admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-05-04 00:12:04 +00:00
parent 0c1b6fce04
commit 21400256d8
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -67,7 +67,7 @@ namespace AyaNova.Biz
//Create and save to db a new workorder and return it
//NOTE: Serial can be specified or edited after the fact in a limited way by full role specfic only!! (service manager, bizadminfull, accounting maybe)
if (serial != null && CurrentUserRoles.HasFlag(RolesAllowedToChangeSerial))
if (serial != null && !Authorized.HasAnyRole(CurrentUserRoles, RolesAllowedToChangeSerial))
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "Serial");
return null;
@@ -155,7 +155,7 @@ namespace AyaNova.Biz
CopyObject.Copy(putObj, dbObj, "Id,Serial");
//if user has rights then change it, otherwise just ignore it and do the rest
if (SnapshotOfOriginalDBObj.Serial != putObj.Serial && CurrentUserRoles.HasFlag(RolesAllowedToChangeSerial))
if (SnapshotOfOriginalDBObj.Serial != putObj.Serial && Authorized.HasAnyRole(CurrentUserRoles, RolesAllowedToChangeSerial))
{
dbObj.Serial = putObj.Serial;
}