///////////////////////////////////////////////////////////
// SecurityGroup.cs
// Implementation of Class SecurityGroup
// CSLA type: Editable Root
// Created on: 07-Jun-2004 8:41:36 AM
// Object design: Joyce
// Coded: John July 7 2004
///////////////////////////////////////////////////////////
using System;
using System.Data;
using CSLA.Data;
using GZTW.Data;
using CSLA;
using System.Threading;
using CSLA.Security;
using System.Text;
namespace GZTW.AyaNova.BLL
{
///
/// Security group
///
[Serializable]
public class SecurityGroup : BusinessBase
{
#region Attributes
private bool bReadOnly;
private Guid mID;
private string mName=null;
private SmartDate mCreated;
private SmartDate mModified;
private Guid mCreator;
private Guid mModifier;
private UserRights mRights;
#endregion
#region Constructor
///
/// Private constructor to prevent direct instantiation
///
private SecurityGroup()
{
//Set to read / write initially so that properties
//can be set
bReadOnly=false;
//New ID
mID = Guid.NewGuid();
//pre-break the rule
Name="";
mRights=UserRights.NewItems();
//add all available rights to collection with no access by default
//Set record history to defaults
mCreated = new SmartDate(DBUtil.CurrentWorkingDateTime);
mModified=new SmartDate();
mCreator=Guid.Empty;
mModifier=Guid.Empty;
}
#endregion
#region Business properties
///
/// Get internal id number Read only property because it's set internally, not
/// externally
///
public Guid ID
{
get
{
return mID;
}
}
///
/// Get created date
///
///
///
public string Created
{
get
{
return mCreated.ToString();
}
}
///
/// Get modified date
///
///
///
public string Modified
{
get
{
return mModified.ToString();
}
}
///
/// Get user record ID of person who created this record
///
///
///
public Guid Creator
{
get
{
return mCreator;
}
}
///
/// Get user ID of person who modified this record
///
///
///
public Guid Modifier
{
get
{
return mModifier;
}
}
///
/// Set/get Name of item
///
///
public string Name
{
get
{
return mName;
}
set
{
if(bReadOnly)
ThrowSetError();
else
{
if(mName!=value)
{
mName = value;
BrokenRules.Assert("NameRequired","Error.Object.RequiredFieldEmpty,SecurityGroup.Label.Name","Name",value.Length==0);
BrokenRules.Assert("NameLength",
"Error.Object.FieldLengthExceeded255,SecurityGroup.Label.Name","Name",value.Length>255);
MarkDirty();
}
}
}
}
///
/// Rights collection
///
public UserRights Rights
{
get
{
return mRights;
}
}
///
/// Indicator if current security group is Built-in AyaNova Administrator group
///
/// (AyaNova Administrator group properties are all read only
/// check this before attempting to set)
///
public bool IsAyaNovaAdministrator
{
get
{
return mID.Equals(SecurityGroup.AyaNovaAdministratorID);
}
}
//case 14
///
/// Indicates if item can be duplicated or not
/// Item can be duplicated if the current user
/// has write rights to this item and this item
/// is not dirty or new and IsValid
///
public bool CanDuplicate
{
get
{
if (!AyaBizUtils.CanWrite(RootObjectTypes.SecurityGroup)) return false;
if (IsDirty || IsNew || (!IsValid)) return false;
return true;
}
}
///
/// Generates a duplicate of this item
/// and returns it.
///
///
public SecurityGroup Duplicate()
{
SecurityGroup dest= SecurityGroup.NewItem();
dest.Name = DBUtil.CurrentWorkingDateTime.ToString();
foreach (UserRight srcright in Rights)
dest.Rights[srcright.Right].SecurityLevel = srcright.SecurityLevel;
return dest;
}
///
/// Throw an error when a read only user
/// tries to set a property
/// (this should normally never be called unless someone is using the developer api since the UI
/// should prevent it from happening initially)
///
private void ThrowSetError()
{
throw new System.Security.SecurityException
(
string.Format
(
LocalizedTextTable.GetLocalizedTextDirect("Error.Security.NotAuthorizedToChange"),
LocalizedTextTable.GetLocalizedTextDirect("O.SecurityGroup")
)
);
}
#endregion
#region System.Object overrides
///
///
///
///
public override string ToString()
{
return "SecurityGroup" + mID.ToString();
}
///
///
///
///
///
public override bool Equals(Object obj)
{
if ( obj == null || GetType ( ) != obj.GetType ( ) ) return false;
SecurityGroup c=(SecurityGroup)obj;
return mID==c.mID;
}
///
///
///
///
public override int GetHashCode()
{
return ("SecurityGroup" + mID).GetHashCode();
}
#endregion
#region Static methods
///
/// Guid of built in Administrator account
///
public static Guid AyaNovaAdministratorID
{
get
{
return new Guid("{FF0DE42A-0EA0-429B-9643-64355703E8D1}");
}
}
///
/// Get new object
///
///
public static SecurityGroup NewItem()
{
if(AyaBizUtils.Right("Object.SecurityGroup")>(int)SecurityLevelTypes.ReadOnly)
{
SecurityGroup s=new SecurityGroup();
s.Rights.Add(s,"Object.Client",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ClientGroup",SecurityLevelTypes.NoAccess);
//Case 619 s.Rights.Add(s,"Object.ClientRequestPart",SecurityLevelTypes.NoAccess);
//Case 619 s.Rights.Add(s,"Object.ClientRequestTech",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ClientServiceRequest",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Contract",SecurityLevelTypes.NoAccess);
//Case 619 s.Rights.Add(s,"Object.ContractPart",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ContractRate",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.DispatchZone",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Global",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.HeadOffice",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.LocalizedText",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Part",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.PartAssembly",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.PartCategory",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.PartByWarehouseInventory",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.PartWarehouse",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderPreventiveMaintenance",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Priority",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Project",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.PurchaseOrder",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderQuote",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Rate",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.RateUnitChargeDescription",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Region",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.LoanItem",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemLoan",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ScheduleMarker",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.SecurityGroup",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderService",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.TaskGroup",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Task",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.TaskGroupTask",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.TaxCode",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Unit",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UnitMeterReading",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UnitModel",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UnitOfMeasure",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.User",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UserCertification",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UserCertificationAssigned",SecurityLevelTypes.NoAccess);
//Case 618 s.Rights.Add(s,"Object.UserRight",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UserSkill",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UserSkillAssigned",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Vendor",SecurityLevelTypes.NoAccess);
//case 1387 s.Rights.Add(s,"Object.Workorder",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderCategory",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItem",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemLabor",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemMiscExpense",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemOutsideService",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemPart",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemScheduledUser",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemTask",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemTravel",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderItemType",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.UnitServiceType",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderStatus",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ScheduleableUserGroupUser",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ScheduleableUserGroup",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Memo",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.PartInventoryAdjustment",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ScheduleForm",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.ServiceBank",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Report",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.WorkorderService.CloseByDate",SecurityLevelTypes.NoAccess);
s.Rights.Add(s,"Object.Notification",SecurityLevelTypes.NoAccess);
//Added: 26-May-2006
s.Rights.Add(s, "Object.GridFilter", SecurityLevelTypes.NoAccess);
//Added: 6-Sept-2006
s.Rights.Add(s, "Object.Workorder.Close", SecurityLevelTypes.NoAccess);
//Case 73
s.Rights.Add(s, "Object.WikiPage", SecurityLevelTypes.NoAccess);
s.Rights.Add(s, "Object.AyaFile", SecurityLevelTypes.NoAccess);
//wups, missed this originally, call it part of case 14
s.Rights.Add(s, "Object.GlobalWikiPage", SecurityLevelTypes.NoAccess);
//case 1317
s.Rights.Add(s, "Object.WorkorderItemUnit", SecurityLevelTypes.NoAccess);
return s;
}
else
throw new System.Security.SecurityException(
string.Format(
LocalizedTextTable.GetLocalizedTextDirect("Error.Security.NotAuthorizedToCreate"),
LocalizedTextTable.GetLocalizedTextDirect("O.SecurityGroup")));
}
///
/// SecurityGroup Guid
public static SecurityGroup GetItem(Guid _ID)
{
if(AyaBizUtils.Right("Object.SecurityGroup")>(int)SecurityLevelTypes.NoAccess)
return (SecurityGroup)DataPortal.Fetch(new Criteria(_ID));
else
throw new System.Security.SecurityException(
string.Format(
LocalizedTextTable.GetLocalizedTextDirect("Error.Security.NotAuthorizedToRetrieve"),
LocalizedTextTable.GetLocalizedTextDirect("O.SecurityGroup")));
}
///
/// Delete SecurityGroup
///
/// SecurityGroup GUID
public static void DeleteItem(Guid _ID)
{
if(AyaBizUtils.Right("Object.SecurityGroup")>(int)SecurityLevelTypes.ReadWrite)
DataPortal.Delete(new Criteria(_ID));
else
throw new System.Security.SecurityException(
string.Format(
LocalizedTextTable.GetLocalizedTextDirect("Error.Security.NotAuthorizedToDelete"),
LocalizedTextTable.GetLocalizedTextDirect("O.SecurityGroup")));
}
///
/// Retrieve internal ID from name.
///
///
/// Text value
/// Guid ID value or Guid.Empty if no match
public static Guid GetIDFromName(string Name)
{
return GuidFetcher.GetItem("ASECURITYGROUP", "ANAME", Name);
}
#endregion
#region DAL DATA ACCESS
#region Fetch
///
///
protected override void DataPortal_Fetch(object Criteria)
{
//set to false to load items initially
bReadOnly=false;
Criteria crit = (Criteria)Criteria;
SafeDataReader dr = null;
try
{
dr=DBUtil.GetReaderFromSQLString("SELECT * FROM aSecurityGroup WHERE aID=@ID;",crit.ID);
if(!dr.Read())
DBUtil.ThrowFetchError("SecurityGroup ID: " + crit.ID.ToString());
//Standard fields
mID=dr.GetGuid("aID");
mCreated=DBUtil.ToLocal(dr.GetSmartDate("aCreated"));
mModified=DBUtil.ToLocal(dr.GetSmartDate("aModified"));
mCreator=dr.GetGuid("aCreator");
mModifier=dr.GetGuid("aModifier");
//SecurityGroup fields
//Important: use property not internal field
//so that initial broken rule is unbroken on fetch
Name=dr.GetString("aName");
if(dr!=null) dr.Close();
/*
* Load child collection objects
*/
//UserRights
dr=DBUtil.GetReaderFromSQLString("SELECT * FROM aUserRight WHERE aSecurityGroupID=@ID;",crit.ID);
mRights=UserRights.GetItems(dr);
if(dr!=null) dr.Close();
}
finally
{
if(dr!=null) dr.Close();
}
MarkOld();
//Used to repair missing right in db, shouldn't be required in future
//but will keep it just in case
// if(!this.Rights.Contains("Object.Notification"))
// {
// this.Rights.Add(this,"Object.Notification",SecurityLevelTypes.ReadOnly);
// }
//Get access rights level
if(this.mID==new Guid("{FF0DE42A-0EA0-429B-9643-64355703E8D1}"))
bReadOnly=true;
else
bReadOnly=AyaBizUtils.Right("Object.SecurityGroup")<(int)SecurityLevelTypes.ReadWrite;
}
#endregion fetch
#region Update
///
/// Called by DataPortal to delete/add/update data into the database
///
protected override void DataPortal_Update()
{
// If not a new record, check if record was modified
//by another user since original retrieval:
if(!IsNew)
DBUtil.CheckSafeToUpdate(this.mModified.Date,this.mID,"aSecurityGroup");
#region Delete
if(IsDeleted)
{
if(!IsNew)
{
//ensure no deletion of default security group
if(mID==new Guid("{FF0DE42A-0EA0-429B-9643-64355703E8D1}"))
{
throw new System.Security.SecurityException(
string.Format(
LocalizedTextTable.GetLocalizedTextDirect("Error.Security.NotAuthorizedToDeleteDefaultObject"),
LocalizedTextTable.GetLocalizedTextDirect("O.SecurityGroup")));
}
//Delete object and child objects
DBCommandWrapper cmDelete = DBUtil.GetCommandFromSQL("DELETE FROM aSecurityGroup WHERE aID = @ID;");
cmDelete.AddInParameter("@ID",DbType.Guid,this.mID);
DBCommandWrapper cmDeleteChildren = DBUtil.GetCommandFromSQL("DELETE FROM aUserRight WHERE aSecurityGroupID = @ID;");
cmDeleteChildren.AddInParameter("@ID",DbType.Guid,this.mID);
using (IDbConnection connection = DBUtil.DB.GetConnection())
{
connection.Open();
IDbTransaction transaction = connection.BeginTransaction();
try
{
DBUtil.DB.ExecuteNonQuery(cmDeleteChildren, transaction);
DBUtil.DB.ExecuteNonQuery(cmDelete, transaction);
// Commit the transaction
transaction.Commit();
}
catch
{
// Rollback transaction
transaction.Rollback();
throw;
}
finally
{
connection.Close();
}
}
//-----------------------------
}
MarkNew();
return;
}
#endregion
#region Add / Update
//get modification time temporarily, if update succeeds then
//set to this time
System.DateTime dtModified = DBUtil.CurrentWorkingDateTime;
DBCommandWrapper cm = null;
if(IsNew)//Add or update?
cm=DBUtil.GetCommandFromSQL(
"INSERT INTO aSecurityGroup (aID, aName, aCreated,aModified,aCreator,aModifier) " +
"VALUES (@ID,@Name,@Created,@Modified,@CurrentUserID,@CurrentUserID)"
);
else
cm=DBUtil.GetCommandFromSQL(
"UPDATE aSecurityGroup SET aID=@ID, aName=@Name, aModifier=@CurrentUserID, " +
"aModified=@Modified WHERE " +
"aID=@ID"
);
//SecurityGroup specific fields
cm.AddInParameter("@ID",DbType.Guid,mID);
cm.AddInParameter("@Name",DbType.String, mName);
//Standard fields
cm.AddInParameter("@CurrentUserID",DbType.Guid, CurrentUserID);
cm.AddInParameter("@Created",DbType.DateTime, DBUtil.ToUTC(mCreated).DBValue);
cm.AddInParameter("@Modified",DbType.DateTime, DBUtil.ToUTC(dtModified));
using (IDbConnection connection = DBUtil.DB.GetConnection())
{
connection.Open();
IDbTransaction transaction = connection.BeginTransaction();
try
{
DBUtil.DB.ExecuteNonQuery(cm, transaction);
//Update child objects
mRights.Update(this,transaction);
MarkOld();//db is now synched with object
// Commit the transaction
transaction.Commit();
}
catch
{
// Rollback transaction
transaction.Rollback();
throw;
}
finally
{
connection.Close();
}
//Successful update so
//change modification time to match
this.mModified.Date=dtModified;
}
#endregion
}
#endregion update
#region Delete
///
/// Remove a SecurityGroup record from the database
///
///
protected override void DataPortal_Delete(object Criteria)
{
Criteria crit = (Criteria)Criteria;
//ensure no deletion of default security group
if(crit.ID==new Guid("{FF0DE42A-0EA0-429B-9643-64355703E8D1}"))
{
throw new System.Security.SecurityException(
string.Format(
LocalizedTextTable.GetLocalizedTextDirect("Error.Security.NotAuthorizedToDeleteDefaultObject"),
LocalizedTextTable.GetLocalizedTextDirect("O.SecurityGroup")));
}
//Delete object and child objects
DBCommandWrapper cmDelete = DBUtil.GetCommandFromSQL("DELETE FROM aSecurityGroup WHERE aID = @ID;");
cmDelete.AddInParameter("@ID",DbType.Guid,crit.ID);
DBCommandWrapper cmDeleteChildren = DBUtil.GetCommandFromSQL("DELETE FROM aUserRight WHERE aSecurityGroupID = @ID;");
cmDeleteChildren.AddInParameter("@ID",DbType.Guid,crit.ID);
using (IDbConnection connection = DBUtil.DB.GetConnection())
{
connection.Open();
IDbTransaction transaction = connection.BeginTransaction();
try
{
DBUtil.DB.ExecuteNonQuery(cmDeleteChildren, transaction);
DBUtil.DB.ExecuteNonQuery(cmDelete, transaction);
// Commit the transaction
transaction.Commit();
}
catch
{
// Rollback transaction
transaction.Rollback();
throw;
}
finally
{
connection.Close();
}
}
}
#endregion delete
#endregion
#region Override IsValid / IsDirty
//Override base class version if there are child objects
///
///
///
public override bool IsValid
{
get
{
return base.IsValid && this.mRights.IsValid;
}
}
///
///
///
public override bool IsDirty
{
get
{
return base.IsDirty || this.mRights.IsDirty;
}
}
#endregion
#region criteria
///
/// Criteria for identifying existing object
///
[Serializable]
private class Criteria
{
public Guid ID;
public Criteria(Guid _ID)
{
ID=_ID;
}
}
#endregion
}//end SecurityGroup
}//end namespace GZTW.AyaNova.BLL