admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-07-14 14:22:17 +00:00
parent c00d6a83e1
commit 62e5ee9f82
1 changed files with 70 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

103
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -83,20 +83,36 @@ namespace AyaNova.Biz
} }
} }
internal bool UserIsRestrictedType // internal bool UserIsRestrictedType
// {
// get
// {
// switch (CurrentUserType)
// {
// case UserType.Customer:
// case UserType.HeadOffice:
// case UserType.ServiceContractor:
// return true;
// }
// //Now check roles that have at least partial access to a work order
// if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true;
// return false;
// }
// }
internal bool UserIsTechRestricted
{ {
get get
{ {
switch (CurrentUserType) return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
{ }
case UserType.Customer: }
case UserType.HeadOffice:
case UserType.ServiceContractor: internal bool UserIsSubContractorFull
return true; {
} get
//Now check roles that have at least partial access to a work order {
if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true; return (CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractor));
return false;
} }
} }
@@ -174,15 +190,15 @@ namespace AyaNova.Biz
//not that this is a further limitation (level 2) beyond basic role security (level 1) so this would apply //not that this is a further limitation (level 2) beyond basic role security (level 1) so this would apply
//to users that are already allowed to view some aspect of a workorder //to users that are already allowed to view some aspect of a workorder
//and in addition there could be further limitations (level 3) //and in addition there could be further limitations (level 3)
internal bool UserCanViewSelfScheduledItemsOnly // internal bool UserCanViewSelfScheduledItemsOnly
{ // {
get // get
{ // {
if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible // if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible
//Now check roles (same as rates as accessed via svc area) // //Now check roles (same as rates as accessed via svc area)
return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)); // return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
} // }
} // }
// internal bool IsTechRestricted // internal bool IsTechRestricted
// { // {
@@ -368,9 +384,16 @@ namespace AyaNova.Biz
var stat = await GetCurrentWorkOrderStatusFromRelatedAsync(BizType, ret.Id); var stat = await GetCurrentWorkOrderStatusFromRelatedAsync(BizType, ret.Id);
ret.IsLockedAtServer = stat.Locked; ret.IsLockedAtServer = stat.Locked;
//if restricted user then remove any Work order items they are not scheduled on var userIsTechRestricted = UserIsTechRestricted;
if (UserCanViewSelfScheduledItemsOnly) var userIsSubContractorFull = UserIsSubContractorFull;
var userIsSubContractorRestricted = UserIsSubContractorRestricted;
var userIsRestricted = (userIsTechRestricted || userIsSubContractorFull || userIsSubContractorRestricted);
if (userIsRestricted)
{ {
//Restricted users can only work with workorder items they are scheduled on
List<WorkOrderItem> removeItems = new List<WorkOrderItem>(); List<WorkOrderItem> removeItems = new List<WorkOrderItem>();
//gather list of items to remove by checking if they are scheduled on them or not //gather list of items to remove by checking if they are scheduled on them or not
foreach (WorkOrderItem wi in ret.Items) foreach (WorkOrderItem wi in ret.Items)
@@ -391,23 +414,37 @@ namespace AyaNova.Biz
ret.Items.Remove(removeitem); ret.Items.Remove(removeitem);
ret.IsCompleteRecord = false; ret.IsCompleteRecord = false;
} }
}
//subcontractor restricted can not even view most children of their own scheduled woitem //Restricted users may have further restrictions
//a further restriction from above. This ensures they are not sent that data even over the wire let alone in the UI
if (UserIsSubContractorRestricted)
{
foreach (WorkOrderItem wi in ret.Items) foreach (WorkOrderItem wi in ret.Items)
{ {
//all restricted types
wi.ScheduledUsers.RemoveAll(x => x.UserId != UserId); wi.ScheduledUsers.RemoveAll(x => x.UserId != UserId);
wi.Labors.RemoveAll(x => x.UserId != UserId); wi.Labors.RemoveAll(x => x.UserId != UserId);
wi.Travels.RemoveAll(x => x.UserId != UserId); wi.Travels.RemoveAll(x => x.UserId != UserId);
wi.Units.RemoveAll(x => true);
wi.Parts.RemoveAll(x => true); if (userIsTechRestricted)
wi.PartRequests.RemoveAll(x => true); {
wi.Expenses.RemoveAll(x => true); wi.Expenses.RemoveAll(x => x.UserId != UserId);
wi.Loans.RemoveAll(x => true); }
wi.OutsideServices.RemoveAll(x => true);
if (userIsSubContractorFull)
{
wi.Expenses.RemoveAll(x => true);
wi.OutsideServices.RemoveAll(x => true);
}
if (userIsSubContractorRestricted)
{
wi.Units.RemoveAll(x => true);
wi.Parts.RemoveAll(x => true);
wi.PartRequests.RemoveAll(x => true);
wi.Expenses.RemoveAll(x => true);
wi.Loans.RemoveAll(x => true);
wi.OutsideServices.RemoveAll(x => true);
}
//tasks are allowed to be viewed and update the task completion types //tasks are allowed to be viewed and update the task completion types
} }
} }