UNPKG

@mmh-software/webview

Version:

WebApp

github.com/mmh-software/speedy-webapp

mmh-software/speedy-webapp

117 lines (110 loc) 3.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
const db = require('./db.js'); const userMiddleware = require('../middleware/users.js'); module.exports = function(app) { app.get('/container', function(req, res, next){ var id = req.param('ctnr_id') db.query(`SELECT * FROM dm_container c INNER JOIN dm_containertype ct ON c.ctnr_ctid=ct.ctype_ctid WHERE c.ctnr_parent=? AND c.ctnr_flag != 642 AND HasPermission(c.ctnr_cid,0,1) ORDER BY c.ctnr_name;`, [id], function (error, results, fields) { if (error) { return res.status(409).send({ msg: 'ERROR' }); } else { return res.status(200).send({ data: results }); } }); }); app.get('/containerParentID', function(req, res, next){ var id = req.param('ctnr_id') db.query(`SELECT ctnr_parent, ctnr_name FROM dm_container WHERE ctnr_cid=? AND ctnr_flag != 642;`, [id], function (error, results, fields) { if (error) { return res.status(409).send({ msg: 'ERROR' }); } else { return res.status(200).send({ data: results }); } }); }); app.get('/containerName', function(req, res, next){ var id = req.param('ctnr_id') db.query(`SELECT ctnr_name FROM dm_container c WHERE ctnr_cid=?;`, [id], function (error, results, fields) { if (error) { return res.status(409).send({ msg: 'ERROR' }); } else { return res.status(200).send(results); } }); }); app.get('/VaultName', function(req, res, next){ db.query(`SELECT vault_name FROM dm_vault;`, function (error, results, fields) { if (error) { return res.status(409).send({ msg: 'ERROR' }); } else { return res.status(200).send(results); } }); }); app.get('/CheckPermissions', function(req, res, next){ var action = req.param('action') var username = req.param('username') if(username == "") { return res.status(409).send({ msg: 'No Username' }); } var sql = "SELECT * FROM dm_user u INNER JOIN dm_group_user gu ON gu.grpusr_uid = u.usr_uid WHERE u.usr_name='"+ username +"'" db.query(sql, function (error, results, fields) { if (error) { return res.status(409).send({ msg: 'ERROR' }); } else { global.retPermission = 0; var Response = []; //for (var i = 0; i < results.length; i++) { if(results[0] != null) { var groupId = results[0].grpusr_gid; var sql2 = "SELECT MAX(ga.grpact_permission) AS permission FROM dm_action a INNER JOIN dm_group_action ga ON ga.grpact_aid=a.action_aid WHERE a.action_name = '"+ action + "' AND ga.grpact_gid = "+ groupId + ";"; db.query(sql2, function (error1, results1, fields) { if (error1) { return res.status(409).send({ msg: 'ERROR' }); } else { return res.status(200).send(results1); var permission = results1[0].permission; //console.log("permission: " + permission); if(global.retPermission != 1 && permission == 1) { //global.retPermission = 1; } } }); } } //let dat = {permission: global.retPermission}; //Response.push(dat); //return res.status(200).send(Response); } }); }); }