This commit is contained in:
@@ -347,15 +347,40 @@ namespace AyaNova.Api.Controllers
|
|||||||
log.LogInformation($"User \"{u.Name}\" logged in from \"{HttpContext.Connection.RemoteIpAddress.ToString()}\" ok");
|
log.LogInformation($"User \"{u.Name}\" logged in from \"{HttpContext.Connection.RemoteIpAddress.ToString()}\" ok");
|
||||||
|
|
||||||
|
|
||||||
return Ok(ApiOkResponse.Response(new
|
//return appropriate data
|
||||||
|
|
||||||
|
if (u.UserType == UserType.Customer | u.UserType == UserType.HeadOffice)
|
||||||
{
|
{
|
||||||
token = token,
|
//customer type has special rights restrictions for UI features so return them here so client UI can enable or disable
|
||||||
name = u.Name,
|
|
||||||
usertype = u.UserType,
|
|
||||||
roles = ((int)u.Roles).ToString(),
|
|
||||||
dlt = DownloadToken,
|
return Ok(ApiOkResponse.Response(new
|
||||||
tfa = u.TwoFactorEnabled
|
{
|
||||||
}));
|
token = token,
|
||||||
|
name = u.Name,
|
||||||
|
usertype = u.UserType,
|
||||||
|
roles = ((int)u.Roles).ToString(),
|
||||||
|
dlt = DownloadToken,
|
||||||
|
tfa = u.TwoFactorEnabled,
|
||||||
|
CustomerAllowCSR = AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerDefaultWorkOrderReportId,
|
||||||
|
|
||||||
|
}));
|
||||||
|
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
//Non customer user
|
||||||
|
return Ok(ApiOkResponse.Response(new
|
||||||
|
{
|
||||||
|
token = token,
|
||||||
|
name = u.Name,
|
||||||
|
usertype = u.UserType,
|
||||||
|
roles = ((int)u.Roles).ToString(),
|
||||||
|
dlt = DownloadToken,
|
||||||
|
tfa = u.TwoFactorEnabled
|
||||||
|
}));
|
||||||
|
}
|
||||||
|
|
||||||
//------------------------ /STANDARD BLOCK -------------------------
|
//------------------------ /STANDARD BLOCK -------------------------
|
||||||
}
|
}
|
||||||
@@ -673,7 +698,7 @@ namespace AyaNova.Api.Controllers
|
|||||||
u.TempToken = null;
|
u.TempToken = null;
|
||||||
u.TwoFactorEnabled = false;
|
u.TwoFactorEnabled = false;
|
||||||
await ct.SaveChangesAsync();
|
await ct.SaveChangesAsync();
|
||||||
return NoContent();
|
return NoContent();
|
||||||
}
|
}
|
||||||
//------------------------------------------------------
|
//------------------------------------------------------
|
||||||
|
|
||||||
|
|||||||
@@ -107,6 +107,20 @@ namespace AyaNova.Biz
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
internal static async Task<CustomerRightsRecord> CustomerUserEffectiveRights(long userId)
|
||||||
|
{
|
||||||
|
using (AyContext ct = ServiceProviderProvider.DBContext)
|
||||||
|
{
|
||||||
|
var UserInfo = await ct.User.AsNoTracking().Where(x => x.Id == userId).Select(x => new { x.UserType, x.HeadOfficeId, x.CustomerId, x.Tags }).FirstAsync();
|
||||||
|
if (UserInfo.UserType != UserType.Customer && UserInfo.UserType != UserType.HeadOffice)
|
||||||
|
{
|
||||||
|
throw new System.NotSupportedException(
|
||||||
|
$"UserBiz::CustomerUserEffectiveRights - Requested for non Customer type user with ID {userId} who is UserType: {UserInfo.UserType}");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
internal static UserBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null)
|
internal static UserBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null)
|
||||||
{
|
{
|
||||||
@@ -716,19 +730,20 @@ namespace AyaNova.Biz
|
|||||||
|
|
||||||
|
|
||||||
//SUPERUSER ACCOUNT CAN"T BE MODIFIED IN SOME WAYS
|
//SUPERUSER ACCOUNT CAN"T BE MODIFIED IN SOME WAYS
|
||||||
if(!isNew && proposedObj.Id==1){
|
if (!isNew && proposedObj.Id == 1)
|
||||||
|
{
|
||||||
//prevent certain changes to superuser account like roles etc
|
//prevent certain changes to superuser account like roles etc
|
||||||
|
|
||||||
if(proposedObj.Roles!=currentObj.Roles)
|
if (proposedObj.Roles != currentObj.Roles)
|
||||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "Roles");
|
AddError(ApiErrorCode.NOT_AUTHORIZED, "Roles");
|
||||||
|
|
||||||
if(proposedObj.Active!=currentObj.Active)
|
if (proposedObj.Active != currentObj.Active)
|
||||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "Active");
|
AddError(ApiErrorCode.NOT_AUTHORIZED, "Active");
|
||||||
|
|
||||||
if(proposedObj.Name!=currentObj.Name)
|
if (proposedObj.Name != currentObj.Name)
|
||||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "Name");
|
AddError(ApiErrorCode.NOT_AUTHORIZED, "Name");
|
||||||
|
|
||||||
if(proposedObj.UserType!=currentObj.UserType)
|
if (proposedObj.UserType != currentObj.UserType)
|
||||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "UserType");
|
AddError(ApiErrorCode.NOT_AUTHORIZED, "UserType");
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -88,6 +88,9 @@ namespace AyaNova.Models
|
|||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//Used internally and at client end as extended rights atop roles system in relation only to Contact (customer type users)
|
||||||
|
public record CustomerRightsRecord(bool CSR, bool WO, bool WOWIKI, bool UserSettings, bool NotifyServiceImminent, bool NotifyCSRAccepted, bool NotifyCSRRejected, bool NotifyWOCreated);
|
||||||
}
|
}
|
||||||
/*
|
/*
|
||||||
CREATE TABLE [dbo].[AGLOBAL](
|
CREATE TABLE [dbo].[AGLOBAL](
|
||||||
|
|||||||
Reference in New Issue
Block a user