admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-07-14 17:25:49 +00:00
parent c056f4e108
commit 0ef8d72c08
1 changed files with 86 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

183
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -2402,6 +2402,8 @@ namespace AyaNova.Biz
//
internal async Task<WorkOrderItemExpense> ExpenseGetAsync(long id, bool logTheGetEvent = true)
{
if (UserIsSubContractorRestricted) //no access allowed at all
return null;
var ret = await ct.WorkOrderItemExpense.AsNoTracking().SingleOrDefaultAsync(z => z.Id == id);
if (logTheGetEvent && ret != null)
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, id, ret.AyaType, AyaEvent.Retrieved), ct);
@@ -3019,10 +3021,11 @@ namespace AyaNova.Biz
}
}
if (UserIsRestrictedType
if (UserIsRestrictedType)
{
//Scheduled Users: view only where they are the selected User and convert to labor record
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
//Labors: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
if (proposedObj.UserId != UserId)
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
@@ -3067,6 +3070,14 @@ namespace AyaNova.Biz
return;
}
if (UserIsRestrictedType)
{
//Labors: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
if (obj.UserId != UserId)
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
//re-check rights here necessary due to traversal delete from Principle object
if (!Authorized.HasDeleteRole(CurrentUserRoles, AyaType.WorkOrderItemLabor))
{
@@ -3151,6 +3162,9 @@ namespace AyaNova.Biz
//
internal async Task<WorkOrderItemLoan> LoanGetAsync(long id, bool logTheGetEvent = true)
{
if (UserIsSubContractorRestricted) //no access allowed at all
return null;
var ret = await ct.WorkOrderItemLoan.AsNoTracking().SingleOrDefaultAsync(z => z.Id == id);
if (logTheGetEvent && ret != null)
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, id, ret.AyaType, AyaEvent.Retrieved), ct);
@@ -3549,6 +3563,8 @@ namespace AyaNova.Biz
//
internal async Task<WorkOrderItemOutsideService> OutsideServiceGetAsync(long id, bool logTheGetEvent = true)
{
if (UserIsSubContractorRestricted) //no access allowed at all
return null;
var ret = await ct.WorkOrderItemOutsideService.AsNoTracking().SingleOrDefaultAsync(z => z.Id == id);
if (logTheGetEvent && ret != null)
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, id, AyaType.WorkOrderItemOutsideService, AyaEvent.Retrieved), ct);
@@ -4016,6 +4032,9 @@ namespace AyaNova.Biz
//
internal async Task<WorkOrderItemPart> PartGetAsync(long id, bool logTheGetEvent = true)
{
if (UserIsSubContractorRestricted) //no access allowed at all
return null;
var ret = await ct.WorkOrderItemPart.AsNoTracking().SingleOrDefaultAsync(z => z.Id == id);
if (logTheGetEvent && ret != null)
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, id, ret.AyaType, AyaEvent.Retrieved), ct);
@@ -4464,6 +4483,13 @@ namespace AyaNova.Biz
//run validation and biz rules
bool isNew = currentObj == null;
if (UserIsRestrictedType)
{
//Parts: no edits allowed
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
if (proposedObj.WorkOrderItemId == 0)
{
AddError(ApiErrorCode.VALIDATION_REQUIRED, "WorkOrderItemId");
@@ -4513,6 +4539,13 @@ namespace AyaNova.Biz
private void PartValidateCanDelete(WorkOrderItemPart obj)
{
if (UserIsRestrictedType)
{
//Parts: no edits allowed
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
if (obj == null)
{
AddError(ApiErrorCode.NOT_FOUND, "id");
@@ -4604,6 +4637,8 @@ namespace AyaNova.Biz
//
internal async Task<WorkOrderItemPartRequest> PartRequestGetAsync(long id, bool logTheGetEvent = true)
{
if (UserIsSubContractorRestricted) //no access allowed at all
return null;
var ret = await ct.WorkOrderItemPartRequest.AsNoTracking().SingleOrDefaultAsync(z => z.Id == id);
if (logTheGetEvent && ret != null)
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, id, ret.AyaType, AyaEvent.Retrieved), ct);
@@ -4724,6 +4759,13 @@ namespace AyaNova.Biz
//run validation and biz rules
bool isNew = currentObj == null;
if (UserIsRestrictedType)
{
//PartRequests: no edits allowed
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
if (proposedObj.WorkOrderItemId == 0)
{
AddError(ApiErrorCode.VALIDATION_REQUIRED, "WorkOrderItemId");
@@ -4774,6 +4816,14 @@ namespace AyaNova.Biz
private void PartRequestValidateCanDelete(WorkOrderItemPartRequest obj)
{
if (UserIsRestrictedType)
{
//PartRequests: no edits allowed
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
if (obj == null)
{
AddError(ApiErrorCode.NOT_FOUND, "id");
@@ -5774,100 +5824,6 @@ namespace AyaNova.Biz
}
// ////////////////////////////////////////////////////////////////////////////////////////////////
// //BIZ ACTIONS
// //
// //
// private async Task TravelBizActionsAsync(AyaEvent ayaEvent, WorkOrderItemTravel newObj, WorkOrderItemTravel oldObj, IDbContextTransaction transaction)
// {
// //automatic actions on record change, called AFTER validation
// //currently no processing required except for created or modified at this time
// if (ayaEvent != AyaEvent.Created && ayaEvent != AyaEvent.Modified)
// return;
// //SET TAXES AND PRICING
// //by default apply all automatic actions with further restrictions possible below
// bool ApplyTax = true;
// bool ApplyPricingUpdate = true;
// //if modifed, see what has changed and should be re-applied
// if (ayaEvent == AyaEvent.Modified)
// {
// //If it wasn't a service rate change there is no need to set pricing
// if (newObj.TravelRateId == oldObj.TravelRateId)
// {
// ApplyPricingUpdate = false;
// }
// //If taxes haven't change then no need to update taxes
// if (newObj.TaxCodeSaleId == oldObj.TaxCodeSaleId)
// ApplyTax = false;
// }
// //Tax code
// if (ApplyTax)
// {
// //Default in case nothing to apply
// newObj.TaxAPct = 0;
// newObj.TaxBPct = 0;
// newObj.TaxOnTax = false;
// if (newObj.TaxCodeSaleId != null)
// {
// var t = await ct.TaxCode.AsNoTracking().FirstOrDefaultAsync(z => z.Id == newObj.TaxCodeSaleId);
// if (t != null)
// {
// newObj.TaxAPct = t.TaxAPct;
// newObj.TaxBPct = t.TaxBPct;
// newObj.TaxOnTax = t.TaxOnTax;
// }
// }
// }
// //Pricing
// if (ApplyPricingUpdate)
// {
// //default in case nothing to apply
// newObj.Cost = 0;
// newObj.ListPrice = 0;
// newObj.Price = 0;
// //in v7 it was ok to have no service rate selected
// //not sure why but carried forward to v8 so..
// if (newObj.TravelRateId != null)
// {
// var s = await ct.TravelRate.AsNoTracking().FirstOrDefaultAsync(z => z.Id == newObj.TravelRateId);
// if (s != null)
// {
// newObj.Cost = s.Cost;
// newObj.ListPrice = s.Charge;
// var Contract = await GetCurrentWorkOrderContractFromRelatedAsync(AyaType.WorkOrderItem, newObj.WorkOrderItemId);
// TravelSetListPrice(newObj, Contract);
// }
// }
// }
// }
// ////////////////////////////////////////////////////////////////////////////////////////////////
// // SET PER UNIT LIST PRICE
// //
// //(called by woitemtravel save and also by header save on change of contract)
// private static void TravelSetListPrice(WorkOrderItemTravel o, Contract c)
// {
// if (c == null || c.ServiceRatesOverridePct == 0)
// {
// o.Price = o.ListPrice;//default with no contract
// return;
// }
// if (c.ServiceRatesOverrideType == ContractOverrideType.CostMarkup)
// o.Price = o.Cost + (o.Cost * c.ServiceRatesOverridePct);
// else if (c.ServiceRatesOverrideType == ContractOverrideType.PriceDiscount)
// o.Price = o.ListPrice - (o.ListPrice * c.ServiceRatesOverridePct);
// }
////////////////////////////////////////////////////////////////////////////////////////////////
//VALIDATION
//
@@ -5902,6 +5858,14 @@ namespace AyaNova.Biz
}
}
if (UserIsRestrictedType)
{
//Travels: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
if (proposedObj.UserId != UserId)
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
if (proposedObj.TravelRateQuantity < 0)//negative quantities are not allowed
AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "TravelRateQuantity");
@@ -5931,6 +5895,14 @@ namespace AyaNova.Biz
return;
}
if (UserIsRestrictedType)
{
//Travels: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
if (obj.UserId != UserId)
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
//re-check rights here necessary due to traversal delete from Principle object
if (!Authorized.HasDeleteRole(CurrentUserRoles, AyaType.WorkOrderItemTravel))
{
@@ -6014,6 +5986,9 @@ namespace AyaNova.Biz
//
internal async Task<WorkOrderItemUnit> UnitGetAsync(long id, bool logTheGetEvent = true)
{
if (UserIsSubContractorRestricted) //no access allowed at all
return null;
var ret = await ct.WorkOrderItemUnit.AsNoTracking().SingleOrDefaultAsync(z => z.Id == id);
if (logTheGetEvent && ret != null)
await EventLogProcessor.LogEventToDatabaseAsync(new Event(UserId, id, ret.AyaType, AyaEvent.Retrieved), ct);
@@ -6157,6 +6132,13 @@ namespace AyaNova.Biz
//run validation and biz rules
bool isNew = currentObj == null;
if (UserIsRestrictedType)
{
//Units: no edits allowed
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
if (proposedObj.WorkOrderItemId == 0)
{
AddError(ApiErrorCode.VALIDATION_REQUIRED, "WorkOrderItemId");
@@ -6209,6 +6191,13 @@ namespace AyaNova.Biz
return;
}
if (UserIsRestrictedType)
{
//Units: no edits allowed
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
}
//re-check rights here necessary due to traversal delete from Principle object
if (!Authorized.HasDeleteRole(CurrentUserRoles, AyaType.WorkOrderItemUnit))
{