Dieses Script setzt alle nötigen Berechtigungen auf der DB um für docs/mails folgende Funktionen nutzen zu können:
- EAV Company Entities administrieren
- (mails) Signatur-Vorlagen administrieren
- (mails) Customizing Tool-Erweiterung
Dieses Script vergibt aktuell keine Berechtigungen auf den Company Repository Root folder (hierzu kann die Stored Procedure spAddAdminUserPrincipalId genutzt werden).
Bitte führen Sie immer ein Backup vor der Anwendung von Datenbankskripten durch!
empower mails/docs version 8.6 oder höher:
-- Insert the PrincipalId for the user that will become an adminDECLARE@AdminUserPrincipalId NVARCHAR(50) = N'[USER_PRINCIPAL_ID]'-- Or try executing this script by inserting first and last name for user that will become an adminDECLARE@FirstName NVARCHAR(50) ='[ADMIN_USER_FIRST_NAME]'DECLARE@LastName NVARCHAR(50) ='[ADMIN_USER_LAST_NAME]'-- Insert '1' for every Admin-Permission this user will getDECLARE@CompanyEavAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can add and administer companiesDECLARE@SignatureTemplateAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can add and administer Signature Templates and assign them to companiesDECLARE@MailsCustomizingAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can administer mails customizing (Font, etc. for new and answer mails)DECLARE@EavEditorAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can administer the EAV model using the EAV EditorDECLARE@LinkButtonIconAdminPermissionBIT= [Insert1forAdminand0fornochange]-- !!!Core Schema must be >= 87.0.5.0!!! Can administer the link button icon for docsDECLARE@MailsCampaignAdminPermissionBIT= [Insert1forAdminand0fornochange]-- !!!Core Schema must be >= 811.0.0.0!!! Can administer campaigns as well as campaign-groups/fields for mailsDECLARE@DocsConsistencyCheckAdminPermissionBIT= [Insert1forAdminand0fornochange]-- !!!Core Schema must be >= 810.0.0.0!!! Can upload and administer docs consistency check config-- PLEASE DO NOT TOUCH ANYTHING FROM HEREDECLARE@PrincipalId UNIQUEIDENTIFIERDECLARE@UserFoundBIT= 0BEGINTRYSET@PrincipalId =CONVERT(uniqueidentifier, @AdminUserPrincipalId)IF EXISTS(SELECTTOP(1) [PrincipalID]FROM[core].[PrincipalUsers]WHERE[PrincipalID] = @PrincipalId)SET@UserFound = 1ELSEPRINT CONCAT('The user with the ID"', @AdminUserPrincipalId,'" could not be found!');ENDTRYBEGINCATCH'AdminUserPrincipal ID not inserted or invalid.'ENDCATCHIF @UserFound = 0BEGINIFNOTEXISTS(SELECTTOP(1) [PrincipalID]FROM[core].[PrincipalUsers]WHERE[FirstName] = @FirstNameAND[LastName] = @LastName)PRINT CONCAT('The user "', @FirstName,' ', @LastName,'" could not be found!')ELSEIF(SELECTCOUNT(*)FROM[core].[PrincipalUsers]WHERE[FirstName] = @FirstNameAND[LastName] = @LastName) > 1BEGINPRINT CONCAT('There is more than one user with named ', @FirstName,' ', @LastName,'.')'Please execute this script using the user''s prinipal ID.'ENDELSEBEGIN-- Fetch user's principal IdSET@PrincipalId =(SELECTTOP(1) [PrincipalID]FROM[core].[PrincipalUsers]WHERE[FirstName] = @FirstNameAND[LastName] = @LastNameORDERBy[LastLoginOn]DESC)SET@UserFound = 1ENDENDIF @UserFound = 1BEGINDECLARE@RootFolderId UNIQUEIDENTIFIER = N'00000000-0000-0000-5000-000000000013'DECLARE @AdminPermissionRoleId UNIQUEIDENTIFIER = N'00000000-0000-1000-2000-000000000003'-- Add company eav admin permissionIF @CompanyEavAdminPermission = 1 BEGINDECLARE @EavBagsRootFolderName NVARCHAR(50) = 'eav.PropertyBags'DECLARE @CompanyBagsFolderName NVARCHAR(50) = 'Companies'DECLARE @LogosFolderName NVARCHAR(50) = 'Logos'DECLARE @CompanyBagsFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [core].[TreeFolders]WHERE [Name] = @CompanyBagsFolderNameAND [ParentId] =(SELECT [ID]FROM [core].[TreeFolders]WHERE [Name] = @EavBagsRootFolderNameAND [ParentId] = @RootFolderId))IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @CompanyBagsFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforeav companies!'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@CompanyBagsFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())DECLARE @LogosFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [core].[TreeFolders]WHERE [Name] = @LogosFolderNameAND [ParentId] = @RootFolderId)IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @LogosFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforlogos folder!'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@LogosFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add signature template permissionIF @SignatureTemplateAdminPermission = 1 BEGINDECLARE @SignatureTemplatesRootFolderName NVARCHAR(50) = 'mails.SignatureTemplates'DECLARE @SignatureTemplatesRootFolderId NVARCHAR(100) =(SELECT TOP(1) [ID]FROM [core].[TreeFolders]WHERE [Name] = @SignatureTemplatesRootFolderNameAND [ParentId] = @RootFolderId)IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @SignatureTemplatesRootFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforsignature templates!'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@SignatureTemplatesRootFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add mails customizing permissionDECLARE @MailsPermissionRootFolderName NVARCHAR(50) = 'mails.Permissions'IF @MailsCustomizingAdminPermission = 1 BEGINDECLARE @MailsCustomizingPermissionFolderName NVARCHAR(50) = 'Customizing'DECLARE @MailsCustomizingPermissionFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [core].[TreeFolders]WHERE [Name] = @MailsCustomizingPermissionFolderNameAND [ParentId] =(SELECT [ID]FROM [core].[TreeFolders]WHERE [Name] = @MailsPermissionRootFolderNameAND [ParentId] = @RootFolderId))IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @MailsCustomizingPermissionFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsformails customizings!'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@MailsCustomizingPermissionFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add eav editor permissionIF @EavEditorAdminPermission = 1 BEGINDECLARE @EavModelFolderName NVARCHAR(50) = 'eav.Model'DECLARE @EavModelFolderId NVARCHAR(100) =(SELECT [Id] FROM [core].[TreeFolders]WHERE [ParentId] = @RootFolderIdAND [Name] = @EavModelFolderName)IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @EavModelFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforeav editor!'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@EavModelFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add link button icon admin permissionIF @LinkButtonIconAdminPermission = 1 BEGINDECLARE @LinkButtonFolderName NVARCHAR(8) = 'Icons'DECLARE @LinkButtonFolderId UNIQUEIDENTIFIERSELECT @LinkButtonFolderId = [Id] FROM [core].[TreeFolders] WHERE [ParentId] = @RootFolderId AND [Name] = @LinkButtonFolderNameIF EXISTS(SELECT 0 FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalId] = @PrincipalIdAND [FolderId] = @LinkButtonFolderIdAND [PermissionRoleId] = @AdminPermissionRoleIdAND [DeletedOn] IS NULL)PRINT 'Link Button Icon Folder permission already given'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@LinkButtonFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add mails campaign admin permissionIF @MailsCampaignAdminPermission = 1 BEGINDECLARE @MailsCampaignPermissionFolderName NVARCHAR(50) = 'Campaigns'DECLARE @MailsCampaignPermissionFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [core].[TreeFolders]WHERE [Name] = @MailsCampaignPermissionFolderNameAND [ParentId] =(SELECT [ID]FROM [core].[TreeFolders]WHERE [Name] = @MailsPermissionRootFolderNameAND [ParentId] = @RootFolderId))IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @MailsCampaignPermissionFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsformails customizings!'ELSEINSERT INTO [core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@MailsCampaignPermissionFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add docs consistency check admin permissionIF @DocsConsistencyCheckAdminPermission = 1 BEGINDECLARE @DocsConsistencyCheckFolderName NVARCHAR(50) = 'docs.ConsistencyCheck'DECLARE @DocsConsistencyCheckFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [core].[TreeFolders]WHERE [Name] = @DocsConsistencyCheckFolderNameAND [ParentId] = @RootFolderId)IF EXISTS(SELECT *FROM [core].[PermissionRoleTreeFolderAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @DocsConsistencyCheckFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsfordocs consistencycheck!'ELSEINSERTINTO[core].[PermissionRoleTreeFolderAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModifiedOn])VALUES(NEWID(),@DocsConsistencyCheckFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;END
docs/mails Version zwischen 8.4.x und 8.5.x:
-- Insert the PrincipalId for the user that will become an adminDECLARE@AdminUserPrincipalId NVARCHAR(50) = N'[ADMIN_USER_PRINCIPAL_ID]'-- Or try executing this script by inserting first and last name for user that will become an adminDECLARE@FirstName NVARCHAR(50) ='[ADMIN_USER_FIRST_NAME]'DECLARE@LastName NVARCHAR(50) ='[ADMIN_USER_LAST_NAME]'-- Insert '1' for every Admin-Permission this user will getDECLARE@CompanyEavAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can add and administer companiesDECLARE@SignatureTemplateAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can add and administer Signature Templates and assign them to companiesDECLARE@MailsCustomizingAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can administer mails customizing (Font, etc. for new and answer mails)DECLARE@EavEditorAdminPermissionBIT= [Insert1forAdminand0fornochange]-- Can administer the EAV model using the EAV Editor (ONLY 85 or higher!)-- PLEASE DO NOT TOUCH ANYTHING FROM HEREDECLARE@PrincipalId UNIQUEIDENTIFIERDECLARE@UserFoundBIT= 0BEGINTRYSET@PrincipalId =CONVERT(uniqueidentifier, @AdminUserPrincipalId)IF EXISTS(SELECTTOP(1) [PrincipalID]FROMtbl_UsersWHERE[PrincipalID] = @PrincipalId)SET@UserFound = 1ELSEPRINT CONCAT('The user with the ID"', @AdminUserPrincipalId,'" could not be found!');ENDTRYBEGINCATCH'AdminUserPrincipal ID not inserted or invalid.'ENDCATCHIF @UserFound = 0BEGINIFNOTEXISTS(SELECTTOP(1) [PrincipalID]FROMtbl_UsersWHERE[FirstName] = @FirstNameAND[LastName] = @LastName)PRINT CONCAT('The user "', @FirstName,' ', @LastName,'" could not be found!')ELSEIF(SELECTCOUNT(*)FROMtbl_UsersWHERE[FirstName] = @FirstNameAND[LastName] = @LastName) > 1BEGINPRINT CONCAT('There is more than one user with named ', @FirstName,' ', @LastName,'.')'Please execute this script using the user''s prinipal ID.'ENDELSEBEGIN-- Fetch user's principal IdSET@PrincipalId =(SELECTTOP(1) [PrincipalID]FROMtbl_UsersWHERE[FirstName] = @FirstNameAND[LastName] = @LastNameORDERBy[LastLogin]DESC)SET@UserFound = 1ENDENDIF @UserFound = 1BEGINDECLARE@RootFolderId UNIQUEIDENTIFIER = N'00000000-0000-0000-5000-000000000013'DECLARE @AdminPermissionRoleId UNIQUEIDENTIFIER = N'00000000-0000-1000-2000-000000000003'-- Add company eav admin permissionIF @CompanyEavAdminPermission = 1 BEGINDECLARE @EavBagsRootFolderName NVARCHAR(50) = 'eav.PropertyBags'DECLARE @CompanyBagsFolderName NVARCHAR(50) = 'Companies'DECLARE @LogosFolderName NVARCHAR(50) = 'Logos'DECLARE @CompanyBagsFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @CompanyBagsFolderNameAND ParentGroup_ID =(SELECT [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @EavBagsRootFolderNameAND [ParentGroup_ID] = @RootFolderId))IF EXISTS(SELECT *FROM [dbo].[tbl_FolderPermissionRoleAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @CompanyBagsFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforeav companies!'ELSEINSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModified])VALUES(NEWID(),@CompanyBagsFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())DECLARE @LogosFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @LogosFolderNameAND ParentGroup_ID = @RootFolderId)IF EXISTS(SELECT *FROM [dbo].[tbl_FolderPermissionRoleAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @LogosFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforlogos folder!'ELSEINSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModified])VALUES(NEWID(),@LogosFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add signature template permissionIF @SignatureTemplateAdminPermission = 1 BEGINDECLARE @SignatureTemplatesRootFolderName NVARCHAR(50) = 'mails.SignatureTemplates'DECLARE @SignatureTemplatesRootFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @SignatureTemplatesRootFolderNameAND ParentGroup_ID = @RootFolderId)IF EXISTS(SELECT *FROM [dbo].[tbl_FolderPermissionRoleAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @SignatureTemplatesRootFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforsignature templates!'ELSEINSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModified])VALUES(NEWID(),@SignatureTemplatesRootFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add mails customizing permissionIF @MailsCustomizingAdminPermission = 1 BEGINDECLARE @MailsPermissionRootFolderName NVARCHAR(50) = 'mails.Permissions'DECLARE @MailsCustomizingPermissionFolderName NVARCHAR(50) = 'Customizing'DECLARE @MailsCustomizingPermissionFolderId UNIQUEIDENTIFIER =(SELECT TOP(1) [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @MailsCustomizingPermissionFolderNameAND ParentGroup_ID =(SELECT [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @MailsPermissionRootFolderNameAND [ParentGroup_ID] = @RootFolderId))IF EXISTS(SELECT *FROM [dbo].[tbl_FolderPermissionRoleAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @MailsCustomizingPermissionFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsformails customizings!'ELSEINSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModified])VALUES(NEWID(),@MailsCustomizingPermissionFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;-- Add eav editor permissionIF @EavEditorAdminPermission = 1 BEGINDECLARE @EavModelFolderName NVARCHAR(50) = 'eav.Model'DECLARE @EavModelFolderId NVARCHAR(100) =(SELECT [ID]FROM [dbo].[tbl_Groups]WHERE [Name] = @EavModelFolderNameAND [ParentGroup_ID] = @RootFolderId)IF EXISTS(SELECT *FROM [dbo].[tbl_FolderPermissionRoleAssignments]WHERE [PrincipalID] = @PrincipalIdAND [FolderID] = @EavModelFolderIdAND [PermissionRoleID] = @AdminPermissionRoleIdAND DeletedOn IS NULL)PRINT 'Thisuseralready has admin permissionsforeav editor!'ELSEINSERTINTO[dbo].[tbl_FolderPermissionRoleAssignments]([ID],[FolderID],[PrincipalID],[PermissionRoleID],[LastModified])VALUES(NEWID(),@EavModelFolderId,@PrincipalId,@AdminPermissionRoleId,GETUTCDATE())END;END
Kommentare
0 Kommentare
Zu diesem Beitrag können keine Kommentare hinterlassen werden.