admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-12-07 18:40:38 +00:00
parent 68ee6f411a
commit 74fa5d2700
3 changed files with 50 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/AyaNova/Controllers/UserController.cs
View File

@@ -61,8 +61,6 @@ namespace AyaNova.Api.Controllers
//Instantiate the business object handler
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
//Also used for Contacts (customer type user or ho type user)
//by users with no User right so further biz rule required depending on usertype
//this is just phase 1

20
server/AyaNova/Controllers/UserOptionsController.cs
View File

@@ -68,21 +68,25 @@ namespace AyaNova.Api.Controllers
var UserId = UserIdFromContext.Id(HttpContext.Items);
//Different than normal here: a user is *always* allowed to retrieve their own user options object
if (id != UserId && !Authorized.HasReadFullRole(HttpContext.Items, AyaType.UserOptions))
if (id != UserId)
{
return StatusCode(403, new ApiNotAuthorizedResponse());
//Not users own options so need to check just as for User object as could be a Contact
//Also used for Contacts (customer type user or ho type user)
//by users with no User right so further biz rule required depending on usertype
//this is just phase 1
bool AllowedOutsideUser = Authorized.HasReadFullRole(HttpContext.Items, AyaType.Customer);
bool AllowedInsideUser = Authorized.HasReadFullRole(HttpContext.Items, AyaType.User);
if (!AllowedOutsideUser && !AllowedInsideUser)
return StatusCode(403, new ApiNotAuthorizedResponse());
}
//Instantiate the business object handler
UserOptionsBiz biz = new UserOptionsBiz(ct, UserId, UserRolesFromContext.Roles(HttpContext.Items));
var o = await biz.GetAsync(id);
if (o == null)
{
if (o == null)
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
}
return Ok(ApiOkResponse.Response(o));
}

40
server/AyaNova/biz/AyaFormFieldDefinitions.cs
View File

@@ -26,7 +26,8 @@ namespace AyaNova.Biz
}
}
//No type form keys:
l.Add("Contact");
return l;
}
}
@@ -119,6 +120,41 @@ namespace AyaNova.Biz
}
#endregion
#region CONTACT_KEY
{
List<AyaFormFieldDefinition> l = new List<AyaFormFieldDefinition>();
l.Add(new AyaFormFieldDefinition { TKey = "Name", FieldKey = "Name", Hideable = false });
l.Add(new AyaFormFieldDefinition { TKey = "UserEmployeeNumber", FieldKey = "EmployeeNumber" });
l.Add(new AyaFormFieldDefinition { TKey = "AuthorizationRoles", FieldKey = "Roles", Hideable = false });
l.Add(new AyaFormFieldDefinition { TKey = "UserNotes", FieldKey = "Notes" });
l.Add(new AyaFormFieldDefinition { TKey = "UserType", FieldKey = "UserType", Hideable = false });
l.Add(new AyaFormFieldDefinition { TKey = "Active", FieldKey = "Active", Hideable = false });
l.Add(new AyaFormFieldDefinition { TKey = "LastLogin", FieldKey = "LastLogin" });
l.Add(new AyaFormFieldDefinition { TKey = "Tags", FieldKey = "Tags" });
l.Add(new AyaFormFieldDefinition { TKey = "Wiki", FieldKey = "Wiki" });
l.Add(new AyaFormFieldDefinition { TKey = "Attachments", FieldKey = "Attachments" });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom1", FieldKey = "UserCustom1", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom2", FieldKey = "UserCustom2", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom3", FieldKey = "UserCustom3", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom4", FieldKey = "UserCustom4", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom5", FieldKey = "UserCustom5", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom6", FieldKey = "UserCustom6", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom7", FieldKey = "UserCustom7", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom8", FieldKey = "UserCustom8", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom9", FieldKey = "UserCustom9", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom10", FieldKey = "UserCustom10", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom11", FieldKey = "UserCustom11", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom12", FieldKey = "UserCustom12", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom13", FieldKey = "UserCustom13", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom14", FieldKey = "UserCustom14", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom15", FieldKey = "UserCustom15", IsCustomField = true });
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom16", FieldKey = "UserCustom16", IsCustomField = true });
_ayaFormFields.Add("Contact", l);
}
#endregion
#region Customer
{
List<AyaFormFieldDefinition> l = new List<AyaFormFieldDefinition>();
@@ -469,7 +505,7 @@ namespace AyaNova.Biz
l.Add(new AyaFormFieldDefinition { TKey = "Wiki", FieldKey = "Wiki" });
l.Add(new AyaFormFieldDefinition { TKey = "Attachments", FieldKey = "Attachments" });
//VENDOR FIELDS
//VENDOR FIELDS
l.Add(new AyaFormFieldDefinition { TKey = "WebAddress", FieldKey = "WebAddress" });
l.Add(new AyaFormFieldDefinition { TKey = "HeadOfficeAccountNumber", FieldKey = "AccountNumber" });
l.Add(new AyaFormFieldDefinition { TKey = "VendorContact", FieldKey = "Contact" });