ayanova/src/api/authorizationroles.js

@@ -0,0 +1,90 @@
+import store from "../store";
+import ayatype from "./ayatype";
+export default {
+  AUTHORIZATION_ROLES: {
+    ///<summary>No role set</summary>
+    NoRole: 0,
+    ///<summary>BizAdminLimited</summary>
+    BizAdminLimited: 1,
+    ///<summary>BizAdminFull</summary>
+    BizAdminFull: 2,
+    ///<summary>DispatchLimited</summary>
+    DispatchLimited: 4,
+    ///<summary>DispatchFull</summary>
+    DispatchFull: 8,
+    ///<summary>InventoryLimited</summary>
+    InventoryLimited: 16,
+    ///<summary>InventoryFull</summary>
+    InventoryFull: 32,
+    ///<summary>AccountingFull</summary>
+    AccountingFull: 64, //No limited role, not sure if there is a need
+    ///<summary>TechLimited</summary>
+    TechLimited: 128,
+    ///<summary>TechFull</summary>
+    TechFull: 256,
+    ///<summary>SubContractorLimited</summary>
+    SubContractorLimited: 512,
+    ///<summary>SubContractorFull</summary>
+    SubContractorFull: 1024,
+    ///<summary>ClientLimited</summary>
+    ClientLimited: 2048,
+    ///<summary>ClientFull</summary>
+    ClientFull: 4096,
+    ///<summary>OpsAdminLimited</summary>
+    OpsAdminLimited: 8192,
+    ///<summary>OpsAdminFull</summary>
+    OpsAdminFull: 16384
+  },
+  hasRole(role) {
+    if (!store.state.roles || store.state.roles === 0) {
+      return false;
+    }
+    return role === (store.state.roles & role);
+  },
+  rights(objType, objId) {
+    //NOTE: this is to mirror the functionality of BizRoles.cs where all rights by role are specified in server project
+    //any change there needs to be mirrored here
+
+    //from bizroles.cs:
+    //HOW THIS WORKS / WHATS EXPECTED
+    //Change = CREATE, RETRIEVE, UPDATE, DELETE - Full rights
+    //EditOwn = special subset of CHANGE: You can create and if it's one you created then you have rights to edit it or delete, but you can't edit ones others have created
+    //ReadFullRecord = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change
+    //PICKLIST NOTE: this does not control getting a list of names for selection which is role independent because it's required for so much indirectly
+    //DELETE = There is no specific delete right for now though it's checked for by routes in Authorized.cs in case we want to add it in future as a separate right from create.
+
+    //TODO: get this working, then decompose it into several files to make it cleaner
+    var ret = {
+      change: false,
+      editOwn: false,
+      readFull: false,
+      delete: false
+    };
+
+    switch (objType) {
+      case ayatype.Widget:
+        //WIDGET
+        //  Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.InventoryFull,
+        //  EditOwn = AuthorizationRoles.TechFull,
+        //  ReadFullRecord = AuthorizationRoles.BizAdminLimited | AuthorizationRoles.InventoryLimited
+        ret.change =
+          this.hasrole(this.AUTHORIZATION_ROLES.BizAdminFull) ||
+          this.hasrole(this.AUTHORIZATION_ROLES.InventoryFull);
+        ret.editOwn =
+          objId == store.state.userId &&
+          this.hasrole(this.AUTHORIZATION_ROLES.TechFull);
+        ret.readFull =
+          this.hasrole(this.AUTHORIZATION_ROLES.BizAdminLimited) ||
+          this.hasRole(this.AUTHORIZATION_ROLES.InventoryLimited);
+        ret.delete = ret.change || ret.editOwn;
+
+        // ////////////////////////////////////////////////////////////
+
+        break;
+      default:
+        throw new "authorizationroles::rights - not coded for object type "() +
+          objType;
+    }
+    return ret;
+  }
+};