API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 30th, 2017
62
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.97 KB | None | 0 0
raw download clone embed print report
  1. SELECT (
  2. -- Check access for objects
  3. 'container' = 'object' AND ( -- in_type
  4. SELECT EXISTS (
  5. -- Owner has all rights
  6. SELECT 1
  7. FROM object o
  8. WHERE o.object_id = '82195a7e-86a2-4235-bcd6-126492273e64' -- in_element_id
  9. AND o.owner_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  10. ) OR EXISTS (
  11. -- Check object permission table for user
  12. SELECT 1
  13. FROM object_account_permission oap
  14. WHERE oap.account_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  15. AND oap.object_id = '82195a7e-86a2-4235-bcd6-126492273e64' -- in_element_id
  16. AND oap.code = 'object_read' -- in_code
  17. ) OR EXISTS (
  18. -- Check object permission table for user's groups
  19. SELECT 1
  20. FROM object_class_permission ocp
  21. JOIN membership m ON ocp.class_id = m.class_id
  22. WHERE m.account_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  23. AND ocp.object_id = '82195a7e-86a2-4235-bcd6-126492273e64' -- in_element_id
  24. AND ocp.code = 'object_read' -- in_code
  25. ) OR (
  26. 'object_read' = 'object_read' AND ( -- in_code
  27. SELECT (
  28. -- Check if user has override permissions
  29. user_has_permission('86d09109-64cc-4aa6-9336-b49b8ae71f2c', 'cmd_read_other') -- in_account_id
  30. ) OR EXISTS (
  31. -- Check if user has access via institution/course membership
  32. SELECT 1
  33. FROM institution_role ir
  34. JOIN course_element ce ON ir.course_id = ce.course_id
  35. WHERE ce.object_id = '82195a7e-86a2-4235-bcd6-126492273e64' -- in_element_id
  36. AND ir.account_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  37. ) OR EXISTS (
  38. -- Check if user is institution admin for institution which has course
  39. SELECT 1
  40. FROM course_element ce
  41. JOIN institution_course ic ON ic.course_id = ce.course_id
  42. JOIN institution i ON ic.institution_id = i.institution_id
  43. WHERE ce.object_id = '82195a7e-86a2-4235-bcd6-126492273e64' -- in_element_id
  44. AND i.owner_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  45. )
  46. )
  47. ) OR (
  48. 'object_delete' = 'object_delete' AND ( -- in_code
  49. SELECT (
  50. -- Check if user has override permissions
  51. user_has_permission('86d09109-64cc-4aa6-9336-b49b8ae71f2c', 'cmd_delete_other') -- in_account_id
  52. )
  53. )
  54. )
  55. )
  56. ) OR (
  57. -- Check access for containers
  58. 'container' = 'container' AND ( -- in_type
  59. SELECT EXISTS (
  60. -- Owner has all rights
  61. SELECT 1
  62. FROM container c
  63. WHERE c.container_id = 'dec521e1-432e-4304-8ba8-6cf59590d99b' -- in_element_id
  64. AND c.owner_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  65. ) OR EXISTS (
  66. -- Check container permission table for user
  67. SELECT 1
  68. FROM container_account_permission cap
  69. WHERE cap.account_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  70. AND cap.container_id = 'dec521e1-432e-4304-8ba8-6cf59590d99b' -- in_element_id
  71. AND cap.code = 'container_read' -- in_code
  72. ) OR EXISTS (
  73. -- Check container permission table for user's groups
  74. SELECT 1
  75. FROM container_class_permission ccp
  76. JOIN membership m ON ccp.class_id = m.class_id
  77. WHERE m.account_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  78. AND ccp.container_id = 'dec521e1-432e-4304-8ba8-6cf59590d99b' -- in_element_id
  79. AND ccp.code = 'container_read' -- in_code
  80. ) OR (
  81. 'container_read' = 'container_read' AND ( -- in_code
  82. SELECT (
  83. -- Check if user has override permissions
  84. user_has_permission('86d09109-64cc-4aa6-9336-b49b8ae71f2c', 'cmd_read_container_other') -- in_account_id
  85. ) OR EXISTS (
  86. -- Check if user has access via institution/course membership
  87. SELECT 1
  88. FROM institution_role ir
  89. JOIN course_container cc ON ir.course_id = cc.course_id
  90. WHERE cc.container_id = 'dec521e1-432e-4304-8ba8-6cf59590d99b' -- in_element_id
  91. AND ir.account_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  92. ) OR EXISTS (
  93. -- Check if user is institution admin for institution which has course
  94. SELECT 1
  95. FROM institution i
  96. JOIN institution_course ic ON ic.institution_id = i.institution_id
  97. JOIN course_container cc ON ic.course_id = cc.course_id
  98. WHERE cc.container_id = 'dec521e1-432e-4304-8ba8-6cf59590d99b' -- in_element_id
  99. AND i.owner_id = '86d09109-64cc-4aa6-9336-b49b8ae71f2c' -- in_account_id
  100. )
  101. )
  102. ) OR (
  103. 'container_read' = 'container_delete' AND ( -- in_code
  104. SELECT (
  105. -- Check if user has override permissions
  106. user_has_permission('86d09109-64cc-4aa6-9336-b49b8ae71f2c', 'cmd_delete_container_other') -- in_account_id
  107. )
  108. )
  109. ) OR (
  110. 'container_read' = 'container_delete_child' AND ( -- in_code
  111. SELECT (
  112. -- Check if user has override permissions
  113. user_has_permission('86d09109-64cc-4aa6-9336-b49b8ae71f2c', 'cmd_delete_container_other') -- in_account_id
  114. )
  115. )
  116. )
  117. )
  118. ) OR (
  119. -- Don't know how to handle that type
  120. false
  121. );
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!