diff --git a/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java b/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
--- a/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
+++ b/src/org/openbravo/base/secureApp/HttpSecureAppServlet.java
@@ -496,20 +496,27 @@
vars.setSessionValue("#CurrentAccessLevel", accessLevel);
if (type.equals("W")) {
return hasLevelAccess(vars, accessLevel)
- && SeguridadData.selectAccess(this, vars.getRole(), "TABLE", id).equals("0")
- && !SeguridadData.selectAccess(this, vars.getRole(), type, id).equals("0");
+ && !SeguridadData.selectAccessWindowAndTable(this, vars.getRole(), type, id)
+ .equals("0");
+ } else if (type.equals("X")) {
+ if (id.equals("800018")) {
+ return true;
+ }
+ return !SeguridadData.selectAccessForm(this, vars.getRole(), id).equals("0");
+ } else if (type.equals("P") || type.equals("R")) {
+ return !SeguridadData.selectAccessProcess(this, vars.getRole(), type, id).equals("0");
} else if (type.equals("S")) {
return !SeguridadData.selectAccessSearch(this, vars.getRole(), id).equals("0");
- } else if (type.equals("C"))
+ } else if (type.equals("C")) {
return true;
- else
- return hasLevelAccess(vars, accessLevel)
- && !SeguridadData.selectAccess(this, vars.getRole(), type, id).equals("0");
+ } else {
+ log4j.warn("The type of access you want to check does not exist.");
+ return false;
+ }
} catch (final Exception e) {
log4j.error("Error checking access: ", e);
return false;
}
-
}
/**
diff --git a/src/org/openbravo/base/secureApp/Seguridad_data.xsql b/src/org/openbravo/base/secureApp/Seguridad_data.xsql
--- a/src/org/openbravo/base/secureApp/Seguridad_data.xsql
+++ b/src/org/openbravo/base/secureApp/Seguridad_data.xsql
@@ -128,95 +128,90 @@
-
-
+
+
TO_CHAR(?)
- UNION
- SELECT COUNT(*) AS TOTAL
- FROM AD_Window_Access
- WHERE AD_Role_ID = ?
+ FROM AD_Window_Access a, AD_Tab t
+ WHERE AD_Role_ID = ?
AND TO_CHAR('W') = ?
- AND AD_Window_ID = (SELECT AD_WINDOW_ID
- FROM AD_TAB
- WHERE AD_TAB_ID = ?)
- AND IsActive = 'Y'
- UNION
- SELECT COUNT(*) AS TOTAL
+ AND a.AD_Window_ID = t.AD_Window_ID
+ AND t.AD_Tab_ID = ?
+ AND a.IsActive = 'Y'
+ UNION
+ SELECT COUNT(*) AS TOTAL
FROM AD_Table_Access t, AD_Tab tb
WHERE t.AD_Table_ID = tb.AD_Table_ID
AND t.AD_Role_ID = ?
AND TO_CHAR('TABLE') = ?
AND tb.AD_Tab_ID = ?
AND t.IsActive = 'Y'
- AND t.IsExclude = 'Y'
- UNION
- SELECT COUNT(*) AS TOTAL
- FROM AD_Process_Access A,
- AD_Process P
- WHERE AD_Role_ID = ?
- AND TO_CHAR('P') = TO_CHAR(?)
- AND A.AD_Process_ID = ?
- AND P.AD_Process_ID = A.AD_Process_ID
- AND A.IsActive = 'Y'
- AND P.IsExternalService = 'Y'
- UNION
- SELECT 1 AS TOTAL
- FROM AD_Process
- WHERE TO_CHAR('P') = TO_CHAR(?)
- AND AD_Process_ID = ?
- AND IsActive = 'Y'
- AND IsExternalService != 'Y') TOTAL
-
+ AND t.IsExclude = 'Y') TOTAL
]]>
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+