From 62e5ee9f82f2534175d65f235903121cfd693a3c Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Wed, 14 Jul 2021 14:22:17 +0000 Subject: [PATCH] --- server/AyaNova/biz/WorkOrderBiz.cs | 103 ++++++++++++++++++++--------- 1 file changed, 70 insertions(+), 33 deletions(-) diff --git a/server/AyaNova/biz/WorkOrderBiz.cs b/server/AyaNova/biz/WorkOrderBiz.cs index a27dd3ac..002fa2d4 100644 --- a/server/AyaNova/biz/WorkOrderBiz.cs +++ b/server/AyaNova/biz/WorkOrderBiz.cs @@ -83,20 +83,36 @@ namespace AyaNova.Biz } } - internal bool UserIsRestrictedType + // internal bool UserIsRestrictedType + // { + // get + // { + // switch (CurrentUserType) + // { + // case UserType.Customer: + // case UserType.HeadOffice: + // case UserType.ServiceContractor: + // return true; + // } + // //Now check roles that have at least partial access to a work order + // if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true; + // return false; + // } + // } + + internal bool UserIsTechRestricted { get { - switch (CurrentUserType) - { - case UserType.Customer: - case UserType.HeadOffice: - case UserType.ServiceContractor: - return true; - } - //Now check roles that have at least partial access to a work order - if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true; - return false; + return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)); + } + } + + internal bool UserIsSubContractorFull + { + get + { + return (CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractor)); } } @@ -174,15 +190,15 @@ namespace AyaNova.Biz //not that this is a further limitation (level 2) beyond basic role security (level 1) so this would apply //to users that are already allowed to view some aspect of a workorder //and in addition there could be further limitations (level 3) - internal bool UserCanViewSelfScheduledItemsOnly - { - get - { - if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible - //Now check roles (same as rates as accessed via svc area) - return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)); - } - } + // internal bool UserCanViewSelfScheduledItemsOnly + // { + // get + // { + // if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible + // //Now check roles (same as rates as accessed via svc area) + // return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)); + // } + // } // internal bool IsTechRestricted // { @@ -368,9 +384,16 @@ namespace AyaNova.Biz var stat = await GetCurrentWorkOrderStatusFromRelatedAsync(BizType, ret.Id); ret.IsLockedAtServer = stat.Locked; - //if restricted user then remove any Work order items they are not scheduled on - if (UserCanViewSelfScheduledItemsOnly) + var userIsTechRestricted = UserIsTechRestricted; + var userIsSubContractorFull = UserIsSubContractorFull; + var userIsSubContractorRestricted = UserIsSubContractorRestricted; + var userIsRestricted = (userIsTechRestricted || userIsSubContractorFull || userIsSubContractorRestricted); + + + if (userIsRestricted) { + //Restricted users can only work with workorder items they are scheduled on + List removeItems = new List(); //gather list of items to remove by checking if they are scheduled on them or not foreach (WorkOrderItem wi in ret.Items) @@ -391,23 +414,37 @@ namespace AyaNova.Biz ret.Items.Remove(removeitem); ret.IsCompleteRecord = false; } - } - //subcontractor restricted can not even view most children of their own scheduled woitem - //a further restriction from above. This ensures they are not sent that data even over the wire let alone in the UI - if (UserIsSubContractorRestricted) - { + //Restricted users may have further restrictions foreach (WorkOrderItem wi in ret.Items) { + //all restricted types wi.ScheduledUsers.RemoveAll(x => x.UserId != UserId); wi.Labors.RemoveAll(x => x.UserId != UserId); wi.Travels.RemoveAll(x => x.UserId != UserId); - wi.Units.RemoveAll(x => true); - wi.Parts.RemoveAll(x => true); - wi.PartRequests.RemoveAll(x => true); - wi.Expenses.RemoveAll(x => true); - wi.Loans.RemoveAll(x => true); - wi.OutsideServices.RemoveAll(x => true); + + if (userIsTechRestricted) + { + wi.Expenses.RemoveAll(x => x.UserId != UserId); + } + + if (userIsSubContractorFull) + { + wi.Expenses.RemoveAll(x => true); + wi.OutsideServices.RemoveAll(x => true); + } + + if (userIsSubContractorRestricted) + { + wi.Units.RemoveAll(x => true); + wi.Parts.RemoveAll(x => true); + wi.PartRequests.RemoveAll(x => true); + wi.Expenses.RemoveAll(x => true); + wi.Loans.RemoveAll(x => true); + wi.OutsideServices.RemoveAll(x => true); + } + + //tasks are allowed to be viewed and update the task completion types } }