CREATE VIEW config.org_unit_setting_type AS
SELECT name, label, grp, description,
- datatype, fm_class, view_perm, update_perm, org_setting
+ datatype, fm_class, view_perm, update_perm
FROM config.setting_type WHERE org_setting;
CREATE VIEW config.usr_setting_type AS
- SELECT name, label, grp, description,
- datatype, fm_class, org_setting
+ SELECT name, label, grp, description, datatype, fm_class
FROM config.setting_type WHERE usr_setting;
CREATE OR REPLACE FUNCTION actor.setting_type_is_valid()
AFTER INSERT OR UPDATE ON actor.workstation_setting
FOR EACH ROW EXECUTE PROCEDURE actor.setting_type_is_valid();
+
+CREATE OR REPLACE FUNCTION actor.get_setting(setting_name TEXT,
+ org_id INT, user_id INT, workstation_id INT) RETURNS JSON AS
+$FUNC$
+DECLARE
+ setting_type config.setting_type%ROWTYPE;
+ setting_value JSON;
+BEGIN
+
+ SELECT INTO setting_type * FROM config.setting_type
+ WHERE name = setting_name;
+
+ IF NOT FOUND THEN
+ RETURN NULL;
+ END IF;
+
+ -- User and workstation settings have the same priority. We do not
+ -- check view_perm's on user settings since values apply only to the
+ -- calling user.
+ IF user_id IS NOT NULL AND setting_type.usr_setting THEN
+ SELECT INTO setting_value value FROM actor.usr_setting
+ WHERE usr = user_id AND name = setting_name;
+ IF FOUND THEN
+ RETURN setting_value;
+ END IF;
+ END IF;
+
+ -- Org and workstation settings enforce the view_perm.
+
+ -- Get the org_id from the workstation when present Org value is
+ -- used in perm checks and org_unit_setting lookups when needed.
+ IF workstation_id IS NOT NULL THEN
+ SELECT INTO org_id owning_lib
+ FROM actor.workstation WHERE id = workstation_id;
+ END IF;
+
+ IF org_id IS NULL THEN
+ -- No workstation or org_id has been provided. nothnig we can
+ -- do. This is not necessarily an error condition, since the
+ -- caller may only care about user settings.
+ RETURN NULL;
+ END IF;
+
+ IF setting_type.view_perm IS NOT NULL THEN
+
+ -- settings with view perms need to know who is requesting them.
+ IF user_id IS NULL THEN
+ RAISE NOTICE 'Perm check required but no user_id provided';
+ RETURN NULL;
+ END IF;
+
+ IF NOT permission.usr_has_perm(
+ user_id,
+ (SELECT code FROM permission.perm_list WHERE id = setting_type.view_perm),
+ org_id)
+ THEN
+ RAISE NOTICE 'Perm check failed for user % on %',
+ user_id, setting_type.view_perm;
+ RETURN NULL;
+ END IF;
+ END IF;
+
+ IF workstation_id IS NOT NULL AND setting_type.ws_setting THEN
+ SELECT INTO setting_value value FROM actor.workstation_setting
+ WHERE workstation = workstation_id AND name = setting_name;
+ IF FOUND THEN
+ RETURN setting_value;
+ END IF;
+ END IF;
+
+ IF setting_type.org_setting THEN
+ SELECT INTO setting_value value
+ FROM actor.org_unit_ancestor_setting(setting_name, org_id);
+
+ IF FOUND THEN
+ RETURN setting_value;
+ END IF;
+ END IF;
+
+ RETURN NULL;
+END;
+$FUNC$ LANGUAGE PLPGSQL;
+
+
COMMIT;
projects / working / Evergreen.git / commitdiff