This commit is contained in:
@@ -83,20 +83,36 @@ namespace AyaNova.Biz
|
||||
}
|
||||
}
|
||||
|
||||
internal bool UserIsRestrictedType
|
||||
// internal bool UserIsRestrictedType
|
||||
// {
|
||||
// get
|
||||
// {
|
||||
// switch (CurrentUserType)
|
||||
// {
|
||||
// case UserType.Customer:
|
||||
// case UserType.HeadOffice:
|
||||
// case UserType.ServiceContractor:
|
||||
// return true;
|
||||
// }
|
||||
// //Now check roles that have at least partial access to a work order
|
||||
// if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true;
|
||||
// return false;
|
||||
// }
|
||||
// }
|
||||
|
||||
internal bool UserIsTechRestricted
|
||||
{
|
||||
get
|
||||
{
|
||||
switch (CurrentUserType)
|
||||
{
|
||||
case UserType.Customer:
|
||||
case UserType.HeadOffice:
|
||||
case UserType.ServiceContractor:
|
||||
return true;
|
||||
}
|
||||
//Now check roles that have at least partial access to a work order
|
||||
if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true;
|
||||
return false;
|
||||
return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
|
||||
}
|
||||
}
|
||||
|
||||
internal bool UserIsSubContractorFull
|
||||
{
|
||||
get
|
||||
{
|
||||
return (CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractor));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -174,15 +190,15 @@ namespace AyaNova.Biz
|
||||
//not that this is a further limitation (level 2) beyond basic role security (level 1) so this would apply
|
||||
//to users that are already allowed to view some aspect of a workorder
|
||||
//and in addition there could be further limitations (level 3)
|
||||
internal bool UserCanViewSelfScheduledItemsOnly
|
||||
{
|
||||
get
|
||||
{
|
||||
if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible
|
||||
//Now check roles (same as rates as accessed via svc area)
|
||||
return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
|
||||
}
|
||||
}
|
||||
// internal bool UserCanViewSelfScheduledItemsOnly
|
||||
// {
|
||||
// get
|
||||
// {
|
||||
// if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible
|
||||
// //Now check roles (same as rates as accessed via svc area)
|
||||
// return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
|
||||
// }
|
||||
// }
|
||||
|
||||
// internal bool IsTechRestricted
|
||||
// {
|
||||
@@ -368,9 +384,16 @@ namespace AyaNova.Biz
|
||||
var stat = await GetCurrentWorkOrderStatusFromRelatedAsync(BizType, ret.Id);
|
||||
ret.IsLockedAtServer = stat.Locked;
|
||||
|
||||
//if restricted user then remove any Work order items they are not scheduled on
|
||||
if (UserCanViewSelfScheduledItemsOnly)
|
||||
var userIsTechRestricted = UserIsTechRestricted;
|
||||
var userIsSubContractorFull = UserIsSubContractorFull;
|
||||
var userIsSubContractorRestricted = UserIsSubContractorRestricted;
|
||||
var userIsRestricted = (userIsTechRestricted || userIsSubContractorFull || userIsSubContractorRestricted);
|
||||
|
||||
|
||||
if (userIsRestricted)
|
||||
{
|
||||
//Restricted users can only work with workorder items they are scheduled on
|
||||
|
||||
List<WorkOrderItem> removeItems = new List<WorkOrderItem>();
|
||||
//gather list of items to remove by checking if they are scheduled on them or not
|
||||
foreach (WorkOrderItem wi in ret.Items)
|
||||
@@ -391,23 +414,37 @@ namespace AyaNova.Biz
|
||||
ret.Items.Remove(removeitem);
|
||||
ret.IsCompleteRecord = false;
|
||||
}
|
||||
}
|
||||
|
||||
//subcontractor restricted can not even view most children of their own scheduled woitem
|
||||
//a further restriction from above. This ensures they are not sent that data even over the wire let alone in the UI
|
||||
if (UserIsSubContractorRestricted)
|
||||
{
|
||||
//Restricted users may have further restrictions
|
||||
foreach (WorkOrderItem wi in ret.Items)
|
||||
{
|
||||
//all restricted types
|
||||
wi.ScheduledUsers.RemoveAll(x => x.UserId != UserId);
|
||||
wi.Labors.RemoveAll(x => x.UserId != UserId);
|
||||
wi.Travels.RemoveAll(x => x.UserId != UserId);
|
||||
wi.Units.RemoveAll(x => true);
|
||||
wi.Parts.RemoveAll(x => true);
|
||||
wi.PartRequests.RemoveAll(x => true);
|
||||
wi.Expenses.RemoveAll(x => true);
|
||||
wi.Loans.RemoveAll(x => true);
|
||||
wi.OutsideServices.RemoveAll(x => true);
|
||||
|
||||
if (userIsTechRestricted)
|
||||
{
|
||||
wi.Expenses.RemoveAll(x => x.UserId != UserId);
|
||||
}
|
||||
|
||||
if (userIsSubContractorFull)
|
||||
{
|
||||
wi.Expenses.RemoveAll(x => true);
|
||||
wi.OutsideServices.RemoveAll(x => true);
|
||||
}
|
||||
|
||||
if (userIsSubContractorRestricted)
|
||||
{
|
||||
wi.Units.RemoveAll(x => true);
|
||||
wi.Parts.RemoveAll(x => true);
|
||||
wi.PartRequests.RemoveAll(x => true);
|
||||
wi.Expenses.RemoveAll(x => true);
|
||||
wi.Loans.RemoveAll(x => true);
|
||||
wi.OutsideServices.RemoveAll(x => true);
|
||||
}
|
||||
|
||||
|
||||
//tasks are allowed to be viewed and update the task completion types
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user