From 0d21545c0be53cd04c1f78ea92bf059168c522aa Mon Sep 17 00:00:00 2001
From: John Cardinal <support@ayanova.com>
Date: Mon, 5 Apr 2021 23:11:48 +0000
Subject: [PATCH]

---
 .vscode/launch.json                           |  2 +-
 .../Controllers/WorkOrderStatusController.cs  | 21 ++++++++++++-------
 2 files changed, 14 insertions(+), 9 deletions(-)

diff --git a/.vscode/launch.json b/.vscode/launch.json
index 8fd97968..0e2049e9 100644
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@@ -53,7 +53,7 @@
         "AYANOVA_FOLDER_USER_FILES": "c:\\temp\\RavenTestData\\userfiles",
         "AYANOVA_FOLDER_BACKUP_FILES": "c:\\temp\\RavenTestData\\backupfiles",
         "AYANOVA_FOLDER_TEMPORARY_SERVER_FILES": "c:\\temp\\RavenTestData\\tempfiles",
-        "AYANOVA_SERVER_TEST_MODE": "true",
+        "AYANOVA_SERVER_TEST_MODE": "false",
         "AYANOVA_SERVER_TEST_MODE_SEEDLEVEL": "small",
         "AYANOVA_SERVER_TEST_MODE_TZ_OFFSET": "-7",
         "AYANOVA_BACKUP_PG_DUMP_PATH": "C:\\data\\code\\postgres_13\\bin\\"
diff --git a/server/AyaNova/Controllers/WorkOrderStatusController.cs b/server/AyaNova/Controllers/WorkOrderStatusController.cs
index c8aa4ac0..93751968 100644
--- a/server/AyaNova/Controllers/WorkOrderStatusController.cs
+++ b/server/AyaNova/Controllers/WorkOrderStatusController.cs
@@ -9,13 +9,7 @@ using AyaNova.Api.ControllerHelpers;
 using AyaNova.Biz;
 using Microsoft.EntityFrameworkCore;
 using System.Linq;
-using System.Threading.Tasks;
-using Microsoft.EntityFrameworkCore;
-using AyaNova.Util;
-using AyaNova.Api.ControllerHelpers;
-using AyaNova.Models;
-using System.Collections.Generic;
-using Newtonsoft.Json.Linq;
+using EnumsNET;
 
 namespace AyaNova.Api.Controllers
 {
@@ -169,7 +163,18 @@ namespace AyaNova.Api.Controllers
                 return StatusCode(503, new ApiErrorResponse(serverState.ApiErrorCode, null, serverState.Reason));
             if (!Authorized.HasSelectRole(HttpContext.Items, AyaType.WorkOrderStatus))
                 return StatusCode(403, new ApiNotAuthorizedResponse());
-            return Ok(ApiOkResponse.Response(await ct.WorkOrderStatus.AsNoTracking().OrderBy(z => z.Name).ToListAsync()));
+            var allStates = await ct.WorkOrderStatus.AsNoTracking().OrderBy(z => z.Name).ToListAsync();
+            var currentUserRoles = UserRolesFromContext.Roles(HttpContext.Items);
+            var allowedStates = allStates.Where(z => currentUserRoles.HasAnyFlags(z.SelectRoles)).ToList();
+
+            //   foreach (var item in rpts)
+            // {
+            //     if (CurrentUserRoles.HasAnyFlags(item.roles))
+            //     {
+            //         ret.Add(new NameIdItem() { Name = item.name, Id = item.id });
+            //     }
+            // }
+            return Ok(ApiOkResponse.Response(new { all = allStates, allowed = allowedStates }));
         }
 
         //------------