ayanova/src/api/authorizationroles.js

@@ -1,31 +1,12 @@
 /* eslint-disable */
 import _ from "../libs/lodash.min.js";
 import store from "../store";
-
+import ayt from "./ayatype";
+import rights from "./rolerights";
 
 export default {
-  // AYATYPE: {
+  AYATYPE: ayt,
-  //   NoType: 0,
+  ROLE_RIGHTS: rights,
-  //   Global: 1,
-  //   Widget: 2,
-  //   User: 3,
-  //   ServerState: 4,
-  //   License: 5,
-  //   LogFile: 6,
-  //   DEPRECATED_REUSELATER_7: 7,
-  //   DEPRECATED_REUSELATER_8: 8,
-  //   JobOperations: 9,
-  //   AyaNova7Import: 10,
-  //   TrialSeeder: 11,
-  //   Metrics: 12,
-  //   Locale: 13,
-  //   UserOptions: 14,
-  //   DEPRECATED_REUSELATER_15: 15,
-  //   DEPRECATED_REUSELATER_16: 16,
-  //   FileAttachment: 17,
-  //   DataFilter: 18,
-  //   FormCustom: 19
-  // },
   AUTHORIZATION_ROLES: {
     ///<summary>No role set</summary>
     NoRole: 0,
@@ -66,7 +47,10 @@ export default {
     }
     return role === (store.state.roles & role);
   },
-  rights(vm, userRole, oType, oId) {
+  /////////////////////////////////
+  //
+  //
+  getRights(vm, oType, ownerId) {
     //NOTE: this is to mirror the functionality of BizRoles.cs where all rights by role are specified in server project
     //any change there needs to be mirrored here
 
@@ -76,34 +60,33 @@ export default {
     //EditOwn = special subset of CHANGE: You can create and if it's one you created then you have rights to edit it or delete, but you can't edit ones others have created
     //ReadFullRecord = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change
     //PICKLIST NOTE: this does not control getting a list of names for selection which is role independent because it's required for so much indirectly
-    //DELETE = There is no specific delete right for now though it's checked for by routes in Authorized.cs in case we want to add it in future as a separate right from create.
+    //DELETE = SAME AS CHANGE FOR NOW (There is no specific delete right for now though it's checked for by routes in Authorized.cs in case we want to add it in future as a separate right from create.)
 
     //TODO: get this working, then decompose it into several files to make it cleaner
     var ret = {
       change: false,
-      editOwn: false,
+      read: false,
-      readFull: false,
       delete: false
     };
 
-    //ISSUE: I keep seeing imports as undefined other than underscore in here, no idea why
+    //Get the type name from the type enum value
-    //Maybe I need to combine rights and types and roles into a single object that I can reach off the VM / MAIN
-    //TODO, put this somewhere else
-    var AYANOVA_RIGHTS = JSON.parse(
-      '{"User":{"Change":2,"EditOwn":0,"ReadFullRecord":1},"UserOptions":{"Change":2,"EditOwn":0,"ReadFullRecord":1},"Widget":{"Change":34,"EditOwn":256,"ReadFullRecord":17},"ServerState":{"Change":16384,"EditOwn":0,"ReadFullRecord":32767},"License":{"Change":16386,"EditOwn":0,"ReadFullRecord":8193},"LogFile":{"Change":0,"EditOwn":0,"ReadFullRecord":24576},"JobOperations":{"Change":16384,"EditOwn":0,"ReadFullRecord":8195},"AyaNova7Import":{"Change":16384,"EditOwn":0,"ReadFullRecord":0},"Metrics":{"Change":0,"EditOwn":0,"ReadFullRecord":24576},"Locale":{"Change":16386,"EditOwn":0,"ReadFullRecord":32767},"DataFilter":{"Change":2,"EditOwn":32767,"ReadFullRecord":32767},"FormCustom":{"Change":2,"EditOwn":0,"ReadFullRecord":32767}}'
-    );
- 
-    
     var typeName = _.findKey(vm.$gztype, function(o) {
       return o == oType;
     });
 
-    var theRight = AYANOVA_RIGHTS[typeName];
+    //Get the AyaNova stock role rights for that object
-    // var theType = _.find(this.AYATYPE, function(o) {
+    var theRight = this.ROLE_RIGHTS[typeName];
-    //   return o.value == oType;
+    //get the logged in user's role
-    // });
+    var userRole = vm.$store.state.roles;
+    var isSelfOwned=ownerId==vm.$store.state.userId;
 
-    var temp = typeName;
+    //calculate the effective rights taking into consideration self owned etc
+
+    // Change: 34
+    // ​
+    // EditOwn: 256
+    // ​
+    // ReadFullRecord: 17
 
     /**
      * 

ayanova/src/api/rolerights.js

@@ -0,0 +1,11 @@
+var rights = JSON.parse(
+  //TODO CACHE THIS??
+  '{"User":{"Change":2,"EditOwn":0,"ReadFullRecord":1},"UserOptions":{"Change":2,"EditOwn":0,"ReadFullRecord":1},"Widget":{"Change":34,"EditOwn":256,"ReadFullRecord":17},"ServerState":{"Change":16384,"EditOwn":0,"ReadFullRecord":32767},"License":{"Change":16386,"EditOwn":0,"ReadFullRecord":8193},"LogFile":{"Change":0,"EditOwn":0,"ReadFullRecord":24576},"JobOperations":{"Change":16384,"EditOwn":0,"ReadFullRecord":8195},"AyaNova7Import":{"Change":16384,"EditOwn":0,"ReadFullRecord":0},"Metrics":{"Change":0,"EditOwn":0,"ReadFullRecord":24576},"Locale":{"Change":16386,"EditOwn":0,"ReadFullRecord":32767},"DataFilter":{"Change":2,"EditOwn":32767,"ReadFullRecord":32767},"FormCustom":{"Change":2,"EditOwn":0,"ReadFullRecord":32767}}'
+);
+export default rights;
+/**
+ *
+ * Auto generated by BizRoles.cs in server project, update here whenever that changes
+ *
+ *
+ */

ayanova/src/views/inventory-widget-edit.vue

@@ -371,12 +371,7 @@ export default {
       alert("STUB: DELETE");
     },
     duplicate() {
-      this.$gzrole.rights(
+      this.$gzrole.getRights(this, this.$gztype.Widget, this.obj.ownerId);
-        this,
-        this.$store.state.roles,
-        this.$gztype.Widget,
-        this.$store.state.userId
-      );
       //only if not dirty
       //check rights
       //duplicate