admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2022-06-22 19:45:07 +00:00
parent 45b33bf01e
commit 135ff75948
2 changed files with 8 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
server/AyaNova/biz/BizRoles.cs
View File

@@ -1044,63 +1044,39 @@ namespace AyaNova.Biz
////////////////////////////////////////////////////////////
//INTEGRATION
// (everyone but outside users Customer and HO)
// (every unrestricted inside user and not subcontractor)
//this right is for the integration data itself, NOT any other AyaNova data
//so if someone is malicious the worst case scenario is they can mess up the integration data
// but they would still need rights to access any AyaNova data under their account so there is no loophole here
// technically an integration may be used by any role user
// however not likely to be read only or limited rights rols
// so will allow full access for any user and leave
// however not likely to be read only or limited rights roles
// so will allow full access for any non restricted user and leave
// finer tuning of authorization to integrating app itself
// Also, integration is only used to store app data conveniently it in no way is required to
// write api accessing apps so any limitations are not preventing 3rd parties from writing AyaNova api consuming apps of any kind
//
roles.Add(AyaType.Integration, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.ServiceRestricted
Change = AuthorizationRoles.BizAdmin
| AuthorizationRoles.Service
| AuthorizationRoles.InventoryRestricted
| AuthorizationRoles.Inventory
| AuthorizationRoles.Accounting
| AuthorizationRoles.TechRestricted
| AuthorizationRoles.Tech
| AuthorizationRoles.SubContractorRestricted
| AuthorizationRoles.SubContractor
| AuthorizationRoles.Sales
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.OpsAdminRestricted
| AuthorizationRoles.OpsAdmin,
ReadFullRecord = AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.ServiceRestricted
ReadFullRecord = AuthorizationRoles.BizAdmin
| AuthorizationRoles.Service
| AuthorizationRoles.InventoryRestricted
| AuthorizationRoles.Inventory
| AuthorizationRoles.Accounting
| AuthorizationRoles.TechRestricted
| AuthorizationRoles.Tech
| AuthorizationRoles.SubContractorRestricted
| AuthorizationRoles.SubContractor
| AuthorizationRoles.Sales
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.OpsAdminRestricted
| AuthorizationRoles.OpsAdmin,
Select = AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.ServiceRestricted
Select = AuthorizationRoles.BizAdmin
| AuthorizationRoles.Service
| AuthorizationRoles.InventoryRestricted
| AuthorizationRoles.Inventory
| AuthorizationRoles.Accounting
| AuthorizationRoles.TechRestricted
| AuthorizationRoles.Tech
| AuthorizationRoles.SubContractorRestricted
| AuthorizationRoles.SubContractor
| AuthorizationRoles.Sales
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.OpsAdminRestricted
| AuthorizationRoles.OpsAdmin,
});
@@ -1119,7 +1095,7 @@ namespace AyaNova.Biz
//GENERATE CLIENT COMPATIBLE JSON FROM ROLES OUTPUT TO DEBUG LOG
//And seperately, set the JSON variable so can copy from debug variable "value" property for lastRoles here to compare
/*
string json = Newtonsoft.Json.JsonConvert.SerializeObject(roles, Newtonsoft.Json.Formatting.None);
System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", "BizRoles.cs -> biz-role-rights.js Client roles JSON fragment:\n\n");
@@ -1134,7 +1110,7 @@ namespace AyaNova.Biz
}
}
*/
/* */
#endif

2
server/AyaNova/models/Integration.cs
View File

@@ -1,8 +1,6 @@
using System;
using System.Collections.Generic;
using AyaNova.Biz;
using System.ComponentModel.DataAnnotations;
using System.ComponentModel.DataAnnotations.Schema;
using Newtonsoft.Json;
namespace AyaNova.Models