CD Actual 8

home *** CD-ROM | disk | FTP | other *** search

/ CD Actual 8 / CDACTUAL8.iso / progs / ite / ite10d1.exe / DATA.Z / SECURITY.JS < prev next >

Wrap

Text File | 1996-09-07 | 65.6 KB | 1,614 lines

#define SM_PASSWORD "masterkey" #include <security.h> /****************************************************************************\ * * * Classname SecurityManager * * * * Purpose Security class for non-administrative purposes. Keeps track * * of one user. Allows login and querying of access privileges. * * * * Dependencies: * * * * The SecurityManager class needs access to two tables, SMENTITY and * * SMASSIGN. These files are found by using a BDE alias named * * SecurityManager. You must use the BDE Configuration Utility to create * * a Standard alias by this name that points to the directory containing * * these two tables. * * * * Additionally, SECURITY.H is located in the IntraBuilder\Include * * directory. * * * * Properties: * * * * classname - "SecurityManager" * * * * Methods: * * * * changeDescription( <new description> ) * * changePassword( <old>, <new> ) * * getCreated() // return date created * * getDescription() // return description * * getGroups() // return AssocArray of groups * * getLogin() // return date of last (current) login * * getPolicyValue( <policy name> ) // return policy value * * getResources() // return AssocArray of resources * * getUserName() // return user name * * hasAccessTo( <resource name> ) // return true/false * * isMemberOf( <group name> ) // return true/false * * login( <user name>, <password> ) * * * * Exceptions thrown: * * * * Constructor and methods may throw exceptions of class SmException. * * Calls to this class should be made within a try block. Security * * specific exceptions can be caught as SmException objects. See example. * * * * Example: * * * * #include "security.h" // defines SmException code values * * try { * * var x = new SecurityManager(); * * x.login("sysdba","masterkey"); * * } * * catch (SmException e) { * * alert( "A security error has occured (" + e.code + ")" ); * * } * * * * Updated 8/27/96 by IntraBuilder Samples Group * * $Revision: 1.3 $ * * * * Copyright (c) 1996, Borland International, Inc. All rights reserved. * * * \****************************************************************************/ class SecurityManager { this.classname = "SecurityManager"; // // The _policy property is the same for all users // this._policy = new AssocArray(); // // User specific properties. Set in login() method. // this._created = null; this._description = null; this._group = new Array(); this._login = null; this._resource = new Array(); this._username = null; // // Check to see if the SecurityManager alias exists // this._session = new Session(); this._database = new Database(); this._database.session = this._session; this._database.databaseName = SM_DATABASE_ALIAS; this._database.session.addPassword( SM_PASSWORD ); try { this._database.active = true; } catch (Exception e) { throw new SmException(SM_ERROR_BDE_ALIAS_MISSING); } // store the policies to the _policy array var tPolicy = new Query(); tPolicy.database = this._database; tPolicy.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_POLICY ; tPolicy.active = true; var rs = tPolicy.rowset; while (!rs.endOfSet) { this._policy[rs.fields["Entity Name"].value] = ( rs.fields["Policy Boolean"].value ? (rs.fields["Policy Value"].value != 0) : (rs.fields["Policy Value"].value) ); rs.next(); } function changePassword(oldPass, newPass) { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); // check that the parameters are valid if (oldPass == null) throw new SmException(SM_ERROR_INVALID_PASSWORD); if (newPass == null) throw new SmException(SM_ERROR_INVALID_PASSWORD); // new password must meet min/max policy requirements if (newPass.length < this.getPolicyValue("PASSMIN")) throw new SmException(SM_ERROR_PASSWORD_TOO_SHORT); if (newPass.length > this.getPolicyValue("PASSMAX")) throw new SmException(SM_ERROR_PASSWORD_TOO_LONG); // find this user in the smentity table var tUser = new Query(); tUser.database = this._database; tUser.sql = 'select * from smentity sm where sm."Entity Name" = "' + this._username + '" and sm."Entity Type" = ' + SM_ENTITY_USER ; tUser.active = true; var fld = tUser.rowset.fields; // // Look for various error conditions // // username not found if (tUser.rowset.endOfSet) throw new SmException(SM_ERROR_INVALID_USERNAME); // user account is currently disabled if (fld["User Disabled"].value) throw new SmException(SM_ERROR_LOGIN_DISABLED); // invalid password if ((this.getPolicyValue('CASE') && fld["User Password"].value != oldPass) || (!this.getPolicyValue('CASE') && fld["User Password"].value.toUpperCase() != oldPass.toUpperCase())) throw new SmException(SM_ERROR_INVALID_PASSWORD); // OK, write the new password fld["User Password"].value = newPass; tUser.rowset.save(); return (true); } function changeDescription( newDescription ) { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); // find this user in the smentity table var tUser = new Query(); tUser.database = this._database; tUser.sql = 'select * from smentity sm where sm."Entity Name" = "' + this._username + '" and sm."Entity Type" = ' + SM_ENTITY_USER ; tUser.active = true; var fld = tUser.rowset.fields; // // Look for various error conditions // // username not found if (tUser.rowset.endOfSet) throw new SmException(SM_ERROR_INVALID_USERNAME); // user account is currently disabled if (fld["User Disabled"].value) throw new SmException(SM_ERROR_LOGIN_DISABLED); // OK, write the new description fld["Description"].value = ("" + newDescription); tUser.rowset.save(); this._description = ("" + newDescription); return (true); } function getCreated() { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return this._created; } function getDescription() { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return this._description; } function getGroups() { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return this._group; } function getLogin() { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return this._login; } function getPolicyValue( policyName ) { return (this._policy.isKey(policyName) ? this._policy[policyName] : null); } function getResources() { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return this._resource; } function getUserName() { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return this._username; } function hasAccessTo( resourceName ) { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return (this._resource.isKey(resourceName.toUpperCase())); } function isMemberOf( groupName ) { // make sure there is a current user if (this._username == null) throw new SmException(SM_ERROR_NOT_LOGGED_IN); return (this._group.isKey(groupName.toUpperCase())); } function login(name, password) { // reset the user information this._admin = false; this._created = null; this._description = null; this._group = new AssocArray(); this._login = null; this._resource = new AssocArray(); this._username = null; // check that the parameters are valid if (name == null) throw new SmException(SM_ERROR_INVALID_USERNAME); if (password == null) throw new SmException(SM_ERROR_INVALID_PASSWORD); // convert username to uppercase var username = name.toUpperCase(); // find this user in the smentity table var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity sm where sm."Entity Name" = "' + username + '" and sm."Entity Type" = ' + SM_ENTITY_USER ; tEntity.active = true; var fld = tEntity.rowset.fields; // // Look for various error conditions // // username not found if (tEntity.rowset.endOfSet) throw new SmException(SM_ERROR_INVALID_USERNAME); // user account is currently disabled if (fld["User Disabled"].value) throw new SmException(SM_ERROR_LOGIN_DISABLED); // user account is locked out if (fld["User Lockout"].value) { // see if autoreset is allowed if (this.getPolicyValue('AUTORESET')) { // if autoreset is allowed, then see if necessary time has elapsed var loDate = new Date("" + fld["User Lockout Time"].value); var resetDate = new Date(loDate.getTime()+(60000*this.getPolicyValue("LOMINUTES"))); var nowDate = new Date(); if (nowDate.getTime() > resetDate.getTime()) { // reset time has expired, clear all the lockout flags fld["User Lockout"].value = false; fld["User Lockout Count"].value = 0; fld["User Lockout Time"].value = null; tEntity.rowset.save(); } } } // check lockout again (it may have been reset above) if (fld["User Lockout"].value) throw new SmException(SM_ERROR_LOGIN_LOCKOUT); // All that's left now is the password. Either say, we need to update // the lockout information if the lockout policy is in use. var locount = this.getPolicyValue("LOCOUNT"); // invalid password if ((this.getPolicyValue('CASE') && fld["User Password"].value != password) || (!this.getPolicyValue('CASE') && fld["User Password"].value.toUpperCase() != password.toUpperCase())) { // If the lockout policy is in use, set the lockout flags for this user. if (locount > 0) { // see if old data is still relevant var loDate = new Date("" + fld["User Lockout Time"].value); var resetDate = new Date(loDate.getTime()+(60000*this.getPolicyValue("LOMINUTES"))); var nowDate = new Date(); if (nowDate.getTime() > resetDate.getTime()) fld["User Lockout Count"].value = 1; else fld["User Lockout Count"].value += 1; fld["User Lockout Time"].value = new Date(); if (fld["User Lockout Count"].value >= locount) fld["User Lockout"].value = true; tEntity.rowset.save(); } throw new SmException(SM_ERROR_INVALID_PASSWORD); } // Successful login. Set login info. // Reset lockout info if lockout policy is in use. if (locount > 0 && fld["User Lockout Count"].value > 0) { // clear old error information fld["User Lockout"].value = false; fld["User Lockout Count"].value = 0; fld["User Lockout Time"].value = null; } fld["User Login"].value = new Date(); tEntity.rowset.save(); // // If no error of any kind have occured, then set the user values. // this._created = fld["Created"].value; this._description = fld["Description"].value; this._login = fld["User Login"].value; this._username = fld["Entity Name"].value; // get the group list var tAssign = new Query(); tAssign.database = this._database; // Use tEntity for group descriptions tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_GROUP ; tEntity.active = true; // Get the group list first tAssign.sql='select * from smassign sm where sm."Child" = "' + username+'" and sm."Assign Type"='+ SM_ASSIGN_GROUP_USER; var fldAssign = tAssign.rowset.fields; tAssign.active = true; while (! tAssign.rowset.endOfSet) { if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + fldAssign["Parent"].value + "'")) this._group[fldAssign["Parent"].value] = fld["Description"].value; tAssign.rowset.next(); } // now use tEntity for resource descriptions tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_RESOURCE ; tEntity.active = true; // Get the resource list for this user tAssign.sql='select * from smassign sm where sm."Child" = "' + username+'" and sm."Assign Type"='+ SM_ASSIGN_RESOURCE_USER; tAssign.active = true; while (! tAssign.rowset.endOfSet) { if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + fldAssign["Parent"].value + "'")) this._resource[fldAssign["Parent"].value] = fld["Description"].value; tAssign.rowset.next(); } // get the resource list for group assignments tAssign.sql='select * from smassign sm where sm."Assign Type"=' + SM_ASSIGN_RESOURCE_GROUP; tAssign.active = true; var i=0; var group=""; for (i=0; i<this._group.count(); i++) { group = ( i==0 ) ? this._group.firstKey : this._group.nextKey(group); tAssign.rowset.filter = "Child='" + group + "'"; tAssign.rowset.first(); while (!tAssign.rowset.endOfSet) { if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + fldAssign["Parent"].value + "'")) this._resource[fldAssign["Parent"].value] = fld["Description"].value; tAssign.rowset.next(); } } // set the administrator flag if this user is // a member of the administrators group this._admin = this.isMemberOf('ADMINISTRATORS'); return (true); } } /***************************************************************************\ * * * Classname SecurityManagerAdmin * * * * Purpose Subclass of SecurityManager with additional methods for * * security system administration. * * * * Properties: * * * * classname - "SecurityManagerAdmin" * * * * Additional Methods * * * * assignResourceGroup( <resource name>, <group name> ) * * assignResourceUser( <resource name>, <user name> ) * * assignGroupUser( <group name>, <user name> ) * * createGroup( <SmGroup object> ) // see getGroupObject() * * createPolicy( <SmPolicy object> ) // see getPolicyObject() * * createResource( <SmResource object> ) // see getResourceObject() * * createUser( <SmUser object> ) // see getUserObject() * * deleteGroup( <group name> ) * * deletePolicy( <policy name> ) * * deleteResource( <resource name> ) * * deleteUser( <user name> ) * * getAllGroups( [<related name>, <related type>] ) //returns AssocArray * * getAllPolicies() //returns AssocArray * * getAllResources( [<related name>, related type>] ) //returns AssocArray * * getAllUsers( [<related name>, related type>] ) //returns AssocArray * * getGroupObject( [<group name>] ) //returns SmGroup object * * getPolicyObject( [<policy name>] ) //returns SmPolicy object * * getResourceObject( [<resource name>] ) //returns SmResource object * * getUserObject( [<user name>] ) //returns SmUser object * * unassignResourceGroup( <resource name>, <group name> ) * * unassignResourceUser( <resource name>, <user name> ) * * unassignGroupUser( <group name>, <user name> ) * * updateGroup( <SmGroup object> ) // see getGroupObject() * * updatePolicy( <SmPolicy object> ) // see getPolicyObject() * * updateResource( <SmResource object> ) // see getResourceObject() * * updateUser( <SmUser object> ) // see getUserObject() * * * * Unless otherwise indicated above, methods that complete successfully * * return a true value. Methods that do not complete successfully, throw * * an exception of class SmException. See example. * * * * The getAllXxxxx methods take two optional parameters. Without these * * parameters an array is returned that contains all of the requested * * entities. If the two parameters are passed, then the array contains * * only those entities that are related to the parameters. For instance * * you can retrieve a list of users who are members of a group named * * "administrators" with this call: * * * * var x = getAllUsers( "Administrators", SM_ENTITY_GROUP ) * * * * The second parameter defines the type of the first. In this case it * * is a group. The entity types are defined in SECURITY.H. The are: * * * * SM_ENTITY_GROUP * * SM_ENTITY_POLICY * * SM_ENTITY_RESOURCE * * SM_ENTITY_USER * * * * The getXxxxxObject methods return an object of the specified type. * * This object's properties can then be queried or set. The objects * * can then be passed to the createXxxxx and updateXxxxx methods. The * * members of the different objects are: * * * * SmGroup.created // date create (read only) * * SmGroup.description // up to 80 characters * * SmGroup.name // up to 20 characters * * * * SmPolicy.boolean // true if value is boolean, false if numeric * * SmPolicy.created * * SmPolicy.description * * SmPolicy.name * * SmPolicy.value // boolean or numeric value * * * * SmResource.created * * SmResource.description * * SmResource.name * * * * SmUser.created * * SmUser.description * * SmUser.disabled // boolean * * SmUser.login // date of last successful login (read only) * * SmUser.lockout // boolean * * SmUser.name * * SmUser.password // getUserObject() sets this to null * * * \***************************************************************************/ class SecurityManagerAdmin extends SecurityManager { this.classname = "SecurityManagerAdmin"; this._admin = false; function assignGroupUser(groupName, userName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (groupName == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); if (userName == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert names to uppercase var gName = groupName.toUpperCase(); var uName = userName.toUpperCase(); // confirm these are real names var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // check for duplicate assignment var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; if (!tAssign.rowset.applyLocate("Parent = '" + gName + "' and Child = '" + uName + "' and " + '"Assign Type" = ' + SM_ASSIGN_GROUP_USER)) { tAssign.rowset.beginAppend(); tAssign.rowset.fields["Parent"].value = gName; tAssign.rowset.fields["Child"].value = uName; tAssign.rowset.fields["Assign Type"].value = SM_ASSIGN_GROUP_USER; tAssign.rowset.save(); } return (true); } function assignResourceGroup(resourceName, groupName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (resourceName == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (groupName == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // convert names to uppercase var rName = resourceName.toUpperCase(); var gName = groupName.toUpperCase(); // confirm these are real names var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // check for duplicate assignment var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; if (!tAssign.rowset.applyLocate("Parent = '" + rName + "' and Child = '" + gName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_GROUP)) { tAssign.rowset.beginAppend(); tAssign.rowset.fields["Parent"].value = rName; tAssign.rowset.fields["Child"].value = gName; tAssign.rowset.fields["Assign Type"].value = SM_ASSIGN_RESOURCE_GROUP; tAssign.rowset.save(); } return (true); } function assignResourceUser(resourceName, userName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (resourceName == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (userName == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert names to uppercase var rName = resourceName.toUpperCase(); var uName = userName.toUpperCase(); // confirm these are real names var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // check for duplicate assignment var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; if (!tAssign.rowset.applyLocate("Parent = '" + rName + "' and Child = '" + uName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_USER)) { tAssign.rowset.beginAppend(); tAssign.rowset.fields["Parent"].value = rName; tAssign.rowset.fields["Child"].value = uName; tAssign.rowset.fields["Assign Type"].value = SM_ASSIGN_RESOURCE_USER; tAssign.rowset.save(); } return (true); } function createGroup(newGroup) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (newGroup.name == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // convert group name to uppercase gName = newGroup.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on duplicate record if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_DUPLICATE_GROUPNAME); // add this new group tEntity.rowset.beginAppend(); tEntity.rowset.fields["Created"].value = new Date(); tEntity.rowset.fields["Description"].value = newGroup.description; tEntity.rowset.fields["Entity Name"].value = gName; tEntity.rowset.fields["Entity Type"].value = SM_ENTITY_GROUP; tEntity.rowset.save(); return (true); } function createPolicy(newPolicy) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (newPolicy.name == null) throw new SmException(SM_ERROR_INVALID_POLICYNAME); // convert policy name to uppercase pName = newPolicy.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on duplicate record if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + pName + "'" + ' and "Entity Type" = ' + SM_ENTITY_POLICY)) throw new SmException(SM_ERROR_DUPLICATE_POLICYNAME); // add this new policy tEntity.rowset.beginAppend(); tEntity.rowset.fields["Created"].value = new Date(); tEntity.rowset.fields["Description"].value = newPolicy.description; tEntity.rowset.fields["Entity Name"].value = pName; tEntity.rowset.fields["Entity Type"].value = SM_ENTITY_POLICY; tEntity.rowset.fields["Policy Boolean"].value = newPolicy.boolean; tEntity.rowset.fields["Policy Value"].value = (newPolicy.boolean ? (newPolicy.value ? 1 : 0) : newPolicy.value); tEntity.rowset.save(); return (true); } function createResource(newResource) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (newResource.name == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); // convert resource name to uppercase rName = newResource.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity' tEntity.active = true; // throw exception on duplicate record if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_DUPLICATE_RESOURCENAME); // add this new resource tEntity.rowset.beginAppend(); tEntity.rowset.fields["Created"].value = new Date(); tEntity.rowset.fields["Entity Name"].value = rName; tEntity.rowset.fields["Entity Type"].value = SM_ENTITY_RESOURCE; tEntity.rowset.fields["Description"].value = newResource.description; tEntity.rowset.save(); return (true); } function createUser(newUser) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (newUser.name == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert user name to uppercase uName = newUser.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on duplicate record if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_DUPLICATE_USERNAME); // add this new user tEntity.rowset.beginAppend(); tEntity.rowset.fields["Created"].value = new Date(); tEntity.rowset.fields["Entity Name"].value = uName; tEntity.rowset.fields["Description"].value = newUser.description; tEntity.rowset.fields["User Password"].value = newUser.password; tEntity.rowset.fields["User Disabled"].value = newUser.disabled; tEntity.rowset.fields["User Lockout"].value = newUser.lockout; tEntity.rowset.fields["Entity Type"].value = SM_ENTITY_USER; tEntity.rowset.save(); return (true); } function deleteGroup(groupName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (groupName == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // convert name to uppercase var gName = groupName.toUpperCase(); // see if the group exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // See if this entity is locked if (tEntity.rowset.fields["Entity Lock"].value) throw new SmException(SM_ERROR_CAN_NOT_DELETE_SYSTEM_ENTITY); // OK, delete this group and all user/resource assignments tEntity.database.beginTrans(); try { tEntity.rowset.delete(); var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; // delete user assignments while (tAssign.rowset.applyLocate("Parent = '" + gName + "' and " + '"Assign Type" = ' + SM_ASSIGN_GROUP_USER)) tAssign.rowset.delete(); // delete resource assignments while (tAssign.rowset.applyLocate("Child = '" + gName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_GROUP)) tAssign.rowset.delete(); // commit the deletes tEntity.database.commit(); } catch (Exception e) { tEntity.database.rollback(); throw e; } return (true); } function deletePolicy(policyName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (policyName == null) throw new SmException(SM_ERROR_INVALID_POLICYNAME); // convert name to uppercase var pName = policyName.toUpperCase(); // see if the resource exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + pName + "'" + ' and "Entity Type" = ' + SM_ENTITY_POLICY)) throw new SmException(SM_ERROR_INVALID_POLICYNAME); // See if this entity is locked if (tEntity.rowset.fields["Entity Lock"].value) throw new SmException(SM_ERROR_CAN_NOT_DELETE_SYSTEM_ENTITY); // OK, delete this policy and all user/resource assignments tEntity.database.beginTrans(); try { tEntity.rowset.delete(); // commit the delete tEntity.database.commit(); } catch (Exception e) { tEntity.database.rollback(); throw e; } return (true); } function deleteResource(resourceName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (resourceName == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); // convert name to uppercase var rName = resourceName.toUpperCase(); // see if the resource exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); // See if this entity is locked if (tEntity.rowset.fields["Entity Lock"].value) throw new SmException(SM_ERROR_CAN_NOT_DELETE_SYSTEM_ENTITY); // OK, delete this resource and all group/user assignments tEntity.database.beginTrans(); try { tEntity.rowset.delete(); var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; // delete group assignments while (tAssign.rowset.applyLocate("Parent = '" + rName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_GROUP)) tAssign.rowset.delete(); // delete user assignments while (tAssign.rowset.applyLocate("Parent = '" + rName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_USER)) tAssign.rowset.delete(); // commit the deletes tEntity.database.commit(); } catch (Exception e) { tEntity.database.rollback(); throw e; } return (true); } function deleteUser(userName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (userName == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert names to uppercase var uName = userName.toUpperCase(); // can't delete current user if (uName == this._username) throw new SmException(SM_ERROR_CAN_NOT_DELETE_CURRENT_USER); // see if the user exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // See if this entity is locked if (tEntity.rowset.fields["Entity Lock"].value) throw new SmException(SM_ERROR_CAN_NOT_DELETE_SYSTEM_ENTITY); // OK, delete this user and all group/resource assignments tEntity.database.beginTrans(); try { tEntity.rowset.delete(); var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; // delete group assignments while (tAssign.rowset.applyLocate("Child = '" + uName + "' and " + '"Assign Type" = ' + SM_ASSIGN_GROUP_USER)) tAssign.rowset.delete(); // delete resource assignments while (tAssign.rowset.applyLocate("Child = '" + uName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_USER)) tAssign.rowset.delete(); // commit the deletes tEntity.database.commit(); } catch (Exception e) { tEntity.database.rollback(); throw e; } return (true); } function getAllGroups(entityName, entityType) { var eArray = new AssocArray(); // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); // see if the group list is filtered if (("" + entityType) == "false") { // no second param, throw exception if only one parameter passed if ("" + entityName != "false") throw new SmException(SM_ERROR_INVALID_ENTITY_TYPE); // No filter, return all groups var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_GROUP ; tEntity.active = true; while (!tEntity.rowset.endOfSet) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; tEntity.rowset.next(); } } else { // convert to upper case var eName = entityName.toUpperCase(); // store error code in case needed switch (entityType) { case SM_ENTITY_USER: var errorInvalid = SM_ERROR_INVALID_USERNAME; var sql = "sm.Child = '" + eName + "'" + ' and sm."Assign Type" = ' + SM_ASSIGN_GROUP_USER; break; case SM_ENTITY_RESOURCE: var errorInvalid = SM_ERROR_INVALID_RESOURCENAME; var sql = "sm.Parent = '" + eName + "'" + ' and sm."Assign Type" = ' + SM_ASSIGN_RESOURCE_GROUP; break; default: throw new SmException(SM_ERROR_INVALID_ENTITY_TYPE); } // passed an entity name/type pair, restrict list to this entity if (entityName == null) throw new SmException(errorInvalid); // see if entity exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + entityType)) throw new SmException(errorInvalid); // now use tEntity to lookup description tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_GROUP ; tEntity.active = true; // find the group assignments var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign sm where ' + sql; tAssign.active = true; while (!tAssign.rowset.endOfSet) { if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + ((entityType == SM_ENTITY_USER) ? tAssign.rowset.fields['Parent'].value : tAssign.rowset.fields['Child'].value) + "'")) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; } tAssign.rowset.next(); } } return (eArray); } function getAllPolicies() { var eArray = new AssocArray(); // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); // view just the current policy entries var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_POLICY ; tEntity.active = true; // store policies to pArray while (!tEntity.rowset.endOfSet) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; tEntity.rowset.next(); } return (eArray); } function getAllResources(entityName, entityType) { var eArray = new AssocArray(); // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); // see if the resource list is filtered if (("" + entityType) == "false") { // no second param, throw exception if only one parameter passed if ("" + entityName != "false") throw new SmException(SM_ERROR_INVALID_ENTITY_TYPE); // No filter, return all resources var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_RESOURCE ; tEntity.active = true; while (!tEntity.rowset.endOfSet) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; tEntity.rowset.next(); } } else { // convert to upper case var eName = entityName.toUpperCase(); // store error code in case needed switch (entityType) { case SM_ENTITY_USER: var errorInvalid = SM_ERROR_INVALID_USERNAME; var sql = "sm.Child = '" + eName + "'" + ' and sm."Assign Type" = ' + SM_ASSIGN_RESOURCE_USER; break; case SM_ENTITY_GROUP: var errorInvalid = SM_ERROR_INVALID_GROUPNAME; var sql = "sm.Child = '" + eName + "'" + ' and sm."Assign Type" = ' + SM_ASSIGN_RESOURCE_GROUP; break; default: throw new SmException(SM_ERROR_INVALID_ENTITY_TYPE); } // passed an entity name/type pair, restrict list to this entity if (entityName == null) throw new SmException(errorInvalid); // see if entity exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + entityType)) throw new SmException(errorInvalid); // now use tEntity to lookup description tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_RESOURCE ; tEntity.active = true; // find the resource assignments var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign sm where ' + sql; tAssign.active = true; while (!tAssign.rowset.endOfSet) { // When looking for resource pairs, the resource // name is always the parent if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + tAssign.rowset.fields['Parent'].value + "'")) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; } tAssign.rowset.next(); } } return (eArray); } function getAllUsers(entityName, entityType) { var eArray = new AssocArray(); // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); // see if the user list is filtered if (("" + entityType) == "false") { // no second param, throw exception if only one parameter passed if ("" + entityName != "false") throw new SmException(SM_ERROR_INVALID_ENTITY_TYPE); // No filter, return all users var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_USER ; tEntity.active = true; while (!tEntity.rowset.endOfSet) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; tEntity.rowset.next(); } } else { // convert to upper case var eName = entityName.toUpperCase(); // store error code in case needed switch (entityType) { case SM_ENTITY_RESOURCE: var errorInvalid = SM_ERROR_INVALID_RESOURCENAME; var sql = "sm.Parent = '" + eName + "'" + ' and sm."Assign Type" = ' + SM_ASSIGN_RESOURCE_USER; break; case SM_ENTITY_GROUP: var errorInvalid = SM_ERROR_INVALID_GROUPNAME; var sql = "sm.Parent = '" + eName + "'" + ' and sm."Assign Type" = ' + SM_ASSIGN_GROUP_USER; break; default: throw new SmException(SM_ERROR_INVALID_ENTITY_TYPE); } // passed an entity name/type pair, restrict list to this entity if (entityName == null) throw new SmException(errorInvalid); // see if entity exists var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + entityType)) throw new SmException(errorInvalid); // now use tEntity to lookup description tEntity.sql = 'select * from smentity sm where sm."Entity Type" = ' + SM_ENTITY_USER ; tEntity.active = true; // find the user assignments var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign sm where ' + sql; tAssign.active = true; while (!tAssign.rowset.endOfSet) { // When looking for user pairs, the user // name is always the child if (tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + tAssign.rowset.fields['Child'].value + "'")) { eArray[tEntity.rowset.fields["Entity Name"].value] = tEntity.rowset.fields["Description"].value; } tAssign.rowset.next(); } } return (eArray); } function getGroupObject( entityName ) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); var entityObj = new SmGroup(); // see if parameter passed if (("" + entityName) != "false") { // convert name to uppercase eName = entityName.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // set properties of object for this entity entityObj.created = tEntity.rowset.fields["Created"].value; entityObj.description = tEntity.rowset.fields["Description"].value; entityObj.name = tEntity.rowset.fields["Entity Name"].value; } return (entityObj); } function getPolicyObject( entityName ) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); var entityObj = new SmPolicy(); // see if parameter passed if (("" + entityName) != "false") { // convert name to uppercase eName = entityName.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + SM_ENTITY_POLICY)) throw new SmException(SM_ERROR_INVALID_POLICYNAME); // set properties of object for this entity entityObj.boolean = tEntity.rowset.fields["Policy Boolean"].value; entityObj.created = tEntity.rowset.fields["Created"].value; entityObj.description = tEntity.rowset.fields["Description"].value; entityObj.name = tEntity.rowset.fields["Entity Name"].value; entityObj.value = (entityObj.boolean ? (tEntity.rowset.fields["Policy Value"].value != 0) : tEntity.rowset.fields["Policy Value"].value); } return (entityObj); } function getResourceObject( entityName ) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); var entityObj = new SmResource(); // see if parameter passed if (("" + entityName) != "false") { // convert name to uppercase eName = entityName.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); // set properties of object for this entity entityObj.created = tEntity.rowset.fields["Created"].value; entityObj.description = tEntity.rowset.fields["Description"].value; entityObj.name = tEntity.rowset.fields["Entity Name"].value; } return (entityObj); } function getUserObject( entityName ) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); var entityObj = new SmUser(); // see if parameter passed if (("" + entityName) != "false") { // convert name to uppercase eName = entityName.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + eName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // set properties of object for this entity entityObj.created = tEntity.rowset.fields["Created"].value; entityObj.description = tEntity.rowset.fields["Description"].value; entityObj.disabled = tEntity.rowset.fields["User Disabled"].value; entityObj.login = tEntity.rowset.fields["User Login"].value; entityObj.lockout = tEntity.rowset.fields["User Lockout"].value; entityObj.name = tEntity.rowset.fields["Entity Name"].value; entityObj.password = null; } return (entityObj); } function unassignGroupUser(groupName, userName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (groupName == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); if (userName == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert names to uppercase var gName = groupName.toUpperCase(); var uName = userName.toUpperCase(); // confirm these are real names var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // check for current assignment var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; if (tAssign.rowset.applyLocate("Parent = '" + gName + "' and Child = '" + uName + "' and " + '"Assign Type" = ' + SM_ASSIGN_GROUP_USER)) { tAssign.rowset.delete(); } return (true); } function unassignResourceGroup(resourceName, groupName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (resourceName == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (groupName == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // convert names to uppercase var rName = resourceName.toUpperCase(); var gName = groupName.toUpperCase(); // confirm these are real names var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // check for current assignment var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; if (tAssign.rowset.applyLocate("Parent = '" + rName + "' and Child = '" + gName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_GROUP)) { tAssign.rowset.delete(); } return (true); } function unassignResourceUser(resourceName, userName) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (resourceName == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (userName == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert names to uppercase var rName = resourceName.toUpperCase(); var uName = userName.toUpperCase(); // confirm these are real names var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // check for current assignment var tAssign = new Query(); tAssign.database = this._database; tAssign.sql = 'select * from smassign'; tAssign.active = true; if (tAssign.rowset.applyLocate("Parent = '" + rName + "' and Child = '" + uName + "' and " + '"Assign Type" = ' + SM_ASSIGN_RESOURCE_USER)) { tAssign.rowset.delete(); } return (true); } function updateGroup(group) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (group.name == null) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // convert group name to uppercase gName = group.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + gName + "'" + ' and "Entity Type" = ' + SM_ENTITY_GROUP)) throw new SmException(SM_ERROR_INVALID_GROUPNAME); // update this group tEntity.rowset.fields["Description"].value = group.description; tEntity.rowset.save(); return (true); } function updatePolicy(policy) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (policy.name == null) throw new SmException(SM_ERROR_INVALID_POLICYNAME); // convert policy name to uppercase pName = policy.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + pName + "'" + ' and "Entity Type" = ' + SM_ENTITY_POLICY)) throw new SmException(SM_ERROR_INVALID_POLICYNAME); // See if changing type of locked policy if (tEntity.rowset.fields["Entity Lock"].value && (policy.boolean != tEntity.rowset.fields["Policy Boolean"].value)) throw new SmException(SM_ERROR_CAN_NOT_CHANGE_SYSTEM_ENTITY_TYPE); // update this policy tEntity.rowset.fields["Description"].value = policy.description; if (policy.boolean != null) tEntity.rowset.fields["Policy Boolean"].value = policy.boolean; if (policy.value != null) tEntity.rowset.fields["Policy Value"].value = (policy.boolean ? (policy.value ? 1 : 0 ) : policy.value); tEntity.rowset.save(); return (true); } function updateResource(resource) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (resource.name == null) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); // convert resource name to uppercase rName = resource.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity' tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + rName + "'" + ' and "Entity Type" = ' + SM_ENTITY_RESOURCE)) throw new SmException(SM_ERROR_INVALID_RESOURCENAME); // update this resource tEntity.rowset.fields["Description"].value = resource.description; tEntity.rowset.save(); return (true); } function updateUser(user) { // check for error conditions if (!this._admin) throw new SmException(SM_ERROR_INSUFFICIENT_RIGHTS); if (user.name == null) throw new SmException(SM_ERROR_INVALID_USERNAME); // convert user name to uppercase uName = user.name.toUpperCase(); var tEntity = new Query(); tEntity.database = this._database; tEntity.sql = 'select * from smentity'; tEntity.active = true; // throw exception on missing record if (!tEntity.rowset.applyLocate('"Entity Name" = ' + "'" + uName + "'" + ' and "Entity Type" = ' + SM_ENTITY_USER)) throw new SmException(SM_ERROR_INVALID_USERNAME); // update this user tEntity.rowset.fields["Description"].value = user.description; tEntity.rowset.fields["User Disabled"].value = user.disabled; tEntity.rowset.fields["User Lockout"].value = user.lockout; if (user.password != null) tEntity.rowset.fields["User Password"].value = user.password; tEntity.rowset.save(); return (true); } } class SmGroup { this.created = null; this.description = null; this.name = null; } class SmPolicy { this.boolean = null; this.created = null; this.description = null; this.name = null; this.value = null; } class SmResource { this.created = null; this.description = null; this.name = null; } class SmUser { this.created = null; this.description = null; this.disabled = null; this.login = null; this.lockout = null; this.name = null; this.password = null; } class SmException(code) extends Exception { this.code = code; this.message = "Security Manager Error"; }