From f11362ef34d550f8adff2067a136f660c1959e5e Mon Sep 17 00:00:00 2001
From: "Christopher Lott (cl778h)" <clott@research.att.com>
Date: Fri, 27 Oct 2017 18:29:04 -0400
Subject: Additional security fixes

Issue: PORTAL-135
Change-Id: I8574fbcd73d9a053e8a19d5a8e4219a4034b751e
Signed-off-by: Christopher Lott (cl778h) <clott@research.att.com>
---
 .../main/webapp/WEB-INF/fusion/orm/Fusion.hbm.xml  | 23 ++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

(limited to 'ecomp-sdk/epsdk-app-overlay/src/main')

diff --git a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/WEB-INF/fusion/orm/Fusion.hbm.xml b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/WEB-INF/fusion/orm/Fusion.hbm.xml
index dc2e5df2..b2fa88f8 100644
--- a/ecomp-sdk/epsdk-app-overlay/src/main/webapp/WEB-INF/fusion/orm/Fusion.hbm.xml
+++ b/ecomp-sdk/epsdk-app-overlay/src/main/webapp/WEB-INF/fusion/orm/Fusion.hbm.xml
@@ -385,12 +385,7 @@
         
     <query name="getReportSecurityRoles">
       select repId, orderNo, roleId, userId, readOnlyYn from ReportUserRole where repId = :report_id and roleId is not null
-    </query>
-
-<!--     <query name="insertReportSecurityUsers">
-		insert into ReportUserRole (repId, roleId, userId, readOnlyYn) values (:report_id, :role_id, :user_id, :read_only_yn)
-    </query> -->
-    
+    </query>    
 
     <query name="deleteReportSecurityUsers">
       delete from ReportUserRole where repId = :report_id and userId =:user_id
@@ -402,10 +397,22 @@
     
      <query name="getUserByProfileId">
       select orgUserId from User where id = :user_id
-    </query>
+     </query>
     
      <query name="getUserIdByorgUserId">
       select id from User where orgUserId = :orgUserId
-    </query>
+     </query>
+
+     <query name="getUserByOrgUserId">
+		FROM User WHERE orgUserId = :org_user_id
+     </query>
+
+     <query name="getUserByLoginId">
+		FROM User WHERE loginId = :login_id
+     </query>
+
+     <query name="getUserByLoginIdLoginPwd">
+		FROM User WHERE loginId = :login_id and loginPwd = :login_pwd		
+     </query>
 
 </hibernate-mapping>
-- 
cgit 1.2.3-korg