|
Hello.
I don't understand the code (in quote):
We check for existing records with UserID
IF @IsGuest = 0 AND NOT EXISTS(select top 1 1 from [{databaseOwner}].[{objectQualifier}ActiveAccess] WITH(NOLOCK) WHERE UserID = @UserID)
and if no exist fill table for current user using guest access rights.
But real rights for current user must be write bellow (in qoute 147-190 lines).
Instead, for current user always will be write guest access rights.
[code=sql]
-- ensure that no duplicates and that the guest access rights always present in the access table
if not exists (select top 1 UserID from [{databaseOwner}].[{objectQualifier}ActiveAccess] where UserID = @GuestID)
begin
insert into [{databaseOwner}].[{objectQualifier}ActiveAccess](
UserID,
BoardID,
ForumID,
IsAdmin,
IsForumModerator,
IsModerator,
IsGuestX,
LastActive,
ReadAccess,
PostAccess,
ReplyAccess,
PriorityAccess,
PollAccess,
VoteAccess,
ModeratorAccess,
EditAccess,
DeleteAccess,
UploadAccess,
DownloadAccess)
select
UserID,
@BoardID,
ForumID,
IsAdmin,
IsForumModerator,
IsModerator,
@IsGuest,
@CurrentTime,
ReadAccess,
(CONVERT([bit],sign([PostAccess]&(2)),(0))),
(CONVERT([bit],sign([ReplyAccess]&(4)),(0))),
(CONVERT([bit],sign([PriorityAccess]&(8)),(0))),
(CONVERT([bit],sign([PollAccess]&(16)),(0))),
(CONVERT([bit],sign([VoteAccess]&(32)),(0))),
(CONVERT([bit],sign([ModeratorAccess]&(64)),(0))),
(CONVERT([bit],sign([EditAccess]&(128)),(0))),
(CONVERT([bit],sign([DeleteAccess]&(256)),(0))),
(CONVERT([bit],sign([UploadAccess]&(512)),(0))),
(CONVERT([bit],sign([DownloadAccess]&(1024)),(0)))
from [{databaseOwner}].[{objectQualifier}vaccess]
where UserID = @GuestID
end
IF @IsGuest = 0 AND NOT EXISTS(select top 1 1 from [{databaseOwner}].[{objectQualifier}ActiveAccess] WITH(NOLOCK) WHERE UserID = @UserID)
BEGIN
-- no permissions... use guest access instead
insert into [{databaseOwner}].[{objectQualifier}ActiveAccess](
UserID,
BoardID,
ForumID,
IsAdmin,
IsForumModerator,
IsModerator,
IsGuestX,
LastActive,
ReadAccess,
PostAccess,
ReplyAccess,
PriorityAccess,
PollAccess,
VoteAccess,
ModeratorAccess,
EditAccess,
DeleteAccess,
UploadAccess,
DownloadAccess)
select
@UserID,
@BoardID,
ForumID,
IsAdmin,
IsForumModerator,
IsModerator,
0,
@CurrentTime,
ReadAccess,
(CONVERT([bit],sign([PostAccess]&(2)),(0))),
(CONVERT([bit],sign([ReplyAccess]&(4)),(0))),
(CONVERT([bit],sign([PriorityAccess]&(8)),(0))),
(CONVERT([bit],sign([PollAccess]&(16)),(0))),
(CONVERT([bit],sign([VoteAccess]&(32)),(0))),
(CONVERT([bit],sign([ModeratorAccess]&(64)),(0))),
(CONVERT([bit],sign([EditAccess]&(128)),(0))),
(CONVERT([bit],sign([DeleteAccess]&(256)),(0))),
(CONVERT([bit],sign([UploadAccess]&(512)),(0))),
(CONVERT([bit],sign([DownloadAccess]&(1024)),(0)))
from [{databaseOwner}].[{objectQualifier}vaccess]
where UserID = @GuestID
END
-- get previous visit
if @IsGuest = 0 begin
select @PreviousVisit = LastVisit from [{databaseOwner}].[{objectQualifier}User] where UserID = @UserID
end
-- update last visit
update [{databaseOwner}].[{objectQualifier}User] set
LastVisit = @CurrentTime,
IP = @IP
where UserID = @UserID
-- find missing ForumID/TopicID
if @MessageID is not null begin
select
@CategoryID = c.CategoryID,
@ForumID = b.ForumID,
@TopicID = b.TopicID
from
[{databaseOwner}].[{objectQualifier}Message] a
inner join [{databaseOwner}].[{objectQualifier}Topic] b on b.TopicID = a.TopicID
inner join [{databaseOwner}].[{objectQualifier}Forum] c on c.ForumID = b.ForumID
inner join [{databaseOwner}].[{objectQualifier}Category] d on d.CategoryID = c.CategoryID
where
a.MessageID = @MessageID and
d.BoardID = @BoardID
end
else if @TopicID is not null begin
select
@CategoryID = b.CategoryID,
@ForumID = a.ForumID
from
[{databaseOwner}].[{objectQualifier}Topic] a
inner join [{databaseOwner}].[{objectQualifier}Forum] b on b.ForumID = a.ForumID
inner join [{databaseOwner}].[{objectQualifier}Category] c on c.CategoryID = b.CategoryID
where
a.TopicID = @TopicID and
c.BoardID = @BoardID
end
else if @ForumID is not null begin
select
@CategoryID = a.CategoryID
from
[{databaseOwner}].[{objectQualifier}Forum] a
inner join [{databaseOwner}].[{objectQualifier}Category] b on b.CategoryID = a.CategoryID
where
a.ForumID = @ForumID and
b.BoardID = @BoardID
end
-- update active
-- ensure that access right are in place
if not exists (select top 1 UserID from [{databaseOwner}].[{objectQualifier}ActiveAccess] WITH(NOLOCK)
where UserID = @UserID )
begin
insert into [{databaseOwner}].[{objectQualifier}ActiveAccess](
UserID,
BoardID,
ForumID,
IsAdmin,
IsForumModerator,
IsModerator,
IsGuestX,
LastActive,
ReadAccess,
PostAccess,
ReplyAccess,
PriorityAccess,
PollAccess,
VoteAccess,
ModeratorAccess,
EditAccess,
DeleteAccess,
UploadAccess,
DownloadAccess)
select
UserID,
@BoardID,
ForumID,
IsAdmin,
IsForumModerator,
IsModerator,
@IsGuest,
@CurrentTime,
ReadAccess,
(CONVERT([bit],sign([PostAccess]&(2)),(0))),
(CONVERT([bit],sign([ReplyAccess]&(4)),(0))),
(CONVERT([bit],sign([PriorityAccess]&(8)),(0))),
(CONVERT([bit],sign([PollAccess]&(16)),(0))),
(CONVERT([bit],sign([VoteAccess]&(32)),(0))),
(CONVERT([bit],sign([ModeratorAccess]&(64)),(0))),
(CONVERT([bit],sign([EditAccess]&(128)),(0))),
(CONVERT([bit],sign([DeleteAccess]&(256)),(0))),
(CONVERT([bit],sign([UploadAccess]&(512)),(0))),
(CONVERT([bit],sign([DownloadAccess]&(1024)),(0)))
from [{databaseOwner}].[{objectQualifier}vaccess]
where UserID = @UserID
end
[/code]
sorry for my english.
|