This commit is contained in:
@@ -61,8 +61,6 @@ namespace AyaNova.Api.Controllers
|
|||||||
//Instantiate the business object handler
|
//Instantiate the business object handler
|
||||||
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
UserBiz biz = UserBiz.GetBiz(ct, HttpContext);
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
//Also used for Contacts (customer type user or ho type user)
|
//Also used for Contacts (customer type user or ho type user)
|
||||||
//by users with no User right so further biz rule required depending on usertype
|
//by users with no User right so further biz rule required depending on usertype
|
||||||
//this is just phase 1
|
//this is just phase 1
|
||||||
|
|||||||
@@ -68,21 +68,25 @@ namespace AyaNova.Api.Controllers
|
|||||||
var UserId = UserIdFromContext.Id(HttpContext.Items);
|
var UserId = UserIdFromContext.Id(HttpContext.Items);
|
||||||
|
|
||||||
//Different than normal here: a user is *always* allowed to retrieve their own user options object
|
//Different than normal here: a user is *always* allowed to retrieve their own user options object
|
||||||
if (id != UserId && !Authorized.HasReadFullRole(HttpContext.Items, AyaType.UserOptions))
|
if (id != UserId)
|
||||||
{
|
{
|
||||||
return StatusCode(403, new ApiNotAuthorizedResponse());
|
//Not users own options so need to check just as for User object as could be a Contact
|
||||||
|
|
||||||
|
//Also used for Contacts (customer type user or ho type user)
|
||||||
|
//by users with no User right so further biz rule required depending on usertype
|
||||||
|
//this is just phase 1
|
||||||
|
bool AllowedOutsideUser = Authorized.HasReadFullRole(HttpContext.Items, AyaType.Customer);
|
||||||
|
bool AllowedInsideUser = Authorized.HasReadFullRole(HttpContext.Items, AyaType.User);
|
||||||
|
|
||||||
|
if (!AllowedOutsideUser && !AllowedInsideUser)
|
||||||
|
return StatusCode(403, new ApiNotAuthorizedResponse());
|
||||||
}
|
}
|
||||||
|
|
||||||
//Instantiate the business object handler
|
//Instantiate the business object handler
|
||||||
UserOptionsBiz biz = new UserOptionsBiz(ct, UserId, UserRolesFromContext.Roles(HttpContext.Items));
|
UserOptionsBiz biz = new UserOptionsBiz(ct, UserId, UserRolesFromContext.Roles(HttpContext.Items));
|
||||||
|
|
||||||
var o = await biz.GetAsync(id);
|
var o = await biz.GetAsync(id);
|
||||||
|
|
||||||
if (o == null)
|
if (o == null)
|
||||||
{
|
|
||||||
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
return NotFound(new ApiErrorResponse(ApiErrorCode.NOT_FOUND));
|
||||||
}
|
|
||||||
|
|
||||||
return Ok(ApiOkResponse.Response(o));
|
return Ok(ApiOkResponse.Response(o));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -26,7 +26,8 @@ namespace AyaNova.Biz
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//No type form keys:
|
||||||
|
l.Add("Contact");
|
||||||
return l;
|
return l;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -119,6 +120,41 @@ namespace AyaNova.Biz
|
|||||||
}
|
}
|
||||||
#endregion
|
#endregion
|
||||||
|
|
||||||
|
#region CONTACT_KEY
|
||||||
|
{
|
||||||
|
List<AyaFormFieldDefinition> l = new List<AyaFormFieldDefinition>();
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "Name", FieldKey = "Name", Hideable = false });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserEmployeeNumber", FieldKey = "EmployeeNumber" });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "AuthorizationRoles", FieldKey = "Roles", Hideable = false });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserNotes", FieldKey = "Notes" });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserType", FieldKey = "UserType", Hideable = false });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "Active", FieldKey = "Active", Hideable = false });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "LastLogin", FieldKey = "LastLogin" });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "Tags", FieldKey = "Tags" });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "Wiki", FieldKey = "Wiki" });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "Attachments", FieldKey = "Attachments" });
|
||||||
|
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom1", FieldKey = "UserCustom1", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom2", FieldKey = "UserCustom2", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom3", FieldKey = "UserCustom3", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom4", FieldKey = "UserCustom4", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom5", FieldKey = "UserCustom5", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom6", FieldKey = "UserCustom6", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom7", FieldKey = "UserCustom7", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom8", FieldKey = "UserCustom8", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom9", FieldKey = "UserCustom9", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom10", FieldKey = "UserCustom10", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom11", FieldKey = "UserCustom11", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom12", FieldKey = "UserCustom12", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom13", FieldKey = "UserCustom13", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom14", FieldKey = "UserCustom14", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom15", FieldKey = "UserCustom15", IsCustomField = true });
|
||||||
|
l.Add(new AyaFormFieldDefinition { TKey = "UserCustom16", FieldKey = "UserCustom16", IsCustomField = true });
|
||||||
|
_ayaFormFields.Add("Contact", l);
|
||||||
|
}
|
||||||
|
#endregion
|
||||||
|
|
||||||
|
|
||||||
#region Customer
|
#region Customer
|
||||||
{
|
{
|
||||||
List<AyaFormFieldDefinition> l = new List<AyaFormFieldDefinition>();
|
List<AyaFormFieldDefinition> l = new List<AyaFormFieldDefinition>();
|
||||||
@@ -469,7 +505,7 @@ namespace AyaNova.Biz
|
|||||||
l.Add(new AyaFormFieldDefinition { TKey = "Wiki", FieldKey = "Wiki" });
|
l.Add(new AyaFormFieldDefinition { TKey = "Wiki", FieldKey = "Wiki" });
|
||||||
l.Add(new AyaFormFieldDefinition { TKey = "Attachments", FieldKey = "Attachments" });
|
l.Add(new AyaFormFieldDefinition { TKey = "Attachments", FieldKey = "Attachments" });
|
||||||
|
|
||||||
//VENDOR FIELDS
|
//VENDOR FIELDS
|
||||||
l.Add(new AyaFormFieldDefinition { TKey = "WebAddress", FieldKey = "WebAddress" });
|
l.Add(new AyaFormFieldDefinition { TKey = "WebAddress", FieldKey = "WebAddress" });
|
||||||
l.Add(new AyaFormFieldDefinition { TKey = "HeadOfficeAccountNumber", FieldKey = "AccountNumber" });
|
l.Add(new AyaFormFieldDefinition { TKey = "HeadOfficeAccountNumber", FieldKey = "AccountNumber" });
|
||||||
l.Add(new AyaFormFieldDefinition { TKey = "VendorContact", FieldKey = "Contact" });
|
l.Add(new AyaFormFieldDefinition { TKey = "VendorContact", FieldKey = "Contact" });
|
||||||
|
|||||||
Reference in New Issue
Block a user