Dieses Script setzt alle nötigen Berechtigungen auf der DB um für docs/mails folgende Funktionen nutzen zu können:
- EAV Company Entities administrieren
- (mails) Signatur-Vorlagen administrieren
- (mails) Customizing Tool-Erweiterung
Dieses Script vergibt aktuell keine Berechtigungen auf den Company Repository Root folder (hierzu kann die Stored Procedure spAddAdminUserPrincipalId genutzt werden).
Bitte führen Sie immer ein Backup vor der Anwendung von Datenbankskripten durch!
empower mails/docs version 8.6 oder höher:
-- Insert the PrincipalId for the user that will become an admin
DECLARE
@AdminUserPrincipalId NVARCHAR(50) = N
'[USER_PRINCIPAL_ID]'
-- Or try executing this script by inserting first and last name for user that will become an admin
DECLARE
@FirstName NVARCHAR(50) =
'[ADMIN_USER_FIRST_NAME]'
DECLARE
@LastName NVARCHAR(50) =
'[ADMIN_USER_LAST_NAME]'
-- Insert '1' for every Admin-Permission this user will get
DECLARE
@CompanyEavAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer companies
DECLARE
@SignatureTemplateAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer Signature Templates and assign them to companies
DECLARE
@MailsCustomizingAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer mails customizing (Font, etc. for new and answer mails)
DECLARE
@EavEditorAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer the EAV model using the EAV Editor
DECLARE
@LinkButtonIconAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- !!!Core Schema must be >= 87.0.5.0!!! Can administer the link button icon for docs
DECLARE
@MailsCampaignAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- !!!Core Schema must be >= 811.0.0.0!!! Can administer campaigns as well as campaign-groups/fields for mails
DECLARE
@DocsConsistencyCheckAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- !!!Core Schema must be >= 810.0.0.0!!! Can upload and administer docs consistency check config
-- PLEASE DO NOT TOUCH ANYTHING FROM HERE
DECLARE
@PrincipalId UNIQUEIDENTIFIER
DECLARE
@UserFound
BIT
= 0
BEGIN
TRY
SET
@PrincipalId =
CONVERT
(uniqueidentifier, @AdminUserPrincipalId)
IF EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
[core].[PrincipalUsers]
WHERE
[PrincipalID] = @PrincipalId
)
SET
@UserFound = 1
ELSE
PRINT CONCAT(
'The user with the ID"'
, @AdminUserPrincipalId,
'" could not be found!'
);
END
TRY
BEGIN
CATCH
'AdminUserPrincipal ID not inserted or invalid.'
END
CATCH
IF @UserFound = 0
BEGIN
IF
NOT
EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
[core].[PrincipalUsers]
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
)
PRINT CONCAT(
'The user "'
, @FirstName,
' '
, @LastName,
'" could not be found!'
)
ELSE
IF
(
SELECT
COUNT
(*)
FROM
[core].[PrincipalUsers]
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
) > 1
BEGIN
PRINT CONCAT(
'There is more than one user with named '
, @FirstName,
' '
, @LastName,
'.'
)
'Please execute this script using the user'
's prinipal ID.'
END
ELSE
BEGIN
-- Fetch user's principal Id
SET
@PrincipalId =
(
SELECT
TOP
(1) [PrincipalID]
FROM
[core].[PrincipalUsers]
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
ORDER
By
[LastLoginOn]
DESC
)
SET
@UserFound = 1
END
END
IF @UserFound = 1
BEGIN
DECLARE
@RootFolderId UNIQUEIDENTIFIER = N'00000000-0000-0000-5000-000000000013
'
DECLARE @AdminPermissionRoleId UNIQUEIDENTIFIER = N'
00000000-0000-1000-2000-000000000003
'
-- Add company eav admin permission
IF @CompanyEavAdminPermission = 1 BEGIN
DECLARE @EavBagsRootFolderName NVARCHAR(50) = '
eav.PropertyBags
'
DECLARE @CompanyBagsFolderName NVARCHAR(50) = '
Companies
'
DECLARE @LogosFolderName NVARCHAR(50) = '
Logos
'
DECLARE @CompanyBagsFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @CompanyBagsFolderName
AND [ParentId] =
(
SELECT [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @EavBagsRootFolderName
AND [ParentId] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @CompanyBagsFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav companies!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@CompanyBagsFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
DECLARE @LogosFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @LogosFolderName
AND [ParentId] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @LogosFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
logos folder!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@LogosFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add signature template permission
IF @SignatureTemplateAdminPermission = 1 BEGIN
DECLARE @SignatureTemplatesRootFolderName NVARCHAR(50) = '
mails.SignatureTemplates
'
DECLARE @SignatureTemplatesRootFolderId NVARCHAR(100) =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @SignatureTemplatesRootFolderName
AND [ParentId] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @SignatureTemplatesRootFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
signature templates!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@SignatureTemplatesRootFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add mails customizing permission
DECLARE @MailsPermissionRootFolderName NVARCHAR(50) = '
mails.Permissions
'
IF @MailsCustomizingAdminPermission = 1 BEGIN
DECLARE @MailsCustomizingPermissionFolderName NVARCHAR(50) = '
Customizing
'
DECLARE @MailsCustomizingPermissionFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsCustomizingPermissionFolderName
AND [ParentId] =
(
SELECT [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsPermissionRootFolderName
AND [ParentId] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @MailsCustomizingPermissionFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
mails customizings!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@MailsCustomizingPermissionFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add eav editor permission
IF @EavEditorAdminPermission = 1 BEGIN
DECLARE @EavModelFolderName NVARCHAR(50) = '
eav.Model
'
DECLARE @EavModelFolderId NVARCHAR(100) =
(
SELECT [Id] FROM [core].[TreeFolders]
WHERE [ParentId] = @RootFolderId
AND [Name] = @EavModelFolderName
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @EavModelFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav editor!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@EavModelFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add link button icon admin permission
IF @LinkButtonIconAdminPermission = 1 BEGIN
DECLARE @LinkButtonFolderName NVARCHAR(8) = '
Icons
'
DECLARE @LinkButtonFolderId UNIQUEIDENTIFIER
SELECT @LinkButtonFolderId = [Id] FROM [core].[TreeFolders] WHERE [ParentId] = @RootFolderId AND [Name] = @LinkButtonFolderName
IF EXISTS
(
SELECT 0 FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalId] = @PrincipalId
AND [FolderId] = @LinkButtonFolderId
AND [PermissionRoleId] = @AdminPermissionRoleId
AND [DeletedOn] IS NULL
)
PRINT '
Link Button Icon Folder permission already given
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@LinkButtonFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add mails campaign admin permission
IF @MailsCampaignAdminPermission = 1 BEGIN
DECLARE @MailsCampaignPermissionFolderName NVARCHAR(50) = '
Campaigns
'
DECLARE @MailsCampaignPermissionFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsCampaignPermissionFolderName
AND [ParentId] =
(
SELECT [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsPermissionRootFolderName
AND [ParentId] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @MailsCampaignPermissionFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
mails customizings!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@MailsCampaignPermissionFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add docs consistency check admin permission
IF @DocsConsistencyCheckAdminPermission = 1 BEGIN
DECLARE @DocsConsistencyCheckFolderName NVARCHAR(50) = '
docs.ConsistencyCheck
'
DECLARE @DocsConsistencyCheckFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @DocsConsistencyCheckFolderName
AND [ParentId] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @DocsConsistencyCheckFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
docs consistency
check
!'
ELSE
INSERT
INTO
[core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@DocsConsistencyCheckFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END
;
END
docs/mails Version zwischen 8.4.x und 8.5.x:
-- Insert the PrincipalId for the user that will become an admin
DECLARE
@AdminUserPrincipalId NVARCHAR(50) = N
'[ADMIN_USER_PRINCIPAL_ID]'
-- Or try executing this script by inserting first and last name for user that will become an admin
DECLARE
@FirstName NVARCHAR(50) =
'[ADMIN_USER_FIRST_NAME]'
DECLARE
@LastName NVARCHAR(50) =
'[ADMIN_USER_LAST_NAME]'
-- Insert '1' for every Admin-Permission this user will get
DECLARE
@CompanyEavAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer companies
DECLARE
@SignatureTemplateAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer Signature Templates and assign them to companies
DECLARE
@MailsCustomizingAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer mails customizing (Font, etc. for new and answer mails)
DECLARE
@EavEditorAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer the EAV model using the EAV Editor (ONLY 85 or higher!)
-- PLEASE DO NOT TOUCH ANYTHING FROM HERE
DECLARE
@PrincipalId UNIQUEIDENTIFIER
DECLARE
@UserFound
BIT
= 0
BEGIN
TRY
SET
@PrincipalId =
CONVERT
(uniqueidentifier, @AdminUserPrincipalId)
IF EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
tbl_Users
WHERE
[PrincipalID] = @PrincipalId
)
SET
@UserFound = 1
ELSE
PRINT CONCAT(
'The user with the ID"'
, @AdminUserPrincipalId,
'" could not be found!'
);
END
TRY
BEGIN
CATCH
'AdminUserPrincipal ID not inserted or invalid.'
END
CATCH
IF @UserFound = 0
BEGIN
IF
NOT
EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
tbl_Users
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
)
PRINT CONCAT(
'The user "'
, @FirstName,
' '
, @LastName,
'" could not be found!'
)
ELSE
IF
(
SELECT
COUNT
(*)
FROM
tbl_Users
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
) > 1
BEGIN
PRINT CONCAT(
'There is more than one user with named '
, @FirstName,
' '
, @LastName,
'.'
)
'Please execute this script using the user'
's prinipal ID.'
END
ELSE
BEGIN
-- Fetch user's principal Id
SET
@PrincipalId =
(
SELECT
TOP
(1) [PrincipalID]
FROM
tbl_Users
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
ORDER
By
[LastLogin]
DESC
)
SET
@UserFound = 1
END
END
IF @UserFound = 1
BEGIN
DECLARE
@RootFolderId UNIQUEIDENTIFIER = N'00000000-0000-0000-5000-000000000013
'
DECLARE @AdminPermissionRoleId UNIQUEIDENTIFIER = N'
00000000-0000-1000-2000-000000000003
'
-- Add company eav admin permission
IF @CompanyEavAdminPermission = 1 BEGIN
DECLARE @EavBagsRootFolderName NVARCHAR(50) = '
eav.PropertyBags
'
DECLARE @CompanyBagsFolderName NVARCHAR(50) = '
Companies
'
DECLARE @LogosFolderName NVARCHAR(50) = '
Logos
'
DECLARE @CompanyBagsFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @CompanyBagsFolderName
AND ParentGroup_ID =
(
SELECT [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @EavBagsRootFolderName
AND [ParentGroup_ID] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @CompanyBagsFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav companies!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@CompanyBagsFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
DECLARE @LogosFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @LogosFolderName
AND ParentGroup_ID = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @LogosFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
logos folder!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@LogosFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add signature template permission
IF @SignatureTemplateAdminPermission = 1 BEGIN
DECLARE @SignatureTemplatesRootFolderName NVARCHAR(50) = '
mails.SignatureTemplates
'
DECLARE @SignatureTemplatesRootFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @SignatureTemplatesRootFolderName
AND ParentGroup_ID = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @SignatureTemplatesRootFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
signature templates!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@SignatureTemplatesRootFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add mails customizing permission
IF @MailsCustomizingAdminPermission = 1 BEGIN
DECLARE @MailsPermissionRootFolderName NVARCHAR(50) = '
mails.Permissions
'
DECLARE @MailsCustomizingPermissionFolderName NVARCHAR(50) = '
Customizing
'
DECLARE @MailsCustomizingPermissionFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @MailsCustomizingPermissionFolderName
AND ParentGroup_ID =
(
SELECT [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @MailsPermissionRootFolderName
AND [ParentGroup_ID] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @MailsCustomizingPermissionFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
mails customizings!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@MailsCustomizingPermissionFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add eav editor permission
IF @EavEditorAdminPermission = 1 BEGIN
DECLARE @EavModelFolderName NVARCHAR(50) = '
eav.Model
'
DECLARE @EavModelFolderId NVARCHAR(100) =
(
SELECT [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @EavModelFolderName
AND [ParentGroup_ID] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @EavModelFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav editor!'
ELSE
INSERT
INTO
[dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@EavModelFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END
;
END
Kommentare
0 Kommentare
Zu diesem Beitrag können keine Kommentare hinterlassen werden.