From 15ae4ee68294a43e3f74649be2a4ad680cab7ac3 Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Wed, 8 Sep 2021 19:45:31 +0000 Subject: [PATCH] --- .../AyaNova/Controllers/DataListController.cs | 55 +++++++ .../CustomerServiceRequestDataList.cs | 94 ++++++++--- .../DataList/ServiceRequestDataList.cs | 147 ++++++++++++++++++ 3 files changed, 272 insertions(+), 24 deletions(-) create mode 100644 server/AyaNova/DataList/ServiceRequestDataList.cs diff --git a/server/AyaNova/Controllers/DataListController.cs b/server/AyaNova/Controllers/DataListController.cs index 9824d19c..6ce9c9b6 100644 --- a/server/AyaNova/Controllers/DataListController.cs +++ b/server/AyaNova/Controllers/DataListController.cs @@ -9,6 +9,7 @@ using AyaNova.DataList; using System.Threading.Tasks; using System.Linq; using EnumsNET; +using Microsoft.EntityFrameworkCore; namespace AyaNova.Api.Controllers { @@ -69,6 +70,7 @@ namespace AyaNova.Api.Controllers var UserRoles = UserRolesFromContext.Roles(HttpContext.Items); var UserId = UserIdFromContext.Id(HttpContext.Items); + var UType = UserTypeFromContext.Type(HttpContext.Items); try { @@ -90,6 +92,25 @@ namespace AyaNova.Api.Controllers if (!UserRoles.HasAnyFlags(DataList.AllowedRoles)) return StatusCode(403, new ApiNotAuthorizedResponse()); + //IF user is a customer type check if they are allowed to view this datalist at all under global settings + if (UType == UserType.Customer || UType == UserType.HeadOffice) + { + switch (tableRequest.DataListKey) + { + case "CustomerServiceRequestDataList": + if (!AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowCSR) + return StatusCode(403, new ApiNotAuthorizedResponse()); + + //TODO: user must match headoffice or customer id extra data or else it's not allowed + break; + //todo: workorder list + default://pretty much anything is not allowed + return StatusCode(403, new ApiNotAuthorizedResponse()); + } + + } + + //hydrate the saved view and filter DataListTableProcessingOptions dataListTableOptions = new DataListTableProcessingOptions(tableRequest, DataList, SavedView, SavedFilter, UserId, UserRoles); DataListReturnData r = await DataListFetcher.GetResponseAsync(ct, dataListTableOptions, DataList, UserRoles, log, UserId); @@ -106,6 +127,40 @@ namespace AyaNova.Api.Controllers } } + private async Task CustomerTypeUserIsAllowedThisDataList(long currentUserId, AuthorizationRoles userRoles, string clientCriteria, string dataListKey) + { + + //ClientCriteria format for this list is "OBJECTID,AYATYPE" + var crit = (clientCriteria ?? "").Split(',').Select(z => z.Trim()).ToArray(); + if (crit.Length > 1) + { + + int nType = 0; + if (!int.TryParse(crit[1], out nType)) return false; + AyaType forType = (AyaType)nType; + if (forType != AyaType.Customer && forType != AyaType.HeadOffice) return false; + + long lId = 0; + if (!long.TryParse(crit[0], out lId)) return false; + if (lId == 0) return false; + + //Have valid type, have an id, is this User actually connected to the entity they are requesting data for + var User = await ct.User.AsNoTracking().Select(x => new { x.CustomerId, x.HeadOfficeId }).FirstOrDefaultAsync(); + switch (forType) + { + case AyaType.Customer: + if (lId != User.CustomerId) + return false; + break; + case AyaType.HeadOffice: + if (lId != User.HeadOfficeId) + return false; + break; + } + } + return true; + } + /// /// List of all DataList keys available /// diff --git a/server/AyaNova/DataList/CustomerServiceRequestDataList.cs b/server/AyaNova/DataList/CustomerServiceRequestDataList.cs index daa2455b..c8354051 100644 --- a/server/AyaNova/DataList/CustomerServiceRequestDataList.cs +++ b/server/AyaNova/DataList/CustomerServiceRequestDataList.cs @@ -1,14 +1,19 @@ using System.Collections.Generic; +using System.Linq; using AyaNova.Biz; +using AyaNova.Models; + namespace AyaNova.DataList { - internal class CustomerServiceRequestDataList : DataListProcessingBase + internal class CustomerServiceRequestDataList : DataListProcessingBase, IDataListInternalCriteria { + //CUSTOMER VERSION public CustomerServiceRequestDataList() { DefaultListAType = AyaType.CustomerServiceRequest; SQLFrom = "from acustomerservicerequest " + "left join acustomer on (acustomerservicerequest.customerid=acustomer.id) " + + "left join aheadoffice on (acustomer.headofficeid=aheadoffice.id) " + "left join auser on (acustomerservicerequest.requestedbyuserid=auser.id) " + "left join aunit on (acustomerservicerequest.unitid = aunit.id) " + "left join aworkorderitem as wi on (acustomerservicerequest.workorderitemid=wi.id) " + @@ -39,13 +44,6 @@ namespace AyaNova.DataList SqlValueColumnName = "acustomerservicerequest.notes" }); - FieldDefinitions.Add(new DataListFieldDefinition - { - TKey = "Tags", - FieldKey = "customerservicerequesttags", - UiFieldDataType = (int)UiFieldDataType.Tags, - SqlValueColumnName = "acustomerservicerequest.tags" - }); FieldDefinitions.Add(new DataListFieldDefinition { @@ -124,22 +122,70 @@ namespace AyaNova.DataList //----------- - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom1", FieldKey = "customerservicerequestcustom1", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom2", FieldKey = "customerservicerequestcustom2", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom3", FieldKey = "customerservicerequestcustom3", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom4", FieldKey = "customerservicerequestcustom4", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom5", FieldKey = "customerservicerequestcustom5", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom6", FieldKey = "customerservicerequestcustom6", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom7", FieldKey = "customerservicerequestcustom7", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom8", FieldKey = "customerservicerequestcustom8", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom9", FieldKey = "customerservicerequestcustom9", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom10", FieldKey = "customerservicerequestcustom10", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom11", FieldKey = "customerservicerequestcustom11", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom12", FieldKey = "customerservicerequestcustom12", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom13", FieldKey = "customerservicerequestcustom13", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom14", FieldKey = "customerservicerequestcustom14", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom15", FieldKey = "customerservicerequestcustom15", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); - FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom16", FieldKey = "customerservicerequestcustom16", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + + //META COLUMNS + FieldDefinitions.Add(new DataListFieldDefinition + { + FieldKey = "metacustomer", + UiFieldDataType = (int)UiFieldDataType.InternalId, + SqlIdColumnName = "acustomer.id", + SqlValueColumnName = "acustomer.id", + IsMeta = true + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + FieldKey = "metaheadoffice", + UiFieldDataType = (int)UiFieldDataType.InternalId, + SqlIdColumnName = "aheadoffice.id", + SqlValueColumnName = "aheadoffice.id", + IsMeta = true + }); + + + + + + } + + public List DataListInternalCriteria(long currentUserId, AuthorizationRoles userRoles, string clientCriteria) + { + List ret = new List(); + + //ClientCriteria format for this list is "OBJECTID,AYATYPE" + var crit = (clientCriteria ?? "").Split(',').Select(z => z.Trim()).ToArray(); + if (crit.Length > 1) + { + + int nType = 0; + if (!int.TryParse(crit[1], out nType)) return ret; + AyaType forType = (AyaType)nType; + if (forType != AyaType.Customer && forType != AyaType.HeadOffice) return ret; + + long lId = 0; + if (!long.TryParse(crit[0], out lId)) return ret; + if (lId == 0) return ret; + + //Have valid type, have an id, so filter away + switch (forType) + { + case AyaType.Customer: + { + DataListFilterOption FilterOption = new DataListFilterOption() { Column = "metacustomer" }; + FilterOption.Items.Add(new DataListColumnFilter() { value = crit[0], op = DataListFilterComparisonOperator.Equality }); + ret.Add(FilterOption); + } + break; + case AyaType.HeadOffice: + { + DataListFilterOption FilterOption = new DataListFilterOption() { Column = "metaheadoffice" }; + FilterOption.Items.Add(new DataListColumnFilter() { value = crit[0], op = DataListFilterComparisonOperator.Equality }); + ret.Add(FilterOption); + } + break; + } + } + return ret; } }//eoc diff --git a/server/AyaNova/DataList/ServiceRequestDataList.cs b/server/AyaNova/DataList/ServiceRequestDataList.cs new file mode 100644 index 00000000..9c0410b7 --- /dev/null +++ b/server/AyaNova/DataList/ServiceRequestDataList.cs @@ -0,0 +1,147 @@ +using System.Collections.Generic; +using AyaNova.Biz; +namespace AyaNova.DataList +{ + internal class ServiceRequestDataList : DataListProcessingBase + { + //INSIDE STAFF VERSION + public ServiceRequestDataList() + { + DefaultListAType = AyaType.CustomerServiceRequest; + SQLFrom = "from acustomerservicerequest " + + "left join acustomer on (acustomerservicerequest.customerid=acustomer.id) " + + "left join auser on (acustomerservicerequest.requestedbyuserid=auser.id) " + + "left join aunit on (acustomerservicerequest.unitid = aunit.id) " + + "left join aworkorderitem as wi on (acustomerservicerequest.workorderitemid=wi.id) " + + "left join aworkorder as w on (wi.workorderid=w.id)"; + var RoleSet = BizRoles.GetRoleSet(DefaultListAType); + AllowedRoles = RoleSet.ReadFullRecord | RoleSet.Change; + DefaultColumns = new List() { "Created", "Customer", "CustomerServiceRequestTitle", "CustomerServiceRequestPriority", "CustomerServiceRequestStatus", "CustomerServiceRequestItemUnitID", "WorkOrder" }; + DefaultSortBy = new Dictionary() { { "Created", "-" } }; + + FieldDefinitions = new List(); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "CustomerServiceRequestTitle", + FieldKey = "CustomerServiceRequestTitle", + AType = (int)AyaType.CustomerServiceRequest, + UiFieldDataType = (int)UiFieldDataType.Text, + SqlIdColumnName = "acustomerservicerequest.id", + SqlValueColumnName = "acustomerservicerequest.name", + IsRowId = true + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "CustomerServiceRequestDetails", + FieldKey = "CustomerServiceRequestDetails", + UiFieldDataType = (int)UiFieldDataType.Text, + SqlValueColumnName = "acustomerservicerequest.notes" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "Tags", + FieldKey = "customerservicerequesttags", + UiFieldDataType = (int)UiFieldDataType.Tags, + SqlValueColumnName = "acustomerservicerequest.tags" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "Created", + FieldKey = "Created", + UiFieldDataType = (int)UiFieldDataType.DateTime, + SqlValueColumnName = "acustomerservicerequest.daterequested" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + FieldKey = "Customer", + TKey = "Customer", + UiFieldDataType = (int)UiFieldDataType.Text, + AType = (int)AyaType.Customer, + SqlIdColumnName = "acustomer.id", + SqlValueColumnName = "acustomer.name" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + FieldKey = "CustomerServiceRequestItemUnitID", + TKey = "CustomerServiceRequestItemUnitID", + UiFieldDataType = (int)UiFieldDataType.Text, + AType = (int)AyaType.Unit, + SqlIdColumnName = "aunit.id", + SqlValueColumnName = "aunit.serial" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + FieldKey = "WorkOrder", + TKey = "WorkOrder", + UiFieldDataType = (int)UiFieldDataType.Text, + AType = (int)AyaType.WorkOrderItem, + SqlIdColumnName = "wi.id", + SqlValueColumnName = "w.serial" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + FieldKey = "CustomerServiceRequestRequestedBy", + TKey = "CustomerServiceRequestRequestedBy", + UiFieldDataType = (int)UiFieldDataType.Text, + AType = (int)AyaType.User, + SqlIdColumnName = "auser.id", + SqlValueColumnName = "auser.name" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "CustomerServiceRequestCustomerReferenceNumber", + FieldKey = "CustomerServiceRequestCustomerReferenceNumber", + UiFieldDataType = (int)UiFieldDataType.Text, + SqlValueColumnName = "acustomerservicerequest.customerreferencenumber" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "CustomerServiceRequestStatus", + FieldKey = "CustomerServiceRequestStatus", + UiFieldDataType = (int)UiFieldDataType.Enum, + EnumType = AyaNova.Util.StringUtil.TrimTypeName(typeof(CustomerServiceRequestStatus).ToString()), + SqlValueColumnName = "acustomerservicerequest.status" + }); + + FieldDefinitions.Add(new DataListFieldDefinition + { + TKey = "CustomerServiceRequestPriority", + FieldKey = "CustomerServiceRequestPriority", + UiFieldDataType = (int)UiFieldDataType.Enum, + EnumType = AyaNova.Util.StringUtil.TrimTypeName(typeof(CustomerServiceRequestPriority).ToString()), + SqlValueColumnName = "acustomerservicerequest.priority" + }); + + + //----------- + + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom1", FieldKey = "customerservicerequestcustom1", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom2", FieldKey = "customerservicerequestcustom2", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom3", FieldKey = "customerservicerequestcustom3", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom4", FieldKey = "customerservicerequestcustom4", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom5", FieldKey = "customerservicerequestcustom5", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom6", FieldKey = "customerservicerequestcustom6", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom7", FieldKey = "customerservicerequestcustom7", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom8", FieldKey = "customerservicerequestcustom8", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom9", FieldKey = "customerservicerequestcustom9", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom10", FieldKey = "customerservicerequestcustom10", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom11", FieldKey = "customerservicerequestcustom11", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom12", FieldKey = "customerservicerequestcustom12", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom13", FieldKey = "customerservicerequestcustom13", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom14", FieldKey = "customerservicerequestcustom14", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom15", FieldKey = "customerservicerequestcustom15", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + FieldDefinitions.Add(new DataListFieldDefinition { TKey = "CustomerServiceRequestCustom16", FieldKey = "customerservicerequestcustom16", IsCustomField = true, IsFilterable = false, IsSortable = false, SqlValueColumnName = "acustomerservicerequest.customfields" }); + } + + }//eoc +}//eons \ No newline at end of file