This commit is contained in:
@@ -43,10 +43,10 @@ namespace AyaNova.Biz
|
||||
|
||||
public void ClearErrors() => _errors.Clear();
|
||||
|
||||
public void AddvalidationError(ValidationError validationError)
|
||||
{
|
||||
_errors.Add(validationError);
|
||||
}
|
||||
// public void AddvalidationError(ValidationError validationError)
|
||||
// {
|
||||
// _errors.Add(validationError);
|
||||
// }
|
||||
|
||||
public bool PropertyHasErrors(string propertyName)
|
||||
{
|
||||
@@ -56,9 +56,9 @@ namespace AyaNova.Biz
|
||||
|
||||
}
|
||||
|
||||
public void AddError(ApiErrorCode errorCode, string propertyName = null, string errorMessage = null)
|
||||
public void AddError(ApiErrorCode errorCode, string propertyName = "generalerror", string errorMessage = null)
|
||||
{
|
||||
|
||||
//if Target is generalerror that means show in UI in general error box of form
|
||||
_errors.Add(new ValidationError() { Code = errorCode, Message = errorMessage, Target = propertyName });
|
||||
}
|
||||
|
||||
@@ -77,10 +77,10 @@ namespace AyaNova.Biz
|
||||
foreach (ValidationError e in _errors)
|
||||
{
|
||||
var msg = $"LT:{ApiErrorCodeStockMessage.GetTranslationCodeForApiErrorCode(e.Code)}";
|
||||
if(!string.IsNullOrWhiteSpace(e.Message))
|
||||
msg+=$", {e.Message}";
|
||||
if(!string.IsNullOrWhiteSpace(e.Target) && e.Target!="errorbox")
|
||||
msg+=$", field: {e.Target}";
|
||||
if (!string.IsNullOrWhiteSpace(e.Message))
|
||||
msg += $", {e.Message}";
|
||||
if (!string.IsNullOrWhiteSpace(e.Target) && e.Target != "generalerror")
|
||||
msg += $", field: {e.Target}";
|
||||
sb.AppendLine(msg);
|
||||
}
|
||||
return sb.ToString();
|
||||
|
||||
@@ -308,7 +308,7 @@ namespace AyaNova.Biz
|
||||
// {
|
||||
// //Note: errorbox will ensure it appears in the general errror box and not field specific
|
||||
// //the translation key is to indicate what the linked object is that is causing the error
|
||||
// AddError(ApiErrorCode.VALIDATION_REFERENTIAL_INTEGRITY, "errorbox", "LT:Contact");
|
||||
// AddError(ApiErrorCode.VALIDATION_REFERENTIAL_INTEGRITY, "generalerror", "LT:Contact");
|
||||
// }
|
||||
|
||||
//return await Task.CompletedTask;
|
||||
|
||||
@@ -272,7 +272,7 @@ namespace AyaNova.Biz
|
||||
{
|
||||
//Note: errorbox will ensure it appears in the general errror box and not field specific
|
||||
//the translation key is to indicate what the linked object is that is causing the error
|
||||
AddError(ApiErrorCode.VALIDATION_REFERENTIAL_INTEGRITY, "errorbox", "LT:Customer");
|
||||
AddError(ApiErrorCode.VALIDATION_REFERENTIAL_INTEGRITY, "generalerror", "LT:Customer");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -35,11 +35,11 @@ namespace AyaNova.Biz
|
||||
/// <param name="propertyName"></param>
|
||||
void AddError(ApiErrorCode errorCode, string propertyName = null, string errorMessage = null);
|
||||
|
||||
/// <summary>
|
||||
///
|
||||
/// </summary>
|
||||
/// <param name="validationError"></param>
|
||||
void AddvalidationError(ValidationError validationError);
|
||||
// /// <summary>
|
||||
// ///
|
||||
// /// </summary>
|
||||
// /// <param name="validationError"></param>
|
||||
// void AddvalidationError(ValidationError validationError);
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -307,7 +307,7 @@ namespace AyaNova.Biz
|
||||
{
|
||||
//Note: errorbox will ensure it appears in the general errror box and not field specific
|
||||
//the translation key is to indicate what the linked object is that is causing the error
|
||||
AddError(ApiErrorCode.VALIDATION_REFERENTIAL_INTEGRITY, "errorbox", "LT:NotifySubscription");
|
||||
AddError(ApiErrorCode.VALIDATION_REFERENTIAL_INTEGRITY, "generalerror", "LT:NotifySubscription");
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -214,11 +214,11 @@ namespace AyaNova.Biz
|
||||
- RULE Roles: BizAdminFull, DispatchFull, InventoryFull, Accounting, SalesFull can create and assign to anyone else.
|
||||
- RULE Any other inside role can create for themselves only. (outside roles have no rights to this object so no need to check)
|
||||
- RULE Limited roles can only set completed date and enter completion notes not otherwise change or create or delete.
|
||||
- BIZ RULE users with more than limited roles can assign other users to follow up. Limited roles can only set completed status not otherwise change or create or delete.
|
||||
- BIZ RULE users with more than limited roles can assign other users
|
||||
*/
|
||||
|
||||
bool isNew = currentObj == null;
|
||||
|
||||
bool SelfAssigned = proposedObj.AssignedByUserId == UserId && proposedObj.UserId == UserId;
|
||||
bool HasSupervisorRole =
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdminFull) ||
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.DispatchFull) ||
|
||||
@@ -226,16 +226,55 @@ namespace AyaNova.Biz
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.SalesFull) ||
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.AccountingFull);
|
||||
|
||||
//Checks for non supervisors
|
||||
if (!HasSupervisorRole)
|
||||
{
|
||||
//Non supervisor can't create a Review and assign to other User
|
||||
if (isNew && !SelfAssigned)
|
||||
{
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "UserId");
|
||||
return;//no need to check any further this is disqualifying completely
|
||||
}
|
||||
|
||||
//Non supervisory roles can only change / set certain fields for non self reviews
|
||||
if (!isNew && !SelfAssigned)
|
||||
{
|
||||
if (
|
||||
(currentObj.Name != proposedObj.Name) ||
|
||||
(currentObj.Notes != proposedObj.Notes) ||
|
||||
(currentObj.Wiki != proposedObj.Wiki) ||
|
||||
(currentObj.Tags != proposedObj.Tags) ||
|
||||
(currentObj.DueDate != proposedObj.DueDate) ||
|
||||
(currentObj.UserId != proposedObj.UserId) ||
|
||||
(currentObj.AssignedByUserId != proposedObj.AssignedByUserId) ||
|
||||
(currentObj.Notes != proposedObj.Notes) ||
|
||||
(currentObj.Notes != proposedObj.Notes))
|
||||
{
|
||||
AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "generalerror");
|
||||
return;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
//Can't change assigned object id and type after initial save
|
||||
if (!isNew)
|
||||
{
|
||||
if (proposedObj.ObjectId != currentObj.ObjectId)
|
||||
{
|
||||
AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "ObjectId");
|
||||
return;
|
||||
}
|
||||
if (proposedObj.ObjectType != currentObj.ObjectType)
|
||||
{
|
||||
AddError(ApiErrorCode.VALIDATION_NOT_CHANGEABLE, "ObjectType");
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
//Name required
|
||||
if (string.IsNullOrWhiteSpace(proposedObj.Name))
|
||||
AddError(ApiErrorCode.VALIDATION_REQUIRED, "Name");
|
||||
|
||||
if(!HasSupervisorRole && proposedObj.Self){
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED, "UserId");
|
||||
}
|
||||
|
||||
|
||||
//Any form customizations to validate?
|
||||
var FormCustomization = await ct.FormCustom.AsNoTracking().SingleOrDefaultAsync(x => x.FormKey == AyaType.Review.ToString());
|
||||
if (FormCustomization != null)
|
||||
@@ -253,8 +292,15 @@ namespace AyaNova.Biz
|
||||
|
||||
private void ValidateCanDelete(Review inObj)
|
||||
{
|
||||
//whatever needs to be check to delete this object
|
||||
//TODO: There are specific rules for this beyond regular roles see case 3511
|
||||
bool SelfAssigned = inObj.AssignedByUserId == UserId && inObj.UserId == UserId;
|
||||
bool HasSupervisorRole =
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdminFull) ||
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.DispatchFull) ||
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.InventoryFull) ||
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.SalesFull) ||
|
||||
CurrentUserRoles.HasFlag(AuthorizationRoles.AccountingFull);
|
||||
if (!SelfAssigned && !HasSupervisorRole)
|
||||
AddError(ApiErrorCode.NOT_AUTHORIZED);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -47,16 +47,6 @@ namespace AyaNova.Models
|
||||
}
|
||||
|
||||
|
||||
[NotMapped]
|
||||
public bool Self
|
||||
{
|
||||
get
|
||||
{
|
||||
return (UserId == AssignedByUserId);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
public Review()
|
||||
{
|
||||
Tags = new List<string>();
|
||||
|
||||
Reference in New Issue
Block a user