This commit is contained in:
@@ -29,16 +29,23 @@ docs / sections required
|
|||||||
* Part request (how they are made and when)
|
* Part request (how they are made and when)
|
||||||
* Double booking prevention feature in global settings and how it works when scheduling users
|
* Double booking prevention feature in global settings and how it works when scheduling users
|
||||||
|
|
||||||
|
|
||||||
|
* Sub contractors / Technician - Restricted users and Work Orders
|
||||||
|
If a User is set to User type of Sub contractor or if they are a Service type user and are assigned the "Technician - Restricted" role then special limitations apply to them when using the work order form:
|
||||||
|
|
||||||
|
* Work order *Item* restrictions
|
||||||
|
* Theser Users will only be able to access the Work order Items for which they are Scheduled in the work order editing form. In other words if you do not want a Sub contractor or tech - restricted user to see parts of a work order do not add them to the Scheduled users collection on those work order items
|
||||||
|
|
||||||
|
|
||||||
* Work order Cost field restrictions
|
* Work order Cost field restrictions
|
||||||
* Only inside staff user types can even *potentially* see costs of anything on work order.
|
*Work orders can show Costs for various items on them but these costs are only displayed for a select few users:
|
||||||
* Non staff user types can not see costs at all no matter what role is set for them: customer headoffice or subcontractor types.
|
* Non staff user types (customer headoffice or subcontractor) can not see costs at all no matter what roles are set for them
|
||||||
* Cost restrictions are not only hidden in work order user interface but are also sent as zeros in the data from the server so viewing the network traffic will still not reveal the costs to a cost restricted user
|
* WorkOrderItemParts costs: to see these costs, the user must have one of the following roles: InventoryRestricted, Inventory, BizAdmin (full), Accounting
|
||||||
* Cost restrictions also apply to reporting so a report with cost fields on it will show those values as zero if the current user is restricted from seeing costs
|
* WorkOrderItemLabor / WorkOrderItemTravel / WorkOrderItemLoan costs: user must have one of the following roles: ServiceRestricted, Service, BizAdmin (full), Accounting
|
||||||
* Specifically on work order, costs potentially not shown are for following objects: WorkorderItemParts, WorkOrderItemLabor, WorkOrderItemTravel, WorkOrderItemLoan
|
* Reporting convenience fields: fields are included on work order header report data to indicate which costs are hidden: HasPartCosts, HasTravelAndLaborRateCosts, HasLoanItemCosts
|
||||||
* WorkOrderItemParts costs: in addition to above restrictions, user must have one of the following roles: InventoryRestricted, Inventory, BizAdmin (full), Accounting
|
* Costs to restricted users are not only hidden in work order user interface but are also sent as zeros in the data from the server
|
||||||
* This means all Technician (and any other) role users will not see costs for these parts by default unless they also have one of those specific roles
|
* Cost restrictions also apply to reporting so a report with cost fields on it will show those values as zero if the current user is restricted from seeing costs
|
||||||
* WorkOrderItemLabor / WorkOrderItemTravel / WorkOrderItemLoan costs: in addition to staff user restrictions, user must have one of the following roles: ServiceRestricted, Service, BizAdmin (full), Accounting
|
|
||||||
* This means all Technician (and any other) role users will not see costs for these rates by default unless they also have one of those specific roles
|
|
||||||
* Reporting: Three boolean fields are included on work order header data to indicate which costs are hidden -HasPartCosts, HasTravelAndLaborRateCosts, HasLoanItemCosts
|
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -121,6 +121,21 @@ namespace AyaNova.Biz
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//For restricted users that are not allowed to view woitems unless they are scheduled on them
|
||||||
|
//(Tech - Restricted role, Sub-contractor user type)
|
||||||
|
//not that this is a further limitation (level 2) beyond basic role security (level 1) so this would apply
|
||||||
|
//to users that are already allowed to view some aspect of a workorder
|
||||||
|
//and in addition there could be further limitations (level 3)
|
||||||
|
internal bool UserCanViewSelfScheduledItemsOnly
|
||||||
|
{
|
||||||
|
get
|
||||||
|
{
|
||||||
|
if (CurrentUserType == UserType.ServiceContractor) return true;//any subcontractor can only see their own woitems at most with further restrictions possible
|
||||||
|
//Now check roles (same as rates as accessed via svc area)
|
||||||
|
return (CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// internal bool IsTechRestricted
|
// internal bool IsTechRestricted
|
||||||
// {
|
// {
|
||||||
// get
|
// get
|
||||||
@@ -305,6 +320,28 @@ namespace AyaNova.Biz
|
|||||||
var stat = await GetCurrentWorkOrderStatusFromRelatedAsync(BizType, ret.Id);
|
var stat = await GetCurrentWorkOrderStatusFromRelatedAsync(BizType, ret.Id);
|
||||||
ret.IsLockedAtServer = stat.Locked;
|
ret.IsLockedAtServer = stat.Locked;
|
||||||
|
|
||||||
|
//if restricted user then remove any Work order items they are not scheduled on
|
||||||
|
if (UserCanViewSelfScheduledItemsOnly)
|
||||||
|
{
|
||||||
|
List<WorkOrderItem> removeItems = new List<WorkOrderItem>();
|
||||||
|
//gather list of items to remove by checking if they are scheduled on them or not
|
||||||
|
foreach (WorkOrderItem wi in ret.Items)
|
||||||
|
{
|
||||||
|
var userIsSelfScheduledOnThisItem = false;
|
||||||
|
foreach (WorkOrderItemScheduledUser su in wi.ScheduledUsers)
|
||||||
|
{
|
||||||
|
if (su.UserId == UserId)
|
||||||
|
{
|
||||||
|
userIsSelfScheduledOnThisItem = true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (!userIsSelfScheduledOnThisItem) removeItems.Add(wi);
|
||||||
|
}
|
||||||
|
foreach (var removeitem in removeItems)
|
||||||
|
ret.Items.Remove(removeitem);
|
||||||
|
}
|
||||||
|
|
||||||
if (populateDisplayFields)
|
if (populateDisplayFields)
|
||||||
await WorkOrderPopulateVizFields(ret, false);
|
await WorkOrderPopulateVizFields(ret, false);
|
||||||
|
|
||||||
@@ -1078,10 +1115,10 @@ namespace AyaNova.Biz
|
|||||||
//
|
//
|
||||||
private async Task WorkOrderPopulateVizFields(WorkOrder o, bool headerOnly)
|
private async Task WorkOrderPopulateVizFields(WorkOrder o, bool headerOnly)
|
||||||
{
|
{
|
||||||
o.HasLoanItemCosts=UserCanViewLoanerCosts;
|
o.HasLoanItemCosts = UserCanViewLoanerCosts;
|
||||||
o.HasPartCosts=UserCanViewPartCosts;
|
o.HasPartCosts = UserCanViewPartCosts;
|
||||||
o.HasTravelAndLaborRateCosts=UserCanViewLaborOrTravelRateCosts;
|
o.HasTravelAndLaborRateCosts = UserCanViewLaborOrTravelRateCosts;
|
||||||
|
|
||||||
if (!headerOnly)
|
if (!headerOnly)
|
||||||
{
|
{
|
||||||
foreach (var v in o.States)
|
foreach (var v in o.States)
|
||||||
|
|||||||
Reference in New Issue
Block a user