// #! MFMY
!#.LAST.12.08.16.mohammad:
static void assignRolesFromUserToUser(Args _args)
{
#define.fromUserId('reni.tha')
#define.toUserId('candycha')
SecurityRole
securityRole;
SecurityUserRole securityUserRoleFrom,securityUserRoleTo;
;
while select securityUserRoleFrom
where
securityUserRoleFrom.User
== #fromUserId
&& securityUserRoleFrom.AssignmentStatus ==
RoleAssignmentStatus::Enabled
join securityRole
where
securityRole.RecId
== securityUserRoleFrom.SecurityRole
{
select securityUserRoleTo
where securityUserRoleTo.SecurityRole ==
securityUserRoleFrom.SecurityRole &&
securityUserRoleTo.User == #toUserId;
if (!securityUserRoleTo ||
securityUserRoleTo.AssignmentStatus != RoleAssignmentStatus::Enabled)
{
SysSecHelper::log('Adding
' + securityRole.Name);
securityUserRoleTo.User = #toUserId;
securityUserRoleTo.SecurityRole = securityRole.RecId;
securityUserRoleTo.AssignmentMode = RoleAssignmentMode::Manual;
securityUserRoleTo.AssignmentStatus = RoleAssignmentStatus::Enabled;
if (SecuritySegregationOfDuties::assignUserToRole(securityUserRoleTo, null) )
{
EePersonalDataAccessLogging::logUserRoleChange(securityRole.RecId,0, #toUserId, AddRemove::Add);
}
else
{
SysSecHelper::log('Skipping
' + securityRole.Name);
}
}
else
{
SysSecHelper::log('Skipping
' + securityRole.Name);
}
}
}
0 comments:
Post a Comment