add full user-roles-els initialization

parent a2d7c19e
/**
* User: olga.sedneva
* Fill users, roles and rights for RequestList model
*/
/**
* Initial script for create hd_user, ed_user, HealthDepartment and EducationDepartment roles, set rights for roles
* Used by ubcli initialize command
* @param {ServerSession} session
*/
module.exports = function(session){
var
desktopID, usersRoleID, folderID, lastID, conn = session.connection;
desktopID, usersRoleID, folderID, lastID, userID, conn = session.connection;
desktopID = conn.lookup('ubm_desktop', 'ID', {expression: 'code', condition: 'equal', values: {code: 'CityReq_desktop'}});
//hd_user and Health Department role
userID=conn.lookup('uba_user', 'ID',{expression: 'name', condition: 'equal', values: {code: 'hd_user'}});
if (!userID) {
console.info('\t\tcreate new `hd_user` user');
userID = conn.insert({
entity: 'uba_user',
fieldList: ['ID'],
execParams: {
name: 'hd_user',
firstName: 'hd',
lastName: 'user',
uPasswordHashHexa: nsha256('salt' + 'hduser')
}
});
}
usersRoleID = conn.lookup('uba_role', 'ID', {expression: 'name', condition: 'equal', values: {name: 'HealthDepartment'}});
if(!usersRoleID)
{
......@@ -17,17 +43,109 @@ console.info('\t\tcreate new `HealthDepartment` role');
});
}
if (desktopID) {
console.info('\t\tprovide rights for `CityReq_desktop` to HealthDepartment role');
console.info('\t\tadd hd_user to Health department role');
conn.insert({
entity: 'ubm_desktop_adm',
entity: 'uba_userrole',
execParams: {
userID: userID,
roleID: usersRoleID
}
});
desktopID = conn.lookup('ubm_desktop', 'ID', {expression: 'code', condition: 'equal', values: {code: 'CityReq_desktop'}});
if(desktopID){
console.info('\t\tprovide rights for `CityReq_desktop` to HealthDepartment role');
conn.insert({
entity: 'ubm_desktop_adm',
execParams: {
instanceID: desktopID,
admSubjID: usersRoleID
}
});
lastID=conn.lookup('ubm_navshortcut', 'ID',{expression: 'code', condition: 'equal', values: {code: 'req_reqList'}});
if(lastID){
console.info('\t\tprovide rights for `req_reqList` folder to HealthDepartment role');
conn.insert({
entity: 'ubm_navshortcut_adm',
execParams: {
instanceID: lastID,
admSubjID: usersRoleID
}
});
}
}
//entity level security
console.info('\t\tprovide rights for `req*` entities to HealthDepartment role');
conn.insert({
entity: 'uba_els',
execParams: {
code: 'READ_UPD_REQ_HD',
entityMask: 'req*',
methodMask: '[su]*',
ruleType: 'A',
ruleRole: 'HealthDepartment',
description: 'Read and update RequestList model'
}
});
//ed_user and Education Department role
userID=conn.lookup('uba_user', 'ID',{expression: 'name', condition: 'equal', values: {code: 'ed_user'}});
if (!userID) {
console.info('\t\tcreate new `ed_user` user');
userID = conn.insert({
entity: 'uba_user',
fieldList: ['ID'],
execParams: {
name: 'ed_user',
firstName: 'ed',
lastName: 'user',
uPasswordHashHexa: nsha256('salt' + 'eduser')
}
});
}
usersRoleID = conn.lookup('uba_role', 'ID', {expression: 'name', condition: 'equal', values: {name: 'EducationDepartment'}});
if(!usersRoleID)
{
console.info('\t\tcreate new `EducationDepartment` role');
usersRoleID = conn.insert({
entity: 'uba_role',
fieldList: ['ID'],
execParams: {
instanceID: desktopID,
admSubjID: usersRoleID
name: 'EducationDepartment',
description: 'Education department role'
}
});
}
console.info('\t\tadd ed_user to Education department role');
conn.insert({
entity: 'uba_userrole',
execParams: {
userID: userID,
roleID: usersRoleID
}
});
desktopID = conn.lookup('ubm_desktop', 'ID', {expression: 'code', condition: 'equal', values: {code: 'CityReq_desktop'}});
if(desktopID){
console.info('\t\tprovide rights for `CityReq_desktop` to HealthDepartment role');
conn.insert({
entity: 'ubm_desktop_adm',
execParams: {
instanceID: desktopID,
admSubjID: usersRoleID
}
});
lastID=conn.lookup('ubm_navshortcut', 'ID',{expression: 'code', condition: 'equal', values: {code: 'req_reqList'}});
if(lastID){
console.info('\t\tprovide rights for `req_reqList` folder to HealthDepartment role');
conn.insert({
entity: 'ubm_navshortcut_adm',
......@@ -36,9 +154,25 @@ console.info('\t\tprovide rights for `req_reqList` folder to HealthDepartment ro
admSubjID: usersRoleID
}
});
}
}
else{console.info('\t\tNOT provide rights for `CityReq_desktop` to HealthDepartment role');}
//entity level security
console.info('\t\tprovide rights for `req*` entities to EducationDepartment role');
conn.insert({
entity: 'uba_els',
execParams: {
code: 'READ_UPD_REQ_ED',
entityMask: 'req*',
methodMask: '[su]*',
ruleType: 'A',
ruleRole: 'EducationDepartment',
description: 'Read and update RequestList model'
}
});
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment