admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2022-06-22 19:45:07 +00:00
parent 45b33bf01e
commit 135ff75948
2 changed files with 8 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
server/AyaNova/biz/BizRoles.cs
View File

@@ -1044,63 +1044,39 @@ namespace AyaNova.Biz
//////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////
//INTEGRATION //INTEGRATION
// (everyone but outside users Customer and HO) // (every unrestricted inside user and not subcontractor)
//this right is for the integration data itself, NOT any other AyaNova data //this right is for the integration data itself, NOT any other AyaNova data
//so if someone is malicious the worst case scenario is they can mess up the integration data //so if someone is malicious the worst case scenario is they can mess up the integration data
// but they would still need rights to access any AyaNova data under their account so there is no loophole here // but they would still need rights to access any AyaNova data under their account so there is no loophole here
// technically an integration may be used by any role user // technically an integration may be used by any role user
// however not likely to be read only or limited rights rols // however not likely to be read only or limited rights roles
// so will allow full access for any user and leave // so will allow full access for any non restricted user and leave
// finer tuning of authorization to integrating app itself // finer tuning of authorization to integrating app itself
// Also, integration is only used to store app data conveniently it in no way is required to // Also, integration is only used to store app data conveniently it in no way is required to
// write api accessing apps so any limitations are not preventing 3rd parties from writing AyaNova api consuming apps of any kind // write api accessing apps so any limitations are not preventing 3rd parties from writing AyaNova api consuming apps of any kind
// //
roles.Add(AyaType.Integration, new BizRoleSet() roles.Add(AyaType.Integration, new BizRoleSet()
{ {
Change = AuthorizationRoles.BizAdminRestricted Change = AuthorizationRoles.BizAdmin
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.ServiceRestricted
| AuthorizationRoles.Service | AuthorizationRoles.Service
| AuthorizationRoles.InventoryRestricted
| AuthorizationRoles.Inventory | AuthorizationRoles.Inventory
| AuthorizationRoles.Accounting | AuthorizationRoles.Accounting
| AuthorizationRoles.TechRestricted
| AuthorizationRoles.Tech | AuthorizationRoles.Tech
| AuthorizationRoles.SubContractorRestricted
| AuthorizationRoles.SubContractor
| AuthorizationRoles.Sales | AuthorizationRoles.Sales
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.OpsAdminRestricted
| AuthorizationRoles.OpsAdmin, | AuthorizationRoles.OpsAdmin,
ReadFullRecord = AuthorizationRoles.BizAdminRestricted ReadFullRecord = AuthorizationRoles.BizAdmin
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.ServiceRestricted
| AuthorizationRoles.Service | AuthorizationRoles.Service
| AuthorizationRoles.InventoryRestricted
| AuthorizationRoles.Inventory | AuthorizationRoles.Inventory
| AuthorizationRoles.Accounting | AuthorizationRoles.Accounting
| AuthorizationRoles.TechRestricted
| AuthorizationRoles.Tech | AuthorizationRoles.Tech
| AuthorizationRoles.SubContractorRestricted
| AuthorizationRoles.SubContractor
| AuthorizationRoles.Sales | AuthorizationRoles.Sales
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.OpsAdminRestricted
| AuthorizationRoles.OpsAdmin, | AuthorizationRoles.OpsAdmin,
Select = AuthorizationRoles.BizAdminRestricted Select = AuthorizationRoles.BizAdmin
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.ServiceRestricted
| AuthorizationRoles.Service | AuthorizationRoles.Service
| AuthorizationRoles.InventoryRestricted
| AuthorizationRoles.Inventory | AuthorizationRoles.Inventory
| AuthorizationRoles.Accounting | AuthorizationRoles.Accounting
| AuthorizationRoles.TechRestricted
| AuthorizationRoles.Tech | AuthorizationRoles.Tech
| AuthorizationRoles.SubContractorRestricted
| AuthorizationRoles.SubContractor
| AuthorizationRoles.Sales | AuthorizationRoles.Sales
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.OpsAdminRestricted
| AuthorizationRoles.OpsAdmin, | AuthorizationRoles.OpsAdmin,
}); });
@@ -1119,7 +1095,7 @@ namespace AyaNova.Biz
//GENERATE CLIENT COMPATIBLE JSON FROM ROLES OUTPUT TO DEBUG LOG //GENERATE CLIENT COMPATIBLE JSON FROM ROLES OUTPUT TO DEBUG LOG
//And seperately, set the JSON variable so can copy from debug variable "value" property for lastRoles here to compare //And seperately, set the JSON variable so can copy from debug variable "value" property for lastRoles here to compare
/*
string json = Newtonsoft.Json.JsonConvert.SerializeObject(roles, Newtonsoft.Json.Formatting.None); string json = Newtonsoft.Json.JsonConvert.SerializeObject(roles, Newtonsoft.Json.Formatting.None);
System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", "BizRoles.cs -> biz-role-rights.js Client roles JSON fragment:\n\n"); System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", "BizRoles.cs -> biz-role-rights.js Client roles JSON fragment:\n\n");
@@ -1134,7 +1110,7 @@ namespace AyaNova.Biz
} }
} }
*/ /* */
#endif #endif

2
server/AyaNova/models/Integration.cs
View File

@@ -1,8 +1,6 @@
using System; using System;
using System.Collections.Generic; using System.Collections.Generic;
using AyaNova.Biz;
using System.ComponentModel.DataAnnotations; using System.ComponentModel.DataAnnotations;
using System.ComponentModel.DataAnnotations.Schema;
using Newtonsoft.Json; using Newtonsoft.Json;
namespace AyaNova.Models namespace AyaNova.Models