Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Event request] Page "Permission Sets" (ID 9802) - OnBeforeImportPermissionSets #22221

Open
Martin-Wagner-AX opened this issue Feb 22, 2023 · 0 comments
Open

[Event request] Page "Permission Sets" (ID 9802) - OnBeforeImportPermissionSets #22221

Martin-Wagner-AX opened this issue Feb 22, 2023 · 0 comments
Labels
event-request Request for adding an event Integration GitHub request for Integration area

Comments

@Martin-Wagner-AX
Copy link

Martin-Wagner-AX commented Feb 22, 2023
edited by azure-boards bot
Loading

Hello,

when importing permission sets it??s only possible to add or "merge" permissions to existing ones.
You do not have a change to delete existing permission when you are importing reduced permission sets.
For this case we need an event "OnBeforeImportPermissionSets" to check the import file if there are permission sets included in importfile which still exist, perform a user request "should existing permissions to be deleted before import starts", if yes deletes existing permissions for all permission sets in importfile and then go on with normal import.

The function for the event should called in action "ImportPermissionSets" and handled pattern should avoid a second user request.

            action(ImportPermissionSets)
            {
                ApplicationArea = Basic, Suite;
                Caption = 'Import Permission Sets';
                Enabled = CanManageUsersOnTenant;
                Image = Import;
                ToolTip = 'Import a file with permissions.';

                trigger OnAction()
                var
                    NSYSPermissionMgt: Codeunit "IAX NSYS Permission Mgt.";
                    PermissionSetBuffer: Record "Permission Set Buffer";
                    TempBlob: Codeunit "Temp Blob";
                    ImportPermissionSets: XmlPort "Import Permission Sets";
#if not CLEAN21
                    ImportTenantPermissionSets: XmlPort "Import Tenant Permission Sets";
#endif
                    FileName: Text;
                    InStream: InStream;
                    OutStream: OutStream;
                    UpdateExistingPermissions: Boolean;
                    Handled: Boolean;
                begin
                    UploadIntoStream('Import', '', '', FileName, InStream);
                    TempBlob.CreateOutStream(OutStream);
                    CopyStream(OutStream, InStream);

                    TempBlob.CreateInStream(InStream);
                    OnBeforeImportPermissionSets(TempBlob, UpdateExistingPermissions, Handled);
                    if not Handled then
                        UpdateExistingPermissions := Confirm(UpdateExistingPermissionsLbl, true);
#if not CLEAN21
                    if IsImportNewVersion(InStream) then begin
                        ImportPermissionSets.SetSource(InStream);
                        ImportPermissionSets.SetUpdatePermissions(UpdateExistingPermissions);
                        ImportPermissionSets.Import();
                    end else begin
                        ImportTenantPermissionSets.SetSource(InStream);
                        ImportTenantPermissionSets.SetUpdatePermissions(UpdateExistingPermissions);
                        ImportTenantPermissionSets.Import();

The event should include the following parameters.

    [IntegrationEvent(false, false)]
    local procedure OnBeforeImportPermissionSets(TempBlob: Codeunit "Temp Blob"; var UpdateExistingPermissions: Boolean; var Handled: Boolean)
    begin
    end;

Our user loves this function - so perhaps you can ask to include this function in standard instead of a new event...

    local procedure CheckImportFileForImportPermissionSets(TempBlob: Codeunit "Temp Blob")
    var
        AppID: Text;
        BeginText: Label 'PermissionSet AppID="';
        BeginTextPos: Integer;
        DeleteExistingUserGroupPermissionSets: Label 'The existing permission sets are updated. Should the existing access rights of the permission sets to be imported also be deleted before the import?';
        EndText: Label '" RoleName="';
        EndTextPos: Integer;
        InStr: InStream;
        MiddleText: Label '" RoleID="';
        MiddleTextPos: Integer;
        NullGuid: Guid;
        Number: Integer;
        RoleID: Text;
        TenantPermission: Record "Tenant Permission";
        TextTemp: Text;
        TextWork: Text;
        UserQuestionPerformed: Boolean;
    begin
        if not TempBlob.HasValue() then
            exit;

        TextWork := '';
        TempBlob.CreateInStream(InStr);
        while not (InStr.EOS) do begin
            Number := InStr.ReadText(TextTemp);
            TextWork := TextWork + TextTemp;
            EndTextPos := StrPos(TextWork, EndText);
            if EndTextPos <> 0 then begin
                MiddleTextPos := StrPos(TextWork, MiddleText);
                if MiddleTextPos <> 0 then begin
                    BeginTextPos := StrPos(TextWork, BeginText);
                    if BeginTextPos <> 0 then begin
                        AppID := CopyStr(TextWork, BeginTextPos + StrLen((BeginText)), MiddleTextPos - BeginTextPos - StrLen(BeginText));
                        RoleID := CopyStr(TextWork, MiddleTextPos + StrLen((MiddleText)), EndTextPos - MiddleTextPos - StrLen(MiddleText));
                        if StrLen(RoleID) <= MaxStrLen(TenantPermission."Role ID") then begin
                            TenantPermission.SetCurrentKey("App ID", "Role ID", "Object Type", "Object ID");
                            TenantPermission.SetRange("App ID", NullGuid);
                            TenantPermission.SetRange("Role ID", UpperCase(RoleID));
                            if not TenantPermission.IsEmpty then begin
                                if not UserQuestionPerformed then begin
                                    UserQuestionPerformed := true;
                                    if not CONFIRM(false, DeleteExistingUserGroupPermissionSets) then
                                        exit;
                                end;
                                TenantPermission.DeleteAll();
                            end;
                        end;
                    end;
                end;
                TextWork := '';
            end;
        end;
    end;

    [EventSubscriber(ObjectType::Page, Page::"Permission Sets", 'IAX_OnBeforeImportPermissionSets', '', true, true)]
    local procedure CheckImportFileForImportPermissionSets_OnBeforeImportPermissionSets(TempBlob: Codeunit "Temp Blob"; var UpdateExistingPermissions: Boolean; var Handled: Boolean)
    var
    begin
        CheckImportFileForImportPermissionSets(TempBlob);
        UpdateExistingPermissions := true;
        Handled := true
    end;

Internal work item: AB#536758
@JesperSchulz JesperSchulz added event-request Request for adding an event Integration GitHub request for Integration area and removed foundation labels May 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
event-request Request for adding an event Integration GitHub request for Integration area
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@JesperSchulz @AlexanderYakunin @Martin-Wagner-AX