With these scripts you can set all necessary permissions on the database to use the following functions for docs/mails:
- Administrate EAV Company Entities
- (mails) Administrate signature templates
- (mails) Customizing Tool Extension
This script does not currently grant permissions to the company repository root folder (the stored procedure spAddAdminUserPrincipalId can be used for this)
Please always perform a backup before applying database scripts!
empower docs/mails version 8.6 or higher:
-- Insert the PrincipalId for the user that will become an admin
DECLARE
@AdminUserPrincipalId NVARCHAR(50) = N
'[USER_PRINCIPAL_ID]'
-- Or try executing this script by inserting first and last name for user that will become an admin
DECLARE
@FirstName NVARCHAR(50) =
'[ADMIN_USER_FIRST_NAME]'
DECLARE
@LastName NVARCHAR(50) =
'[ADMIN_USER_LAST_NAME]'
-- Insert '1' for every Admin-Permission this user will get
DECLARE
@CompanyEavAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer companies
DECLARE
@SignatureTemplateAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer Signature Templates and assign them to companies
DECLARE
@MailsCustomizingAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer mails customizing (Font, etc. for new and answer mails)
DECLARE
@EavEditorAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer the EAV model using the EAV Editor
DECLARE
@LinkButtonIconAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- !!!Core Schema must be >= 87.0.5.0!!! Can administer the link button icon for docs
DECLARE
@MailsCampaignAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- !!!Core Schema must be >= 811.0.0.0!!! Can administer campaigns as well as campaign-groups/fields for mails
DECLARE
@DocsConsistencyCheckAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- !!!Core Schema must be >= 810.0.0.0!!! Can upload and administer docs consistency check config
-- PLEASE DO NOT TOUCH ANYTHING FROM HERE
DECLARE
@PrincipalId UNIQUEIDENTIFIER
DECLARE
@UserFound
BIT
= 0
BEGIN
TRY
SET
@PrincipalId =
CONVERT
(uniqueidentifier, @AdminUserPrincipalId)
IF EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
[core].[PrincipalUsers]
WHERE
[PrincipalID] = @PrincipalId
)
SET
@UserFound = 1
ELSE
PRINT CONCAT(
'The user with the ID"'
, @AdminUserPrincipalId,
'" could not be found!'
);
END
TRY
BEGIN
CATCH
'AdminUserPrincipal ID not inserted or invalid.'
END
CATCH
IF @UserFound = 0
BEGIN
IF
NOT
EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
[core].[PrincipalUsers]
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
)
PRINT CONCAT(
'The user "'
, @FirstName,
' '
, @LastName,
'" could not be found!'
)
ELSE
IF
(
SELECT
COUNT
(*)
FROM
[core].[PrincipalUsers]
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
) > 1
BEGIN
PRINT CONCAT(
'There is more than one user with named '
, @FirstName,
' '
, @LastName,
'.'
)
'Please execute this script using the user'
's prinipal ID.'
END
ELSE
BEGIN
-- Fetch user's principal Id
SET
@PrincipalId =
(
SELECT
TOP
(1) [PrincipalID]
FROM
[core].[PrincipalUsers]
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
ORDER
By
[LastLoginOn]
DESC
)
SET
@UserFound = 1
END
END
IF @UserFound = 1
BEGIN
DECLARE
@RootFolderId UNIQUEIDENTIFIER = N'00000000-0000-0000-5000-000000000013
'
DECLARE @AdminPermissionRoleId UNIQUEIDENTIFIER = N'
00000000-0000-1000-2000-000000000003
'
-- Add company eav admin permission
IF @CompanyEavAdminPermission = 1 BEGIN
DECLARE @EavBagsRootFolderName NVARCHAR(50) = '
eav.PropertyBags
'
DECLARE @CompanyBagsFolderName NVARCHAR(50) = '
Companies
'
DECLARE @LogosFolderName NVARCHAR(50) = '
Logos
'
DECLARE @CompanyBagsFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @CompanyBagsFolderName
AND [ParentId] =
(
SELECT [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @EavBagsRootFolderName
AND [ParentId] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @CompanyBagsFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav companies!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@CompanyBagsFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
DECLARE @LogosFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @LogosFolderName
AND [ParentId] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @LogosFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
logos folder!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@LogosFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add signature template permission
IF @SignatureTemplateAdminPermission = 1 BEGIN
DECLARE @SignatureTemplatesRootFolderName NVARCHAR(50) = '
mails.SignatureTemplates
'
DECLARE @SignatureTemplatesRootFolderId NVARCHAR(100) =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @SignatureTemplatesRootFolderName
AND [ParentId] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @SignatureTemplatesRootFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
signature templates!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@SignatureTemplatesRootFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add mails customizing permission
DECLARE @MailsPermissionRootFolderName NVARCHAR(50) = '
mails.Permissions
'
IF @MailsCustomizingAdminPermission = 1 BEGIN
DECLARE @MailsCustomizingPermissionFolderName NVARCHAR(50) = '
Customizing
'
DECLARE @MailsCustomizingPermissionFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsCustomizingPermissionFolderName
AND [ParentId] =
(
SELECT [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsPermissionRootFolderName
AND [ParentId] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @MailsCustomizingPermissionFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
mails customizings!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@MailsCustomizingPermissionFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add eav editor permission
IF @EavEditorAdminPermission = 1 BEGIN
DECLARE @EavModelFolderName NVARCHAR(50) = '
eav.Model
'
DECLARE @EavModelFolderId NVARCHAR(100) =
(
SELECT [Id] FROM [core].[TreeFolders]
WHERE [ParentId] = @RootFolderId
AND [Name] = @EavModelFolderName
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @EavModelFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav editor!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@EavModelFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add link button icon admin permission
IF @LinkButtonIconAdminPermission = 1 BEGIN
DECLARE @LinkButtonFolderName NVARCHAR(8) = '
Icons
'
DECLARE @LinkButtonFolderId UNIQUEIDENTIFIER
SELECT @LinkButtonFolderId = [Id] FROM [core].[TreeFolders] WHERE [ParentId] = @RootFolderId AND [Name] = @LinkButtonFolderName
IF EXISTS
(
SELECT 0 FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalId] = @PrincipalId
AND [FolderId] = @LinkButtonFolderId
AND [PermissionRoleId] = @AdminPermissionRoleId
AND [DeletedOn] IS NULL
)
PRINT '
Link Button Icon Folder permission already given
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@LinkButtonFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add mails campaign admin permission
IF @MailsCampaignAdminPermission = 1 BEGIN
DECLARE @MailsCampaignPermissionFolderName NVARCHAR(50) = '
Campaigns
'
DECLARE @MailsCampaignPermissionFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsCampaignPermissionFolderName
AND [ParentId] =
(
SELECT [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @MailsPermissionRootFolderName
AND [ParentId] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @MailsCampaignPermissionFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
mails customizings!
'
ELSE
INSERT INTO [core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@MailsCampaignPermissionFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add docs consistency check admin permission
IF @DocsConsistencyCheckAdminPermission = 1 BEGIN
DECLARE @DocsConsistencyCheckFolderName NVARCHAR(50) = '
docs.ConsistencyCheck
'
DECLARE @DocsConsistencyCheckFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [core].[TreeFolders]
WHERE [Name] = @DocsConsistencyCheckFolderName
AND [ParentId] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [core].[PermissionRoleTreeFolderAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @DocsConsistencyCheckFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
docs consistency
check
!'
ELSE
INSERT
INTO
[core].[PermissionRoleTreeFolderAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModifiedOn])
VALUES
(NEWID()
,@DocsConsistencyCheckFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END
;
END
docs/mails between 8.4.x and 8.5.x:
-- Insert the PrincipalId for the user that will become an admin
DECLARE
@AdminUserPrincipalId NVARCHAR(50) = N
'[ADMIN_USER_PRINCIPAL_ID]'
-- Or try executing this script by inserting first and last name for user that will become an admin
DECLARE
@FirstName NVARCHAR(50) =
'[ADMIN_USER_FIRST_NAME]'
DECLARE
@LastName NVARCHAR(50) =
'[ADMIN_USER_LAST_NAME]'
-- Insert '1' for every Admin-Permission this user will get
DECLARE
@CompanyEavAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer companies
DECLARE
@SignatureTemplateAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can add and administer Signature Templates and assign them to companies
DECLARE
@MailsCustomizingAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer mails customizing (Font, etc. for new and answer mails)
DECLARE
@EavEditorAdminPermission
BIT
= [
Insert
1
for
Admin
and
0
for
no
change]
-- Can administer the EAV model using the EAV Editor (ONLY 85 or higher!)
-- PLEASE DO NOT TOUCH ANYTHING FROM HERE
DECLARE
@PrincipalId UNIQUEIDENTIFIER
DECLARE
@UserFound
BIT
= 0
BEGIN
TRY
SET
@PrincipalId =
CONVERT
(uniqueidentifier, @AdminUserPrincipalId)
IF EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
tbl_Users
WHERE
[PrincipalID] = @PrincipalId
)
SET
@UserFound = 1
ELSE
PRINT CONCAT(
'The user with the ID"'
, @AdminUserPrincipalId,
'" could not be found!'
);
END
TRY
BEGIN
CATCH
'AdminUserPrincipal ID not inserted or invalid.'
END
CATCH
IF @UserFound = 0
BEGIN
IF
NOT
EXISTS
(
SELECT
TOP
(1) [PrincipalID]
FROM
tbl_Users
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
)
PRINT CONCAT(
'The user "'
, @FirstName,
' '
, @LastName,
'" could not be found!'
)
ELSE
IF
(
SELECT
COUNT
(*)
FROM
tbl_Users
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
) > 1
BEGIN
PRINT CONCAT(
'There is more than one user with named '
, @FirstName,
' '
, @LastName,
'.'
)
'Please execute this script using the user'
's prinipal ID.'
END
ELSE
BEGIN
-- Fetch user's principal Id
SET
@PrincipalId =
(
SELECT
TOP
(1) [PrincipalID]
FROM
tbl_Users
WHERE
[FirstName] = @FirstName
AND
[LastName] = @LastName
ORDER
By
[LastLogin]
DESC
)
SET
@UserFound = 1
END
END
IF @UserFound = 1
BEGIN
DECLARE
@RootFolderId UNIQUEIDENTIFIER = N'00000000-0000-0000-5000-000000000013
'
DECLARE @AdminPermissionRoleId UNIQUEIDENTIFIER = N'
00000000-0000-1000-2000-000000000003
'
-- Add company eav admin permission
IF @CompanyEavAdminPermission = 1 BEGIN
DECLARE @EavBagsRootFolderName NVARCHAR(50) = '
eav.PropertyBags
'
DECLARE @CompanyBagsFolderName NVARCHAR(50) = '
Companies
'
DECLARE @LogosFolderName NVARCHAR(50) = '
Logos
'
DECLARE @CompanyBagsFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @CompanyBagsFolderName
AND ParentGroup_ID =
(
SELECT [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @EavBagsRootFolderName
AND [ParentGroup_ID] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @CompanyBagsFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav companies!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@CompanyBagsFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
DECLARE @LogosFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @LogosFolderName
AND ParentGroup_ID = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @LogosFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
logos folder!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@LogosFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add signature template permission
IF @SignatureTemplateAdminPermission = 1 BEGIN
DECLARE @SignatureTemplatesRootFolderName NVARCHAR(50) = '
mails.SignatureTemplates
'
DECLARE @SignatureTemplatesRootFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @SignatureTemplatesRootFolderName
AND ParentGroup_ID = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @SignatureTemplatesRootFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
signature templates!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@SignatureTemplatesRootFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add mails customizing permission
IF @MailsCustomizingAdminPermission = 1 BEGIN
DECLARE @MailsPermissionRootFolderName NVARCHAR(50) = '
mails.Permissions
'
DECLARE @MailsCustomizingPermissionFolderName NVARCHAR(50) = '
Customizing
'
DECLARE @MailsCustomizingPermissionFolderId UNIQUEIDENTIFIER =
(
SELECT TOP(1) [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @MailsCustomizingPermissionFolderName
AND ParentGroup_ID =
(
SELECT [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @MailsPermissionRootFolderName
AND [ParentGroup_ID] = @RootFolderId
)
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @MailsCustomizingPermissionFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
mails customizings!
'
ELSE
INSERT INTO [dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@MailsCustomizingPermissionFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END;
-- Add eav editor permission
IF @EavEditorAdminPermission = 1 BEGIN
DECLARE @EavModelFolderName NVARCHAR(50) = '
eav.Model
'
DECLARE @EavModelFolderId NVARCHAR(100) =
(
SELECT [ID]
FROM [dbo].[tbl_Groups]
WHERE [Name] = @EavModelFolderName
AND [ParentGroup_ID] = @RootFolderId
)
IF EXISTS
(
SELECT *
FROM [dbo].[tbl_FolderPermissionRoleAssignments]
WHERE [PrincipalID] = @PrincipalId
AND [FolderID] = @EavModelFolderId
AND [PermissionRoleID] = @AdminPermissionRoleId
AND DeletedOn IS NULL
)
PRINT '
This
user
already has admin permissions
for
eav editor!'
ELSE
INSERT
INTO
[dbo].[tbl_FolderPermissionRoleAssignments]
([ID]
,[FolderID]
,[PrincipalID]
,[PermissionRoleID]
,[LastModified])
VALUES
(NEWID()
,@EavModelFolderId
,@PrincipalId
,@AdminPermissionRoleId
,GETUTCDATE())
END
;
END
Comments
0 comments
Article is closed for comments.