Update rbac.md

parent a8176e3c
......@@ -107,6 +107,11 @@ console.info('\t\tcreate new `HealthDepartment` role');
});
}
var checkUserInRole = conn.lookup('uba_userrole', 'ID',
conn.Repository('uba_userrole').where('userID', '=', userID).where('roleID', '=', usersRoleID).ubRequest().whereList
);
if(!checkUserInRole)
{
console.info('\t\tadd hd_user to Health department role');
conn.insert({
entity: 'uba_userrole',
......@@ -115,10 +120,15 @@ console.info('\t\tadd hd_user to Health department role');
roleID: usersRoleID
}
});
}
desktopID = conn.lookup('ubm_desktop', 'ID', {expression: 'code', condition: 'equal', values: {code: 'CityReq_desktop'}});
if(desktopID){
var checkRoleInDesktop = conn.lookup('ubm_desktop_adm', 'ID',
conn.Repository('ubm_desktop_adm').where('instanceID', '=', desktopID).where('admSubjID', '=', usersRoleID).ubRequest().whereList
);
if(!checkRoleInDesktop){
console.info('\t\tprovide rights for `CityReq_desktop` to HealthDepartment role');
conn.insert({
entity: 'ubm_desktop_adm',
......@@ -127,9 +137,14 @@ console.info('\t\tprovide rights for `CityReq_desktop` to HealthDepartment role'
admSubjID: usersRoleID
}
});
}
lastID=conn.lookup('ubm_navshortcut', 'ID',{expression: 'code', condition: 'equal', values: {code: 'req_reqList'}});
if(lastID){
var checkRoleInShortcut = conn.lookup('ubm_navshortcut_adm', 'ID',
conn.Repository('ubm_navshortcut_adm').where('instanceID', '=', lastID).where('admSubjID', '=', usersRoleID).ubRequest().whereList
);
if(!checkRoleInShortcut){
console.info('\t\tprovide rights for `req_reqList` shortcut to HealthDepartment role');
conn.insert({
entity: 'ubm_navshortcut_adm',
......@@ -139,11 +154,16 @@ console.info('\t\tprovide rights for `req_reqList` shortcut to HealthDepartment
}
});
}
}
}
//entity level security
var checkCodeEls = conn.lookup('uba_els', 'ID',
conn.Repository('uba_els').where('code', '=', 'READ_UPD_REQ_HD').ubRequest().whereList
);
if(!checkCodeEls){
console.info('\t\tprovide rights for `req*` entities to HealthDepartment role');
conn.insert({
entity: 'uba_els',
......@@ -152,13 +172,13 @@ console.info('\t\tprovide rights for `req*` entities to HealthDepartment role');
entityMask: 'req*',
methodMask: '[su]*',
ruleType: 'A',
ruleRole: 'HealthDepartment',
ruleRole: usersRoleID,
description: 'Read and update RequestList model'
}
});
}
}
```
Run the script with the `initialize` command
`ubcli initialize -u admin -p admin -host http://localhost:888 -m RequestList`
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment