private void ComputeSampleManifestStringsForApp
(HttpResponse resp, int IDapplication, string formula)
{
// Get a list of active entitlements for the given application
string sql =
@"
SELECT TOP 20 c_id FROM t_RBSR_AUFW_u_Entitlement
WHERE c_u_Application = (SELECT c_u_Name FROM t_RBSR_AUFW_u_Application WHERE c_id=" + IDapplication +
") AND c_u_Status = 'A';";
OdbcDataReader reader = HELPERS.RunSqlSelect(sql);
IEntitlement engine = new IEntitlement(HELPERS.NewOdbcConn_FORCE());
while (reader.Read())
{
int IDentitlement = reader.GetInt32(0);
returnGetEntitlement seed = new returnGetEntitlement();
bool hasBeenSeeded = false;
try
{
seed = engine.GetEntitlement(IDentitlement);
hasBeenSeeded = true;
}
catch (Exception eeeeignore) { }
resp.Write(HELPERS.CalcManifestString(seed, formula) + "<BR/>\n");
}
}
private void BEnts_Recompute_Privstring()
{
IEntitlement ENGINE = new IEntitlement(HELPERS.NewOdbcConn());
returnListEntitlement[] RET = ENGINE.ListEntitlement(null, "", new string[] { }, "");
foreach (returnListEntitlement x in RET)
{
returnGetEntitlement cur = ENGINE.GetEntitlement(x.ID);
string privstring = HELPERS.CalcManifestString(cur);
ENGINE.SetEntitlementPrivstring(x.ID, privstring);
}
}
// If arg1 is a string representation of an integer, then that int is an entitlement ID
// and the fields should come straight from the sql database.
// Otherwise, arg1 is a JSON dictionary where the field values should be taken from.
//
// If arg2 is a non-empty string, it is the formula to be used, instead of the formula
// being extracted from the database.
//
//
// W A R N I N G ! ! !
// GENERATES HTML.
// THIS MUST **NEVER** BE USED FOR DATA PROCESSING, for generating manifests, for reconciliation, for export-to-spreadsheet, etc!!!!
//
private void ComputeManifestString(HttpResponse resp, string arg1, string arg2, string arg3, string arg4)
{
returnGetEntitlement seed = new returnGetEntitlement();
bool hasBeenSeeded = false;
try
{
int IDentitlement = int.Parse(arg1);
IEntitlement engine = new IEntitlement(HELPERS.NewOdbcConn());
seed = engine.GetEntitlement(IDentitlement);
hasBeenSeeded = true;
}
catch (Exception eeeeignore) { }
if (!hasBeenSeeded)
{
System.Web.Script.Serialization.JavaScriptSerializer UTIL =
new System.Web.Script.Serialization.JavaScriptSerializer();
Object whatami = UTIL.DeserializeObject(arg1);
System.Collections.Generic.Dictionary <string, Object> www =
whatami as System.Collections.Generic.Dictionary <string, Object>;
seed = new returnGetEntitlement();
seed.Application = HELPERS.SafeGenericDictionaryLookup(www, "Application");
seed.AuthObjName = HELPERS.SafeGenericDictionaryLookup(www, "AuthObjName");
seed.AuthObjValue = HELPERS.SafeGenericDictionaryLookup(www, "AuthObjValue");
seed.EntitlementName = HELPERS.SafeGenericDictionaryLookup(www, "EntitlementName");
seed.EntitlementValue = HELPERS.SafeGenericDictionaryLookup(www, "EntitlementValue");
seed.FieldSecName = HELPERS.SafeGenericDictionaryLookup(www, "FieldSecName");
seed.FieldSecValue = HELPERS.SafeGenericDictionaryLookup(www, "FieldSecValue");
seed.Level4SecName = HELPERS.SafeGenericDictionaryLookup(www, "Level4SecName");
seed.Level4SecValue = HELPERS.SafeGenericDictionaryLookup(www, "Level4SecValue");
seed.Platform = HELPERS.SafeGenericDictionaryLookup(www, "Platform");
seed.RoleType = HELPERS.SafeGenericDictionaryLookup(www, "RoleType");
seed.StandardActivity = HELPERS.SafeGenericDictionaryLookup(www, "StandardActivity");
seed.System = HELPERS.SafeGenericDictionaryLookup(www, "System");
}
string THEMANIFEST;
if (arg2 != null)
{
THEMANIFEST = HELPERS.CalcManifestString(seed, arg2);
}
else
{
THEMANIFEST = HELPERS.CalcManifestString(seed);
}
resp.Write(THEMANIFEST.Replace("&", "&").Replace("<", "<").Replace(">", ">"));
}
protected void Page_Load(object sender, EventArgs e)
{
base.Page_Load(sender, e);
try
{
IDentitlement = int.Parse(this.Request.Params["entid"]);
}
catch (Exception)
{
// Whilst debugging
IDentitlement = 64622;
}
IEntitlement engine = new IEntitlement(HELPERS.NewOdbcConn());
THEent = engine.GetEntitlement(IDentitlement);
// There is currently no concept of this page being "read only".
// It creates workspaces as needed; it is not performed in
// any particular workspace.
this.PANELcond_readonly.Visible = false;
}
private Workbook XLSXgenerate
(HttpContext context, OdbcDataReader dr, IMVFormula ENGINEmanif, IEntitlement ENGINEwsent,
bool singlesheet, int idWS, string strRoleList)
{
Workbook book = new Workbook();
Worksheet sheet = null;
Worksheet sheetRoleMetadata = null;
Worksheet sheetEASetMetadata = null;
int IDsubprocess = -1;
int colnumFormula = -1;
int colnumStatus = -1;
int colnumBusRole = -1;
int colnumIdSubprocess = -1;
string currolename = null;
WorksheetRow row;
sheetEASetMetadata = book.Worksheets.Add("Context");
// Create an annotation row with info about the snapshot context.
RoleMetadata mdat = this.GenerateRoleMetadata(null, idWS);
bool boolMetadataHasBeenEmitted = false;
sheetRoleMetadata = book.Worksheets.Add("Role Metadata");
if (singlesheet)
{
sheet = book.Worksheets.Add("Technical Framework");
row = sheet.Table.Rows.Add();
for (int i = 0; i < dr.VisibleFieldCount; i++)
{
switch (dr.GetName(i) as string)
{
case "Formula":
colnumFormula = i;
break;
case "Mod":
colnumStatus = i;
row.Cells.Add(dr.GetName(i));
break;
/*
* case "EntID":
* break;
*/
case "BusRole":
colnumBusRole = i;
row.Cells.Add(dr.GetName(i));
break;
case "IDSubProcess":
colnumIdSubprocess = i;
break;
default:
row.Cells.Add(dr.GetName(i));
break;
}
}
row.Cells.Add("Manifest");
row.Cells.Add("AutoCorrectedNulls");
}
if (colnumBusRole < 0)
{
// We haven't even gone through the SQL result's columns to determine
// key column numbers yet! Special case donehere.
for (int i = 0; i < dr.VisibleFieldCount; i++)
{
switch (dr.GetName(i) as string)
{
case "Formula":
colnumFormula = i;
break;
case "Mod":
colnumStatus = i;
break;
/*
* case "EntID":
* break;
* */
case "Business_Role_Name":
colnumBusRole = i;
break;
case "IDSubProcess":
colnumIdSubprocess = i;
break;
default:
break;
}
}
}
// FOR EACH ROW
while (dr.Read())
{
try
{
if (!boolMetadataHasBeenEmitted)
{
EmitMetadata(sheetEASetMetadata, ref mdat, dr, colnumFormula);
boolMetadataHasBeenEmitted = true;
}
string newrolename = dr.GetValue(colnumBusRole) as string;
IDsubprocess = (int)dr.GetValue(colnumIdSubprocess);
if (singlesheet)
{
bool isBabySheet = false;
if (currolename == null)
{
currolename = newrolename;
isBabySheet = true;
}
else if (currolename != newrolename)
{
currolename = newrolename;
isBabySheet = true;
}
if (isBabySheet)
{
WorksheetRow row2 = null;
if (sheetRoleMetadata.Table.Rows.Count < 3)
{
row2 = sheetRoleMetadata.Table.Rows.Add();
row2.Cells.Add("ROLE OWNERS/APPROVERS");
row2 = sheetRoleMetadata.Table.Rows.Add();
row2 = sheetRoleMetadata.Table.Rows.Add();
row2.Cells.Add("Role Name");
row2.Cells.Add("Type");
row2.Cells.Add("EID");
row2.Cells.Add("Name");
row2.Cells.Add("Geography");
}
mdat = this.GenerateRoleMetadata(newrolename, idWS);
foreach (RoleMetadataOwner x in mdat.ROLEownersident)
{
row2 = sheetRoleMetadata.Table.Rows.Add();
row2.Cells.Add(newrolename);
row2.Cells.Add(x.rank);
row2.Cells.Add(x.EID);
row2.Cells.Add(x.name);
row2.Cells.Add(x.geography);
}
}
// GenMetadataSpreadsheetRow(sheetRoleMetadata, "--------", "-----------------------");
}
if (!singlesheet)
{
bool isBabySheet = false;
//Note: Excel cannot handle worksheet names longer than 31 chars
string truncsheetname = newrolename;
if (truncsheetname.Length > 31)
{
truncsheetname = truncsheetname.Substring(truncsheetname.Length - 31);
}
if (currolename == null)
{
sheet = book.Worksheets.Add(truncsheetname);
currolename = newrolename;
isBabySheet = true;
}
else if (currolename != newrolename)
{
sheet = book.Worksheets.Add(truncsheetname);
isBabySheet = true;
}
if (isBabySheet)
{
// Create an annotation row with info about the snapshot context.
mdat = this.GenerateRoleMetadata(newrolename, idWS);
GenMetadataSpreadsheetRow(sheet, "Role name:", mdat.rolename);
if (mdat.ROLEownersident.Count == 0)
{
GenMetadataSpreadsheetRow(sheet, "Role owners:", "NOT YET ENTERED");
}
else
{
foreach (object x in mdat.ROLEownersident)
{
GenMetadataSpreadsheetRow(sheet, "Principal: ", x.ToString());
}
}
GenMetadataSpreadsheetRow(sheet, "----------", "---------------------");
/*
*
* row = sheet.Table.Rows.Add();
* row.Cells.Add(annotation);
*/
currolename = newrolename;
row = sheet.Table.Rows.Add();
for (int i = 0; i < dr.VisibleFieldCount; i++)
{
switch (dr.GetName(i) as string)
{
case "Formula":
colnumFormula = i;
break;
case "Mod":
colnumStatus = i;
row.Cells.Add(dr.GetName(i));
break;
/*
* case "EntID":
* break;
* */
case "BusRole":
colnumBusRole = i;
row.Cells.Add(dr.GetName(i));
break;
case "IDSubProcess":
colnumIdSubprocess = i;
break;
default:
row.Cells.Add(dr.GetName(i));
break;
}
}
row.Cells.Add("Manifest");
}
}
row = sheet.Table.Rows.Add();
int IDwsentrow = (int)(dr.GetValue(0));
returnGetEntitlement OBJwsent =
ENGINEwsent.GetEntitlement(IDwsentrow);
string appname = OBJwsent.Application;
returnListMVFormula[] LISTformulas =
ENGINEmanif.ListMVFormula(null, "\"KEYapplication\" = ?",
new string[] { appname }, "");
string STRformula = "";
try
{
returnListMVFormula TheFormula = LISTformulas[0];
if (TheFormula.Formula == null)
{
TheFormula.Formula = "";
}
STRformula = HttpUtility.HtmlDecode(TheFormula.Formula.Trim());
}
catch (Exception eee) { }
if (STRformula == "")
{
STRformula = "\"TBD - " + appname + "\"";
//context.Response.Write("Error: the manifest formula for this application has NOT been specified.");
//return;
}
// We have the formula; now we can evaluate.
Evaluator ev = new Evaluator(Eval3.eParserSyntax.cSharp, false);
ev.AddEnvironmentFunctions(this);
ev.AddEnvironmentFunctions(new ManifestFormulaEvaluatorFunctions(OBJwsent));
opCode lCode;
bool doMakeNullRepair2ndTry = false;
try
{
lCode = ev.Parse(STRformula);
}
catch (Exception e)
{
row.Cells.Add("The formula for " + appname + " has parse errors: " + e.ToString());
return(book);
}
object RESLT = null;
try
{
RESLT = lCode.value;
}
catch (NullReferenceException enull)
{
//row.Cells.Add("Interpreting the formula for this application resulted in an error because of references to one or more fields that are NULL in value.");
//RESLT = "[ERROR: reference to one or more fields with null values]";
//row = sheet.Table.Rows.Add();
doMakeNullRepair2ndTry = true;
}
catch (Exception e)
{
row.Cells.Add("Interpreting the formula for this application resulted in this exception: " + e.ToString());
RESLT = "[ERROR: see line above for details]";
row = sheet.Table.Rows.Add();
}
if (doMakeNullRepair2ndTry)
{
int repairCount = 0;
// NULLs caused failures in the 1st try.
// We will thus now repair all nulls and try again.
// If succeeds, we will generate a useable row but the final column
// will alert the users to the fact that autorepair was performed.
TurnNullsToEmptyStrings(ref OBJwsent, ref repairCount);
if (repairCount == 0)
{
throw new Exception("ASSERTION FAILURE: null fields expected but not found");
}
opCode lCode2;
ev = new Evaluator(Eval3.eParserSyntax.cSharp, false);
ev.AddEnvironmentFunctions(this);
ev.AddEnvironmentFunctions(new ManifestFormulaEvaluatorFunctions(OBJwsent));
lCode2 = ev.Parse(STRformula);
try
{
RESLT = lCode2.value;
}
catch (Exception e)
{
row.Cells.Add("2nd try: Interpreting the formula for this application resulted in this exception: " + e.ToString());
RESLT = "[ERROR: see line above for details]";
row = sheet.Table.Rows.Add();
}
}
// NOW READY TO EMIT THE COLUMNS
for (int i = 0; i < dr.VisibleFieldCount; i++)
{
if (i != -342350) /*used to be != 0 */
{
if ((i != colnumFormula) && (i != colnumIdSubprocess))
{
if (i == colnumStatus)
{
string statSemantics = "ERR";
switch (dr.GetValue(i) as string)
{
case "N":
statSemantics = "New"; break;
case "P":
statSemantics = "New"; break;
case "X":
statSemantics = "Deleted"; break;
case "A":
statSemantics = ""; break;
}
row.Cells.Add(statSemantics);
}
else
{
row.Cells.Add(dr.GetValue(i).ToString());
}
}
}
}
row.Cells.Add(RESLT as string);
row.Cells.Add(doMakeNullRepair2ndTry ? "Y" : "");
}
catch (Exception e)
{
row = sheet.Table.Rows.Add();
row.Cells.Add(e.ToString() + e.StackTrace.ToString());
}
}
EmitRoleMetadata_AdditionalRoles
(sheetRoleMetadata, strRoleList, idWS, IDsubprocess);
EmitRoleMetadata_FuncAppEntsByRole
(sheetRoleMetadata, strRoleList, idWS, IDsubprocess);
EmitRoleMetadata_SubProcessActivities
(sheetRoleMetadata, strRoleList, idWS, IDsubprocess);
return(book);
}
private void ComputePrivilegeString(HttpContext context, IMVFormula ENGINEmanif, IEntitlement ENGINEwsent, int IDwsentrow, out object RESLT)
{
RESLT = "";
returnGetEntitlement OBJwsent =
ENGINEwsent.GetEntitlement(IDwsentrow);
int repaircount = 0;
TurnNullsToEmptyStrings(ref OBJwsent, ref repaircount);
string appname = OBJwsent.Application;
returnListMVFormula[] LISTformulas =
ENGINEmanif.ListMVFormula(null, "\"KEYapplication\" = ?",
new string[] { appname }, "");
string STRformula = "";
try
{
returnListMVFormula TheFormula = LISTformulas[0];
if (TheFormula.Formula == null)
{
TheFormula.Formula = "";
}
STRformula = HttpUtility.HtmlDecode(TheFormula.Formula.Trim());
}
catch (Exception eee) { }
if (STRformula == "")
{
STRformula = "\"TBD - " + appname + "\"";
//context.Response.Write("Error: the manifest formula for this application has NOT been specified.");
//return;
}
// We have the formula; now we can evaluate.
Evaluator ev = new Evaluator(Eval3.eParserSyntax.cSharp, false);
ev.AddEnvironmentFunctions(this);
ev.AddEnvironmentFunctions(new ManifestFormulaEvaluatorFunctions(OBJwsent));
opCode lCode;
try
{
lCode = ev.Parse(STRformula);
}
catch (Exception e)
{
context.Response.Write("The formula [[" + STRformula + "]] for this app [[" + appname + "]] has parse errors: " + e.ToString());
return;
}
try
{
RESLT = lCode.value;
}
catch (Exception e)
{
RESLT = "NULL";
//context.Response.Write("Interpreting the formula for this app resulted in errors: " + e.ToString());
//return;
}
return;
}
public void ProcessRequest(HttpContext context)
{
if (context.Session["AFWACSESSION"] == null)
{
throw new Exception("Must be in a legal R-AF session");
}
session = context.Session["AFWACSESSION"] as AFWACsession;
string mode = context.Request.Params["mode"];
// mode=dumpraf
// mode=compare
string requestorUserEID = context.Request.Params["usereid"];
string requestorUserName = context.Request.Params["username"];
string pathIdmInput = context.Request.Params["pathidminput"];
bool boolReportInternalIdmRoles =
bool.Parse(context.Request.Params["showinternal"]);
bool boolSaveToHistory =
bool.Parse(context.Request.Params["save"]);
bool boolDoCompare = (mode == "compare");
bool boolCaseSens = false;
string CSVlistOfInterestingRoles = "-3";
string CSVlistOfInterestingSubprocesses = "-3";
//
// New format for the CSVlist:
// Still comma-separated.
// But now each item is either:
// an integer
// "SP/###" where ### is the ID number for a subprocess
// Our goal is to split this into two CSV lists:
// list of interesting roles
// list of interesting subprocesses (meaning all its roles are interesting)
// So here we must tokenize the incoming role list.
StringTok.StringTokenizer TK = new StringTok.StringTokenizer(context.Request.Params["roles"], ",");
string curnode;
while (TK.HasMoreTokens())
{
curnode = TK.NextToken();
if (curnode.StartsWith("SP/"))
{
curnode = curnode.Substring(3);
CSVlistOfInterestingSubprocesses += ("," + curnode);
}
else
{
CSVlistOfInterestingRoles += ("," + curnode);
}
}
int errcountEntitlements = 0;
int errcountRoleMetadata = 0;
DataTable dt_idmdump = null;
if (boolDoCompare)
{
string pathTempFolder = Path.GetDirectoryName(pathIdmInput);
string pathTempFile = Path.GetFileName(pathIdmInput);
// Load the IDM-dump CSV file.
// Load the IDM-dump CSV file.
// Load the IDM-dump CSV file.
// Load the IDM-dump CSV file.
// Load the IDM-dump CSV file.
dt_idmdump = HELPERS.LoadCsv(pathTempFolder,
System.IO.Path.GetFileName(pathTempFile));
}
OdbcCommand cmd = new OdbcCommand();
cmd.Connection = HELPERS.NewOdbcConn();
Workbook book = null;
WorksheetRow row;
Worksheet sheetMetadata = null;
Worksheet sheetDeltas = null;
Worksheet sheetErrors = null;
if (boolSaveToHistory)
{
ENGINEreport = new IReconcReport(HELPERS.NewOdbcConn());
IDreport = ENGINEreport.NewReconcReport(DateTime.Now, session.idUser);
ENGINEreport.SetReconcReport
(IDreport, DateTime.Now,
"Comparison via upload of file " + pathIdmInput, session.idUser, "IDM");
ENGINEreportDiffItem = new IReconcDiffItem(HELPERS.NewOdbcConn());
}
else
{
book = new Workbook();
context.Response.ContentType = "application/vnd.xls";
context.Response.AddHeader("Content-Disposition",
"filename=RAFidmReconcile.xls;attachment");
sheetMetadata = book.Worksheets.Add("Metadata");
sheetErrors = book.Worksheets.Add("Errors");
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add("Run Date:");
row.Cells.Add(DateTime.Now.ToUniversalTime().ToLongDateString() + " UTC");
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add("Run Time:");
row.Cells.Add(DateTime.Now.ToUniversalTime().ToLongTimeString() + " UTC");
// row = sheetMetadata.Table.Rows.Add();
// row.Cells.Add("User EID:");
// row.Cells.Add(requestorUserEID);
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add("User Name:");
row.Cells.Add(requestorUserName);
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add("Include list of IDM ELE_INT_ and INT_ roles");
row.Cells.Add(boolReportInternalIdmRoles.ToString());
row = sheetMetadata.Table.Rows.Add();
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add("STATISTICS");
sheetDeltas = book.Worksheets.Add("Reconciliation");
row = RecordDelta(sheetDeltas,
"Role Name", "Difference", "Action", "Difference Type", "");
}
OdbcConnection conn2 = HELPERS.NewOdbcConn_FORCE();
IEntitlement ENGINEwsent = new IEntitlement(conn2);
string SQLsubpr = @" SELECT c_r_SubProcess, c_u_Name FROM t_RBSR_AUFW_u_BusRole;";
cmd.CommandText = SQLsubpr;
OdbcDataReader drSubpr = cmd.ExecuteReader();
Dictionary <string, string> MAPbrolenamesToSubprids = new Dictionary <string, string>();
while (drSubpr.Read())
{
int IDsubprid = (int)(drSubpr.GetValue(0));
string brolename = drSubpr.GetValue(1).ToString();
if (!MAPbrolenamesToSubprids.ContainsKey(brolename))
{
MAPbrolenamesToSubprids.Add(brolename, IDsubprid.ToString()); // + " = " + STRsubpr);
}
}
drSubpr.Close();
string extraconds = " AND (TEASS.c_u_Status NOT IN ('X')) ";
// Perform a massive SQL select to obtain all active entitlements in R-AF
string SQL =
@"
SELECT
TENT.c_id as EntID,
BROL.c_u_Name as BusRole,
RTRIM(LTRIM(BROL.c_u_Description)) as BusRoleDescr,
MVF.c_u_Formula as Formula,
MVF.c_u_KEYapplication as Appl,
OWNERS.c_u_EID as EIDprimaryApprover,
SUBPR.c_u_Name as SubprocessName,
BROL.c_r_SubProcess as SubprocessID
FROM
t_RBSR_AUFW_u_EntAssignment TEASS
LEFT OUTER JOIN
t_RBSR_AUFW_u_Entitlement TENT
ON
TEASS.c_r_Entitlement = TENT.c_id
LEFT OUTER JOIN
t_RBSR_AUFW_u_BusRole BROL
ON
BROL.c_id = TEASS.c_r_BusRole
LEFT OUTER JOIN
t_RBSR_AUFW_u_MVFormula MVF
ON
MVF.c_u_KEYapplication = TENT.c_u_Application
LEFT OUTER JOIN
t_RBSR_AUFW_u_EntAssignmentSet TEASET
ON
TEASET.c_id = TEASS.c_r_EntAssignmentSet
LEFT OUTER JOIN
t_RBSR_AUFW_u_SubProcess SUBPR
ON
TEASET.c_r_SubProcess = SUBPR.c_id
LEFT OUTER JOIN
t_RBSR_AUFW_u_BusRoleOwner OWNERS
ON
( (OWNERS.c_r_BusRole = BROL.c_id) AND (OWNERS.c_u_Rank='appr') )
WHERE
(TEASET.c_u_Status = 'ACTIVE')
AND
(SUBPR.c_r_Process NOT IN (7))
AND
(
(BROL.c_id IN (" + CSVlistOfInterestingRoles + ")) OR " +
"(BROL.c_r_SubProcess IN (" + CSVlistOfInterestingSubprocesses + ")) ) "
+ extraconds +
" ORDER BY TEASS.c_r_BusRole;";
cmd.CommandText = SQL;
OdbcDataReader dr = cmd.ExecuteReader();
Dictionary <string, string> DICTactiveEnts = new Dictionary <string, string>();
// These map role names to role descriptions
Dictionary <string, string> DICTactiveBroles = new Dictionary <string, string>();
Dictionary <string, string> DICTidmBroles = new Dictionary <string, string>();
// Key = rolename + EID of primary approver
// Value = 1
Dictionary <string, string> DICTroleApprover = new Dictionary <string, string>();
Queue <string> QUEUEmsgsWarning = new Queue <string>();
// WE ARE NOW READING THE DATA COMING FROM R-AF VIA SQL QUERY
// WE ARE NOW READING THE DATA COMING FROM R-AF VIA SQL QUERY
// WE ARE NOW READING THE DATA COMING FROM R-AF VIA SQL QUERY
// WE ARE NOW READING THE DATA COMING FROM R-AF VIA SQL QUERY
// WE ARE NOW READING THE DATA COMING FROM R-AF VIA SQL QUERY
while (dr.Read())
{
int IDwsentrow = (int)(dr.GetValue(0));
string brolename = dr.GetValue(1).ToString();
string broledescr = dr.GetValue(2).ToString();
string STRformula = dr.GetValue(3).ToString();
string STRapp = dr.GetValue(4).ToString();
string STRapproverEID = dr.GetValue(5).ToString();
string STRsubpr = dr.GetValue(6).ToString();
int IDsubpr = (int)(dr.GetValue(7));
if (!DICTactiveBroles.ContainsKey(brolename))
{
DICTactiveBroles.Add(brolename, broledescr);
}
/*
* if (!MAPbrolenamesToSubprids.ContainsKey(brolename))
* {
* MAPbrolenamesToSubprids.Add(brolename, IDsubpr.ToString() + " = " + STRsubpr);
* }
*/
if (STRapproverEID.Length > 1)
{
try
{
DICTroleApprover.Add(
brolename + (char)1 + STRapproverEID, "1");
}
catch (Exception) { }
}
returnGetEntitlement OBJwsent =
ENGINEwsent.GetEntitlement(IDwsentrow);
// SKLAR NOTE: the returnGetEntitlement struct has every column/field already segregated
int repaircount = 0;
TurnNullsToEmptyStrings(ref OBJwsent, ref repaircount);
if (STRformula == "")
{
STRformula = "\"TBD - " + dr.GetValue(4).ToString() + "\"";
}
else
{
STRformula = HttpUtility.HtmlDecode(STRformula.Trim());
}
// We have the formula; now we can evaluate.
Evaluator ev = new Evaluator(Eval3.eParserSyntax.cSharp, false);
ev.AddEnvironmentFunctions(this);
ev.AddEnvironmentFunctions(new ManifestFormulaEvaluatorFunctions(OBJwsent));
opCode lCode;
try
{
lCode = ev.Parse(STRformula);
}
catch (Exception e)
{
if (book != null)
{
sheetMetadata.Table.Rows.Add().Cells.Add("The formula [[" + STRformula + "]] for this app [[" + STRapp + "]] has parse errors: " + e.ToString());
}
else
{
context.Response.Write("The formula [[" + STRformula + "]] for this app [[" + STRapp + "]] has parse errors: " + e.ToString());
}
continue;
}
string RESLT;
try
{
RESLT = lCode.value.ToString();
}
catch (Exception e)
{
RESLT = "NULL";
//context.Response.Write("Interpreting the formula for this app resulted in errors: " + e.ToString());
//return;
}
string RESLTforCompare = RESLT;
if (!boolCaseSens)
{
RESLTforCompare = RESLT.ToLower().Replace(" ", "");
}
if (!boolDoCompare)
{
context.Response.Write(CSVquoteize(brolename));
context.Response.Write(",");
context.Response.Write(CSVquoteize(broledescr));
context.Response.Write(",");
context.Response.Write(CSVquoteize(RESLTforCompare));
context.Response.Write("\n");
}
else
{
// Enter the role name and the privilegestring into a dictionary
try {
DICTactiveEnts.Add(brolename + (char)1 + RESLTforCompare, RESLT);
}
catch (Exception eduringprivadd) {
// This situation occurs when two or more distinct entitlements in RAF
// generate the very same priv string (because they differ in a field that
// "does not count" towards generation of the priv string.
QUEUEmsgsWarning.Enqueue
("Role " + brolename + ": privilege was registered redundantly: " + RESLTforCompare);
}
}
}
// Now comes the comparison.
if (boolDoCompare)
{
Queue <string> QUEUE_idmRowsLackingActiveMatch = new Queue <string>();
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
// HERE WE ARE ACTUALLY LOOKING AT THE DATA COMING IN FROM THE IDM DUMP FILE
foreach (DataRow idmrow in dt_idmdump.Rows)
{
string idmrsrcRolename = idmrow[0].ToString().Trim();
string idmrsrcValue = idmrow[1].ToString().Trim();
string idmrsrcObjType = idmrow[2].ToString().Trim();
switch (idmrsrcObjType)
{
case "PrimaryApprover":
case "RoleApprover":
string target = idmrsrcRolename + (char)1 + idmrsrcValue;
if (DICTroleApprover.ContainsKey(target))
{
// Was also found in RAF, so nothing to report.
DICTroleApprover.Remove(target);
}
else
{
// Was not found in RAF, so report a need for removal
RecordDelta(sheetDeltas, idmrsrcRolename, idmrsrcValue, "Remove", "PrimaryApprover", null);
}
break;
case "RoleDescription":
if (!DICTidmBroles.ContainsKey(idmrsrcRolename))
{
DICTidmBroles.Add(idmrsrcRolename, idmrsrcValue);
}
break;
case "Entitlement":
string idmrsrcPrivForCompare = idmrsrcValue;
if (!boolCaseSens)
{
idmrsrcPrivForCompare = idmrsrcValue.ToLower().Replace(" ", "");
}
string idmrsrcKey = idmrsrcRolename + (char)1 + idmrsrcPrivForCompare;
if (DICTactiveEnts.ContainsKey(idmrsrcKey))
{
DICTactiveEnts.Remove(idmrsrcKey);
}
else
{
QUEUE_idmRowsLackingActiveMatch.Enqueue(idmrsrcKey);
/*
* int idxSep = idmrsrcKey.IndexOf((char)1);
* string reportRolename = idmrsrcKey.Substring(0,idxSep);
* string reportPriv = idmrsrcKey.Substring(idxSep+1);
* */
if (!boolReportInternalIdmRoles)
{
if (idmrsrcRolename.StartsWith("ELE_INT_")
||
idmrsrcRolename.StartsWith("INT_"))
{
continue;
}
}
try
{
RecordDelta(sheetDeltas, idmrsrcRolename, idmrsrcValue, "Remove", "Entitlement", MAPbrolenamesToSubprids[idmrsrcRolename]);
}
catch (Exception) {
RecordDelta(sheetDeltas, idmrsrcRolename, idmrsrcValue, "Remove", "Entitlement", "Note: this role is not known to the RAF system at all.");
}
errcountEntitlements++;
}
break;
}
}
foreach (string keytoadd in DICTactiveEnts.Keys)
{
int idxSep = keytoadd.IndexOf((char)1);
string reportRolename = keytoadd.Substring(0, idxSep);
string reportPriv = DICTactiveEnts[keytoadd];
if (!boolReportInternalIdmRoles)
{
if (reportRolename.StartsWith("ELE_INT_")
||
reportRolename.StartsWith("INT_"))
{
continue;
}
}
RecordDelta(sheetDeltas, reportRolename, reportPriv, "Add", "Entitlement", null);
errcountEntitlements++;
}
foreach (string keytoadd in DICTroleApprover.Keys)
{
int idxSep = keytoadd.IndexOf((char)1);
string reportRolename = keytoadd.Substring(0, idxSep);
string reportEID = keytoadd.Substring(idxSep + 1);
if (!boolReportInternalIdmRoles)
{
if (reportRolename.StartsWith("ELE_INT_")
||
reportRolename.StartsWith("INT_"))
{
continue;
}
}
RecordDelta(sheetDeltas, reportRolename, reportEID, "Add", "PrimaryApprover", null);
}
// Roles as a whole
foreach (string rolePresentInRAF in DICTactiveBroles.Keys)
{
if (DICTidmBroles.ContainsKey(rolePresentInRAF))
{
// This role is present in both RAF and IDM.
// But perhaps differs in description?
if (DICTactiveBroles[rolePresentInRAF] != DICTidmBroles[rolePresentInRAF])
{
// 1. Do a remove
RecordDelta(sheetDeltas,
rolePresentInRAF,
DICTidmBroles[rolePresentInRAF],
"Remove", "RoleDescription", "");
// 2. Do an add
RecordDelta(sheetDeltas,
rolePresentInRAF,
DICTactiveBroles[rolePresentInRAF],
"Add", "RoleDescription", "");
errcountRoleMetadata++;
}
//Record having seen this.
DICTidmBroles.Remove(rolePresentInRAF);
}
else
{
RecordDelta(sheetDeltas, rolePresentInRAF, DICTactiveBroles[rolePresentInRAF], "Add", "Role", null);
errcountRoleMetadata++;
}
}
foreach (string rolePresentInIDM in DICTidmBroles.Keys)
{
if (!boolReportInternalIdmRoles)
{
if (rolePresentInIDM.StartsWith("ELE_INT_")
||
rolePresentInIDM.StartsWith("INT_"))
{
continue;
}
}
RecordDelta(sheetDeltas, rolePresentInIDM, rolePresentInIDM, "Remove", "Role", null);
errcountRoleMetadata++;
}
if (book != null)
{
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add(" - Entitlement deltas:");
row.Cells.Add(errcountEntitlements.ToString());
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add(" - Role deltas:");
row.Cells.Add(errcountRoleMetadata.ToString());
if (QUEUEmsgsWarning.Count > 0)
{
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add(" - Warning messages regarding RAF-side data:");
while (QUEUEmsgsWarning.Count > 0)
{
string msg = QUEUEmsgsWarning.Dequeue();
row = sheetMetadata.Table.Rows.Add();
row.Cells.Add("");
row.Cells.Add(msg);
}
}
book.Save(context.Response.OutputStream);
}
else
{
context.Response.Redirect("../Page_Reconc_History.aspx");
}
}
}
private void AutoRemoveEntitlementStatus
(int idEntit, int idThisUser, HttpResponse theResponse)
{
// Get complete info about this entitlement
IEntitlement engine = new IEntitlement(HELPERS.NewOdbcConn());
returnGetEntitlement thisEnt = engine.GetEntitlement(idEntit);
// Find every entAssignment that refers to this entitlement
// and that is in an ACTIVE entset or a WORKSPACE entset.
// Requires a JOIN
string sqlFindEA =
"SELECT EA.c_id, EAS.c_r_SubProcess as EASsubpr, EAS.c_id as EASid, EAS.c_u_Status as EASstatus, EAS.c_r_User as EASiduser, " +
" USR.c_u_Name as EASnameuser, PR.c_u_Name + ' / ' + SUBPR.c_u_Name as SUBPRname, EA.c_r_Entitlement as EAentit, " +
" BROLE.c_u_Name as BRname " +
" FROM t_RBSR_AUFW_u_EntAssignment EA" +
" LEFT OUTER JOIN t_RBSR_AUFW_u_EntAssignmentSet EAS ON EAS.c_id = EA.c_r_EntAssignmentSet " +
" LEFT OUTER JOIN t_RBSR_AUFW_u_Subprocess SUBPR ON SUBPR.c_id = EAS.c_r_SubProcess " +
" LEFT OUTER JOIN t_RBSR_AUFW_u_Process PR ON PR.c_id = SUBPR.c_r_Process " +
" LEFT OUTER JOIN t_RBSR_AUFW_u_User USR ON USR.c_id = EAS.c_r_User " +
" LEFT OUTER JOIN t_RBSR_AUFW_u_BusRole BROLE ON BROLE.c_id = EA.c_r_BusRole " +
" WHERE EAS.c_u_Status IN ('WORKSPACE','ACTIVE') AND EA.c_r_Entitlement=" + idEntit;
OdbcDataReader reader = HELPERS.RunSqlSelect(sqlFindEA);
Dictionary <int, HELPERS.infoEASet> MAPsubprToEASet =
new Dictionary <int, HELPERS.infoEASet>();
Queue queueOfEA = new Queue();
while (reader.Read())
{
HELPERS.infoEA baby = new HELPERS.infoEA();
baby.idEntAss = reader.GetInt32(0);
baby.idSubpr = reader.GetInt32(1);
baby.idEntAssSet = reader.GetInt32(2);
baby.strEntAssSetStatus = reader.GetString(3);
baby.idEntAssSetCreator = reader.GetInt32(4);
baby.nameEntAssSetCreator = reader.GetString(5);
baby.nameSubprocess = reader.GetString(6);
baby.idEntitlement = reader.GetInt32(7);
baby.nameBusRole = reader.GetString(8);
queueOfEA.Enqueue(baby);
// An existing workspace OVERRULES an ACTIVE EASet.
if (!MAPsubprToEASet.ContainsKey(baby.idSubpr))
{
HELPERS.infoEASet infoeaset = new HELPERS.infoEASet();
infoeaset.idEntAssSet = baby.idEntAssSet;
infoeaset.strEntAssSetStatus = baby.strEntAssSetStatus;
infoeaset.idEntAssSetCreator = baby.idEntAssSetCreator;
infoeaset.nameEntAssSetCreator = baby.nameEntAssSetCreator;
infoeaset.nameSubprocess = baby.nameSubprocess;
MAPsubprToEASet.Add(baby.idSubpr, infoeaset);
}
else
{
if (MAPsubprToEASet[baby.idSubpr].idEntAssSet == baby.idEntAssSet)
{
// This is another copy of the same registered EASet.
// Ignore!
}
else if (MAPsubprToEASet[baby.idSubpr].strEntAssSetStatus == "WORKSPACE")
{
// The registered EASet for this subprocess is already a workspace.
// This newcomer must be the ACTIVE easet and we are not interested.
if (baby.strEntAssSetStatus != "ACTIVE")
{
throw new Exception("DATABASE ERROR: Multiple workspaces are active for subprocess #" +
baby.idSubpr + "(" + baby.nameSubprocess + ")");
}
}
else
{
if (baby.strEntAssSetStatus != "WORKSPACE")
{
throw new Exception("DATABASE ERROR: Multiple EASets are marked as 'ACTIVE' for subprocess #" +
baby.idSubpr + "(" + baby.nameSubprocess + ")");
}
HELPERS.infoEASet infoeaset = new HELPERS.infoEASet();
infoeaset.idEntAssSet = baby.idEntAssSet;
infoeaset.strEntAssSetStatus = baby.strEntAssSetStatus;
infoeaset.idEntAssSetCreator = baby.idEntAssSetCreator;
infoeaset.nameEntAssSetCreator = baby.nameEntAssSetCreator;
MAPsubprToEASet[baby.idSubpr] = infoeaset;
}
}
}
reader.Dispose();
// We now have the list of all subprocesses involved, and info about
// either the ACTIVE or WORKSPACE EASet to be actually edited.
// We now want to build any needed workspaces, i.e. if we are looking
// at an EASet of status "ACTIVE".
//
// CAREFUL!!! Before 13 July, there was a BUG here. It was possible to have
// the EASet be an ACTIVE one (if the workspace for that subpr simply didn't
// have any ref to the target entitlement), which would cause construction
// of an unneeded workspace.
// BEFORE CONSTRUCTING ANY WORKSPACE, AN EXTRA CHECK MUST BE PERFORMED
// TO ENSURE THERE IS NOT ALREADY A WS FOR THAT SUBPR!!!!
Dictionary <int, HELPERS.infoEASet> readyToUseWorkspaces = new Dictionary <int, HELPERS.infoEASet>();
Dictionary <int, HELPERS.infoEASet> lockedWorkspaces = new Dictionary <int, HELPERS.infoEASet>();
String messages = "";
HELPERS.AutoGenWorkspacesInBulk(idThisUser, ref messages, MAPsubprToEASet, readyToUseWorkspaces, lockedWorkspaces,
"facilitate retirement of an entitlement");
theResponse.Write(messages);
// We are now ready to do the processing of the EAssignments.
// There are two situations.
// If the EA's own status is "N", the proper thing to do is to delete the EA entirely.
// If the EA's status is "A", the proper thing to do is turn it to "X".
// No change should be made of course if it's already "X".
// Running these updates multiple times is no problem, as it will turn into a no-op
// after the first time.
//
// ON SECOND THOUGHT: I want to turn even status "N" to "X" because that is self-documenting
// and better for auditing. We want it to appear with a verboten sign in the designer view.
Dictionary <int, int> MAPsubprToNumAffected = new Dictionary <int, int>();
while (queueOfEA.Count > 0)
{
HELPERS.infoEA curEA = (HELPERS.infoEA)(queueOfEA.Dequeue());
int idSubpr = curEA.idSubpr;
if (MAPsubprToNumAffected.ContainsKey(idSubpr))
{
continue;
}
if (readyToUseWorkspaces.ContainsKey(idSubpr))
{
HELPERS.infoEASet curWS = readyToUseWorkspaces[idSubpr];
// Handling status="A" and "N"
string cmdsql =
"UPDATE t_RBSR_AUFW_u_EntAssignment " +
" SET c_u_Status='X' WHERE c_u_Status IN ('A','N','P') AND " +
" c_r_EntAssignmentSet=" + curWS.idEntAssSet + " AND " +
" c_r_Entitlement=" + curEA.idEntitlement;
int resultRunSql = HELPERS.RunSql(cmdsql);
MAPsubprToNumAffected[idSubpr] = resultRunSql;
theResponse.Write(
"OK: " + curEA.nameSubprocess + ": " + resultRunSql + " business roles affected.\n");
}
else
{
HELPERS.infoEASet lockedWS = lockedWorkspaces[idSubpr];
theResponse.Write(
"<B>ERROR: </B> Entitlement #" + curEA.idEntitlement + " could not be removed from " + curEA.nameBusRole +
" -- workspace locked by " + lockedWS.nameEntAssSetCreator + ".\n");
}
}
}
/* Warning: this is still singleton-based */
/* This just takes whatever is the active EAS for the given subprocess,
* but probably should receive the EAS ID as input.
*/
public static void WorkspaceCreate(OdbcConnection conn, int IDsubprocess, string commentary)
{
IEditingWorkspace Iws = new IEditingWorkspace(conn);
// BUG: hardwired user ID!
int IDnewWS = Iws.NewEditingWorkspace(commentary, DateTime.Now, IDsubprocess, 1);
// Still singleton!!
EmptyTable(conn, "t_r_BusRoleWorkspaceEntitlement");
EmptyTable(conn, "WorkspaceEntitlement");
IWorkspaceEntitlement Iwserows = new IWorkspaceEntitlement(conn);
IEntAssignmentSet Ieas = new IEntAssignmentSet(conn);
IEntitlement Ient = new IEntitlement(conn);
/* See above comment: this hardwared active=true logic is not good */
returnListEntAssignmentSetBySubProcess[] _IDeas =
Ieas.ListEntAssignmentSetBySubProcess(null, "\"BOOLisActive\" = 1", new string[] { }, "", IDsubprocess);
int IDeas = _IDeas[0].ID;
/* Find the list of EAssignments to bring over to the Workspace */
IEntAssignment Iea = new IEntAssignment(conn);
returnListEntAssignmentByEntAssignmentSet[] _IDea =
Iea.ListEntAssignmentByEntAssignmentSet(null, "", new string[] {}, "", IDeas);
int numToConvert = _IDea.Length;
Hashtable dictEntVectorClones = new Hashtable();
foreach (returnListEntAssignmentByEntAssignmentSet i in _IDea)
{
int IDentitlementVector = i.EntitlementID;
int IDbusrole = i.BusRoleID;
int IDcloneEntVector = -88;
if (dictEntVectorClones.ContainsKey(IDentitlementVector))
{
// The entitlement vector was already cloned in the workspace.
IDcloneEntVector =
(int)dictEntVectorClones[IDentitlementVector];
}
else
{
// MUST CLONE THE VECTOR
returnGetEntitlement theE = Ient.GetEntitlement(IDentitlementVector);
IDcloneEntVector =
Iwserows.NewWorkspaceEntitlement
(theE.StandardActivity,
theE.RoleType,
theE.System,
theE.Platform,
theE.EntitlementName,
theE.EntitlementValue,
IDnewWS);
dictEntVectorClones.Add(IDentitlementVector, IDcloneEntVector);
}
// We have the bus.role ID and we now have the ID of the
// WorkspaceEntitlement object.
// We now create the tie that binds them.
RecordLinkFromBusRoleToWSEntitVector
(conn, IDbusrole, IDcloneEntVector, IDnewWS);
}
}
public void ProcessRequest(HttpContext context)
{
OdbcConnection conn = HELPERS.NewOdbcConn();
int IDwsentrow = int.Parse(context.Request.Params["IDwsent"]);
context.Response.ContentType = "text/plain";
IMVFormula ENGINEmanif = new IMVFormula(conn);
IEntitlement ENGINEwsent = new IEntitlement(conn);
OBJwsent =
ENGINEwsent.GetEntitlement(IDwsentrow);
string appname = OBJwsent.Application;
returnListMVFormula[] LISTformulas =
ENGINEmanif.ListMVFormula(null, "\"KEYapplication\" = ?",
new string[] { appname }, "");
// Currently, we only allow one formula per manifest.
// Later we might have richer selection process where other fields
// get to play a role in which formula is used.
if (LISTformulas.Length > 1)
{
context.Response.Write("Error: more than one manifest formula for this app.");
return;
}
if (LISTformulas.Length < 1)
{
context.Response.Write("Error: there is no manifest formula for this app.");
return;
}
returnListMVFormula TheFormula = LISTformulas[0];
if (TheFormula.Formula == null)
{
TheFormula.Formula = "";
}
string STRformula = TheFormula.Formula.Trim();
if (STRformula == "")
{
context.Response.Write("Error: the manifest formula for this application has NOT been specified.");
return;
}
// We have the formula; now we can evaluate.
Evaluator ev = new Evaluator(Eval3.eParserSyntax.cSharp, false);
ev.AddEnvironmentFunctions(this);
ev.AddEnvironmentFunctions(new ManifestFormulaEvaluatorFunctions(OBJwsent));
opCode lCode;
try
{
lCode = ev.Parse(STRformula);
}
catch (Exception e)
{
context.Response.Write("The formula [[" + STRformula + "]] for this app [[" + appname + "]] has parse errors: " + e.ToString());
return;
}
object RESLT;
try
{
RESLT = lCode.value;
}
catch (Exception e)
{
context.Response.Write("Interpreting the formula for this app resulted in errors: " + e.ToString());
return;
}
context.Response.Write(RESLT.ToString().Replace(" ", ""));
}