process Service to create and edit persons. Make sure you use the same class names if you want to copy and paste the SQL statements later in this section.
Label | Class Name | Column Name | Type |
---|---|---|---|
Name | NameField | LAST_NAME | String |
First Name | FirstNameField | FIRST_NAME | |
Employer | EmployerField | COMPANY_NR | SmartField (CompanyLookupCall) |
Username | UsernameField | USERNAME | String |
Roles | RolesField | USER_ROLE.ROLE_NR | Listview (RoleLookupCall, Grid H 4) |
Menus
Add a "New Person..." and a "Edit Person..." menu to the PersonTablePage.
@Override protected void execAction() throws ProcessingException { PersonForm form = new PersonForm(); form.startNew(); form.waitFor(); if (form.isFormStored()) { reloadPage(); } }
@Override public void execAction() throws ProcessingException { PersonForm form = new PersonForm(); form.setPersonNr(getPersonNrColumn().getSelectedValue()); form.startModify(); form.waitFor(); if (form.isFormStored()) { reloadPage(); } }
Process Service
Here are the SQL statements you will need.
Creation:
SQL.selectInto("" + "SELECT MAX(PERSON_NR)+1 " + "FROM PERSON " + "INTO :personNr" , formData); SQL.insert("" + "INSERT INTO PERSON (PERSON_NR, LAST_NAME, FIRST_NAME, COMPANY_NR, USERNAME) " + "VALUES (:personNr, :name, :firstName, :employer, :username)" , formData); SQL.insert("" + "INSERT INTO USER_ROLE (USER_NR, ROLE_NR) " + "VALUES (:personNr, :{roles})" , formData);
Loading:
SQL.selectInto("" + "SELECT LAST_NAME, " + " FIRST_NAME, " + " COMPANY_NR, " + " USERNAME " + "FROM PERSON " + "WHERE PERSON_NR = :personNr " + "INTO :name, " + " :firstName, " + " :employer, " + " :username" , formData); SQL.select("" + "SELECT ROLE_NR " + "FROM USER_ROLE " + "WHERE USER_NR = :personNr " + "INTO :roles" , formData);
Updating:
SQL.update("" + "UPDATE PERSON SET" + " LAST_NAME = :name, " + " FIRST_NAME = :firstName, " + " COMPANY_NR = :employer, " + " USERNAME = :username " + "WHERE PERSON_NR = :personNr" , formData); SQL.delete("" + "DELETE FROM USER_ROLE " + "WHERE USER_NR = :personNr " , formData); SQL.insert("" + "INSERT INTO USER_ROLE (USER_NR, ROLE_NR) " + "VALUES (:personNr, :{roles})" , formData);
Screenshot
If you're working in a multilingual environment, this is what it might look like:
Administration View
Create the following outline on the client side:
Administration Outline │ ├─Role Table Page │ │ │ └─Permission Table Page │ └─Permission Table Page
Additional table pages might be useful: which roles use a particular permission? which users have a particular role? These are left as an exercise for the reader.