admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2022-02-11 18:21:55 +00:00
parent 370faf5c83
commit 16f9ac727c
4 changed files with 43 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docs/8.0/ayanova/docs/svc-workorders.md
View File

@@ -641,6 +641,12 @@ A work order item can have zero to many separate Work order item task records as
All Work order item Task edit form fields here are **optional** unless stated as required.
##### Restricted users and tasks
[Restricted Users](#limited-access-role-rights) are only permitted to make edits to Tasks that for which *they* are the selected User. Tasks for other Users can not be changed by a restricted User.
This means the restricted User *must* be pre-selected as the Task "User" by the person creating the work order item tasks or the restricted user will not be able to complete the Tasks.
#### Sequence
This field is _required_ but is set automatically and can be manually changed.

19
server/AyaNova/biz/PMBiz.cs
View File

@@ -3925,18 +3925,23 @@ namespace AyaNova.Biz
return;
}
if (!isNew && UserIsRestrictedType)
if (!isNew && UserIsRestrictedType && currentObj.CompletedByUserId != UserId)
{
//Existing record so just make sure they haven't changed the not changeable fields from the db version
//restricted users are not allowed to edit any task unless they are the selected User
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
//* Tasks: view and edit existing tasks, set completion type and date only, no add or remove or changing other fields
//note that UI will prevent this, this rule is only backup for 3rd party api users
if (currentObj.Task != proposedObj.Task) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Task");
if (currentObj.CompletedByUserId != UserId) AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "CompletedByUserId");
if (currentObj.Sequence != proposedObj.Sequence) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Sequence");
// //Existing record so just make sure they haven't changed the not changeable fields from the db version
// //* Tasks: view and edit existing tasks, set completion type and date only, no add or remove or changing other fields
// //note that UI will prevent this, this rule is only backup for 3rd party api users
// if (currentObj.Task != proposedObj.Task) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Task");
// if (currentObj.CompletedByUserId != UserId) AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "CompletedByUserId");
// if (currentObj.Sequence != proposedObj.Sequence) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Sequence");
}
if (string.IsNullOrWhiteSpace(proposedObj.Task))
AddError(ApiErrorCode.VALIDATION_REQUIRED, "Task");

19
server/AyaNova/biz/QuoteBiz.cs
View File

@@ -4172,17 +4172,22 @@ namespace AyaNova.Biz
return;
}
if (!isNew && UserIsRestrictedType)
if (!isNew && UserIsRestrictedType && currentObj.CompletedByUserId != UserId)
{
//Existing record so just make sure they haven't changed the not changeable fields from the db version
//restricted users are not allowed to edit any task unless they are the selected User
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
//* Tasks: view and edit existing tasks, set completion type and date only, no add or remove or changing other fields
//note that UI will prevent this, this rule is only backup for 3rd party api users
if (currentObj.Task != proposedObj.Task) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Task");
if (currentObj.CompletedByUserId != UserId) AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "CompletedByUserId");
if (currentObj.Sequence != proposedObj.Sequence) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Sequence");
// //Existing record so just make sure they haven't changed the not changeable fields from the db version
// //* Tasks: view and edit existing tasks, set completion type and date only, no add or remove or changing other fields
// //note that UI will prevent this, this rule is only backup for 3rd party api users
// if (currentObj.Task != proposedObj.Task) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Task");
// if (currentObj.CompletedByUserId != UserId) AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "CompletedByUserId");
// if (currentObj.Sequence != proposedObj.Sequence) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Sequence");
}
if (string.IsNullOrWhiteSpace(proposedObj.Task))
AddError(ApiErrorCode.VALIDATION_REQUIRED, "Task");

21
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -5768,15 +5768,20 @@ namespace AyaNova.Biz
return;
}
if (!isNew && UserIsRestrictedType)
{
//Existing record so just make sure they haven't changed the not changeable fields from the db version
//* Tasks: view and edit existing tasks, set completion type and date only, no add or remove or changing other fields
//note that UI will prevent this, this rule is only backup for 3rd party api users
if (currentObj.Task != proposedObj.Task) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Task");
if (currentObj.CompletedByUserId != UserId) AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "CompletedByUserId");
if (currentObj.Sequence != proposedObj.Sequence) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Sequence");
if (!isNew && UserIsRestrictedType && currentObj.CompletedByUserId != UserId)
{
//restricted users are not allowed to edit any task unless they are the selected User
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;
// //Existing record so just make sure they haven't changed the not changeable fields from the db version
// //* Tasks: view and edit existing tasks, set completion type and date only, no add or remove or changing other fields
// //note that UI will prevent this, this rule is only backup for 3rd party api users
// if (currentObj.Task != proposedObj.Task) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Task");
// if (currentObj.CompletedByUserId != UserId) AddError(ApiErrorCode.VALIDATION_INVALID_VALUE, "CompletedByUserId");
// if (currentObj.Sequence != proposedObj.Sequence) AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "Sequence");
}