diff --git a/server/AyaNova/ControllerHelpers/Authorized.cs b/server/AyaNova/ControllerHelpers/Authorized.cs
index ea5e0428..73224a59 100644
--- a/server/AyaNova/ControllerHelpers/Authorized.cs
+++ b/server/AyaNova/ControllerHelpers/Authorized.cs
@@ -6,6 +6,8 @@ using AyaNova.Biz;
namespace AyaNova.Api.ControllerHelpers
{
+ //AUTHORIZATION ROLES: NOTE - this is only 'stage1' of generally checking rights, individual objects can also have business rules that affect access exactly as these roles do
+ //Most objects won't need more than this but some specialized ones will have further checks depending on biz rules
internal static class Authorized
{
@@ -104,13 +106,13 @@ namespace AyaNova.Api.ControllerHelpers
///
///
///
-
+
///
internal static bool HasModifyRole(IDictionary HttpContextItems, AyaType objectType)
{
AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
-
- return HasModifyRole(currentUserRoles, objectType);
+
+ return HasModifyRole(currentUserRoles, objectType);
}
@@ -157,7 +159,7 @@ namespace AyaNova.Api.ControllerHelpers
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
return true;
-
+
return false;
}
diff --git a/server/AyaNova/Controllers/AttachmentController.cs b/server/AyaNova/Controllers/AttachmentController.cs
index 8c0a99e1..3316bda3 100644
--- a/server/AyaNova/Controllers/AttachmentController.cs
+++ b/server/AyaNova/Controllers/AttachmentController.cs
@@ -195,7 +195,7 @@ namespace AyaNova.Api.Controllers
// else
// {
// User needs modify rights to the object type in question
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, attachToObject.ObjectType, attachToObjectOwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, attachToObject.ObjectType))
{
//delete temp files
DeleteTempFileUploadDueToBadRequest(uploadFormData);
@@ -293,7 +293,7 @@ namespace AyaNova.Api.Controllers
long UserId = UserIdFromContext.Id(HttpContext.Items);
- if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, dbObj.AttachToObjectType, dbObj.OwnerId))
+ if (!Authorized.HasDeleteRole(HttpContext.Items, dbObj.AttachToObjectType))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
diff --git a/server/AyaNova/Controllers/DataFilterController.cs b/server/AyaNova/Controllers/DataFilterController.cs
index efb3c29d..f549bdc9 100644
--- a/server/AyaNova/Controllers/DataFilterController.cs
+++ b/server/AyaNova/Controllers/DataFilterController.cs
@@ -127,7 +127,7 @@ namespace AyaNova.Api.Controllers
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
@@ -206,7 +206,7 @@ namespace AyaNova.Api.Controllers
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
- if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, o.OwnerId))
+ if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
if (!biz.Delete(o))
diff --git a/server/AyaNova/Controllers/FormCustomController.cs b/server/AyaNova/Controllers/FormCustomController.cs
index e7c0eb63..fd02dd3d 100644
--- a/server/AyaNova/Controllers/FormCustomController.cs
+++ b/server/AyaNova/Controllers/FormCustomController.cs
@@ -200,7 +200,7 @@ namespace AyaNova.Api.Controllers
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
return StatusCode(403, new ApiNotAuthorizedResponse());
try
diff --git a/server/AyaNova/Controllers/LocaleController.cs b/server/AyaNova/Controllers/LocaleController.cs
index fd42293d..43f3306e 100644
--- a/server/AyaNova/Controllers/LocaleController.cs
+++ b/server/AyaNova/Controllers/LocaleController.cs
@@ -233,7 +233,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.Locale, oDbParent.OwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.Locale))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
@@ -299,7 +299,7 @@ namespace AyaNova.Api.Controllers
}
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.Locale, oFromDb.OwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, AyaType.Locale))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
@@ -367,7 +367,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
- if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, AyaType.Locale, dbObj.OwnerId))
+ if (!Authorized.HasDeleteRole(HttpContext.Items, AyaType.Locale))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
diff --git a/server/AyaNova/Controllers/UserController.cs b/server/AyaNova/Controllers/UserController.cs
index f181e8fa..b25194bc 100644
--- a/server/AyaNova/Controllers/UserController.cs
+++ b/server/AyaNova/Controllers/UserController.cs
@@ -214,7 +214,7 @@ namespace AyaNova.Api.Controllers
//Instantiate the business object handler
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
@@ -278,7 +278,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
- if (!Authorized.IsAuthorizedToModify(HttpContext.Items, biz.BizType, o.OwnerId))
+ if (!Authorized.HasModifyRole(HttpContext.Items, biz.BizType))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
@@ -392,7 +392,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
- if (!Authorized.IsAuthorizedToDelete(HttpContext.Items, biz.BizType, dbObj.OwnerId))
+ if (!Authorized.HasDeleteRole(HttpContext.Items, biz.BizType))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
diff --git a/server/AyaNova/Controllers/UserOptionsController.cs b/server/AyaNova/Controllers/UserOptionsController.cs
index af539122..46f8b66a 100644
--- a/server/AyaNova/Controllers/UserOptionsController.cs
+++ b/server/AyaNova/Controllers/UserOptionsController.cs
@@ -120,7 +120,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
- if (id != UserId && !Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.UserOptions, o.OwnerId))
+ if (id != UserId && !Authorized.HasModifyRole(HttpContext.Items, AyaType.UserOptions, o.OwnerId))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}
@@ -189,7 +189,7 @@ namespace AyaNova.Api.Controllers
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
- if (id != UserId && !Authorized.IsAuthorizedToModify(HttpContext.Items, AyaType.UserOptions, o.OwnerId))
+ if (id != UserId && !Authorized.HasModifyRole(HttpContext.Items, AyaType.UserOptions, o.OwnerId))
{
return StatusCode(403, new ApiNotAuthorizedResponse());
}