Hi guys,
// Make all views private by removing "Everyone Else" permissions
/*string s = "" //Will store the name of a view
string res = "" //Will store the returned result from a function
View v = null*/
//Make sure no default view is selected inside the Module (check your module generating scripts too), otherwise this will remove all EXCEPT that default view
//If you don't select a default view, this script will delete all views and leave you with 'Standard View'.
//
View v = null
string res = ""
string viewsMRD[] = {"[Standard] Attributes","[Standard] Traceability","[Standard] Document","[Standard] Requirements"}
string viewsPTR[] = {"[Standard] PTR"}
string viewsQA[] = {"Attributes","Clinical","Document","Electrical","Logistics","Manufacturing","Marketing","Mechanical","ProjMgt","QARA","Software","SyergyDOORS","SysEng","TestEng"}
string viewsFMEA[] = {"BookView","WorkingView"}
string s
Item moduleitem
string modulename
string modulechecker
int MRD,PTR,QA,FMEA
//Possible to force nomenclature of modules, so that the code can check fullName of the module and select the appropriate counter/array to compare the views against.
void compareMRD(int MRD, Module m)
{
string username = doorsname
Permission rmcda = delete|control
for s in views(m) do
{
bool equal = false
//MRD = 0 //counter for generic loop below
for MRD in 0:3 do
{
//Comparison code here
if (s == viewsMRD[MRD]) //if name of current view matches any string inside viewsMRD...
{
equal = true
print MRD "true" "\n"
print equal "\n"
}
else
{
print MRD "not true" "\n"
}
}
if (equal != true)//if string doesn't match anything in viewsMRD, then force this view to private
{
print "Get rid of this one \n"
v = view(s) //handle to current view in loop
bool IsAccessInherited
isAccessInherited(v,IsAccessInherited)
if (IsAccessInherited == true)
{
specific(v)
}
res = set(v,rmcda,username)
res = set(v,none,"")
if(!null res)
{
ack("Error setting permissions in at least 1 view.")
}
}
}
}
void compareFMEA(int FMEA, Module m)
{
string username = doorsname
Permission rmcda = delete|control
for s in views(m) do
{
bool equal = false
//FMEA = 0 //counter for generic loop below
for FMEA in 0:1 do
{
//Comparison code here
if (s == viewsFMEA[FMEA]) //if name of current view matches any string inside viewsMRD...
{
equal = true
print FMEA "true" "\n"
print equal "\n"
}
else
{
print FMEA "not true" "\n"
}
}
if (equal != true)//if string doesn't match anything in viewsMRD, then force this view to private
{
print "Get rid of this one \n"
v = view(s) //handle to current view in loop
bool IsAccessInherited
isAccessInherited(v,IsAccessInherited)
if (IsAccessInherited == true)
{
specific(v)
}
res = set(v,rmcda,username)
res = set(v,none,"")
if(!null res)
{
ack("Error setting permissions in at least 1 view.")
}
}
}
}
for moduleitem in current Project do
{
MRD=0
PTR=1
QA=0
FMEA=0 //Reset counters
if((type moduleitem) == "Formal")
{
modulename = fullName(moduleitem)
modulechecker = name(moduleitem) //just get name of module not path
if(name(moduleitem) == "MRD")
{
Module moo = edit(modulename, true, true, false)
compareMRD(MRD,moo)
save(moo)
close(moo,false)
}
if(name(moduleitem) == "xFMEA")
{
Module moo = edit(modulename, true, true, false)
compareFMEA(FMEA,moo)
save(moo)
close(moo,false)
}
}
}
TooDifficult - Sun Jan 16 17:07:55 EST 2011 |
Re: Hi all - restricting user created views to user only Access rights scripts just about demand being run by the "Administrator". Other facts: You can modify views while the module is in Read_Only mode. There is no such pre-save-module trigger, although a pre-close module trigger may help. Random thoughts on the code: [1] I wonder why you are passing MRD and FMEA int variables into your two compare() functions; they are modified inside, not used outside, and not called by reference. [2] Your set-private code seems inadequate. If the module has several access records which is likely, the view will inherit all them before becoming specific, and setting everybody else to none will have little effect on folks who may indeed open the module. [3] As written, whoever is plowing runnig the code will be the one that gets specific RMCDA access to all the views in your project, which surely is not your intention. [4] you do not need to "edit" nor "save" the module when dealing with its views. [5] Your code should check for module open success. [6] you should have a single function "setToPrivate". [7] if the current user lacks RMCDA access she won't be able to set her own access to RMCDA. [8] use print instead of the acks, be consistent. Print the name of the module and the view when reporting problems. I suspect this code perhaps should be looking for views that indeed have some RMCDA access to a specific user, who does not have a specific RMCDA access record to the module. That will find the owner of the vast majority of your private views. You may also try to figure out if the current user has RMCDA access to the view; I think "if (canControl(v))" might work; and if not just report the view and move on. After finding the likely private owner, set everybody else to none as you do, but I wonder if you also want to remove several but not all the other access records to the view. I know I do not want a bunch of views in our modules that only certain folks can see. By policy, private views must start with the owner's user name (which is lower case) and must provide the DB admins and also the Project admins full access; but not general users. I imagine it would be hard to have a script that enforced it however.
|