admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-07-14 15:52:15 +00:00
parent 62e5ee9f82
commit 77f5e7d9c9
1 changed files with 29 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

176
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -26,6 +26,24 @@ namespace AyaNova.Biz
CurrentUserRoles = UserRoles;
BizType = AyaType.WorkOrder;
CurrentUserType = currentUserType;
//Sub-role rights flags
UserIsTechRestricted = CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted);
UserIsSubContractorFull = CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractor);
UserIsSubContractorRestricted = CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractorRestricted);
UserIsRestrictedType = UserIsTechRestricted || UserIsSubContractorFull || UserIsSubContractorRestricted;
UserCanViewPartCosts = CurrentUserRoles.HasFlag(AuthorizationRoles.InventoryRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Inventory)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting);
UserCanViewLaborOrTravelRateCosts = CurrentUserRoles.HasFlag(AuthorizationRoles.Service)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting);
UserCanViewLoanerCosts = CurrentUserRoles.HasFlag(AuthorizationRoles.Service)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting);
}
internal static WorkOrderBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null)
@@ -65,150 +83,15 @@ namespace AyaNova.Biz
//and are considered after role rights have already been consulted first (usually at the controller level)
internal UserType CurrentUserType { get; set; }
internal bool UserCanCreateOrDeleteAWorkOrderOrItem//does not mean they can't edit, just not create or remove
{
get
{
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles that have at least partial access to a work order
if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return false;
return true;
}
}
// internal bool UserIsRestrictedType
// {
// get
// {
// switch (CurrentUserType)
// {
// case UserType.Customer:
// case UserType.HeadOffice:
// case UserType.ServiceContractor:
// return true;
// }
// //Now check roles that have at least partial access to a work order
// if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true;
// return false;
// }
// }
internal bool UserIsTechRestricted
{
get
{
return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
}
}
internal bool UserIsSubContractorFull
{
get
{
return (CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractor));
}
}
internal bool UserIsRestrictedType { get; set; }
internal bool UserIsTechRestricted { get; set; }
internal bool UserIsSubContractorFull { get; set; }
internal bool UserIsSubContractorRestricted { get; set; }
internal bool UserCanViewPartCosts { get; set; }
internal bool UserCanViewLaborOrTravelRateCosts { get; set; }
internal bool UserCanViewLoanerCosts { get; set; }
internal bool UserIsSubContractorRestricted //most limited type, can not view many objects even in their own scheduled work order item
{
get
{
return (CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractorRestricted));
}
}
internal bool UserCanViewPartCosts
{
get
{
//the "for sure can not view part cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles
return (CurrentUserRoles.HasFlag(AuthorizationRoles.InventoryRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Inventory)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
internal bool UserCanViewLaborOrTravelRateCosts
{
get
{
//the "for sure can not view labor/travel cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles
return (CurrentUserRoles.HasFlag(AuthorizationRoles.Service)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
internal bool UserCanViewLoanerCosts
{
get
{
//the "for sure can not view loaner cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles (same as rates as accessed via svc area)
return (CurrentUserRoles.HasFlag(AuthorizationRoles.Service)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
//For restricted users that are not allowed to view woitems unless they are scheduled on them
//(Tech - Restricted role, Sub-contractor user type)
//not that this is a further limitation (level 2) beyond basic role security (level 1) so this would apply
//to users that are already allowed to view some aspect of a workorder
//and in addition there could be further limitations (level 3)
// internal bool UserCanViewSelfScheduledItemsOnly
// {
// get
// {
// if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible
// //Now check roles (same as rates as accessed via svc area)
// return (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted));
// }
// }
// internal bool IsTechRestricted
// {
// get
// {
// return CurrentUserType == UserType.Service
// && !CurrentUserRoles.HasFlag(AuthorizationRoles.Tech)
// && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractorRestricted);
// }
// }
////////////////////////////////////////////////////////////////////////////////////////////////
@@ -444,7 +327,6 @@ namespace AyaNova.Biz
wi.OutsideServices.RemoveAll(x => true);
}
//tasks are allowed to be viewed and update the task completion types
}
}
@@ -910,7 +792,7 @@ namespace AyaNova.Biz
bool isNew = currentObj == null;
//Check restricted role preventing create
if (isNew && !UserCanCreateOrDeleteAWorkOrderOrItem)
if (isNew && UserIsRestrictedType)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;//this is a completely disqualifying error
@@ -984,7 +866,7 @@ namespace AyaNova.Biz
private void WorkOrderValidateCanDelete(WorkOrder dbObject)
{
//Check restricted role preventing create
if (!UserCanCreateOrDeleteAWorkOrderOrItem)
if (UserIsRestrictedType)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;//this is a completely disqualifying error
@@ -2367,7 +2249,7 @@ namespace AyaNova.Biz
//Check restricted role preventing create
if (isNew && !UserCanCreateOrDeleteAWorkOrderOrItem)
if (isNew && UserIsRestrictedType)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;//this is a completely disqualifying error
@@ -2413,7 +2295,7 @@ namespace AyaNova.Biz
}
//Check restricted role preventing create
if (!UserCanCreateOrDeleteAWorkOrderOrItem)
if (UserIsRestrictedType)
{
AddError(ApiErrorCode.NOT_AUTHORIZED, "generalerror");
return;//this is a completely disqualifying error