This commit is contained in:
@@ -30,20 +30,8 @@ docs / sections required
|
||||
* Double booking prevention feature in global settings and how it works when scheduling users
|
||||
|
||||
|
||||
* Sub contractors / Technician - Restricted users and Work Orders
|
||||
If a User is set to User type of Sub contractor or if they are a Service type user and are assigned the "Technician - Restricted" role then special limitations apply to them when using the work order form and related features:
|
||||
|
||||
* Service -> Work order list menu area
|
||||
* These restricted Esers are not shown the option of viewing the full work order list. They will access their work orders via their Home -> Schedule form.
|
||||
|
||||
* Work order / work order item can not be created or deleted
|
||||
|
||||
* Work order *Item* restrictions
|
||||
* These restricted Users will only be able to access the Work order Items for which they are Scheduled in the work order editing form. In other words if you do not want a Sub contractor or tech - restricted user to see parts of a work order do not add them to the Scheduled users collection on those work order items
|
||||
* Reporting convenience field: IsCompleteRecord field is included with the report header data to indicate if any items were removed due to restricted user
|
||||
|
||||
|
||||
* Work order Cost field restrictions
|
||||
* Work order Cost field visibility restrictions
|
||||
*Work orders can show Costs for various items on them but these costs are only displayed for a select few users:
|
||||
* Non staff user types (customer headoffice or subcontractor) can not see costs at all no matter what roles are set for them
|
||||
* WorkOrderItemParts costs: to see these costs, the user must have one of the following roles: InventoryRestricted, Inventory, BizAdmin (full), Accounting
|
||||
@@ -53,5 +41,51 @@ docs / sections required
|
||||
* Cost restrictions also apply to reporting so a report with cost fields on it will show those values as zero if the current user is restricted from seeing costs
|
||||
|
||||
|
||||
* Sub contractors / Technician - Restricted users and Work Orders
|
||||
If a User is set to User type of Sub contractor or if they are a Service type user and are assigned the "Technician - Restricted" role then special limitations apply to them:
|
||||
* Service -> Work order list menu area
|
||||
* These restricted Esers are not shown the option of viewing the full work order list. They will access their work orders via their Home -> Schedule form
|
||||
* Work order / work order item can not be created or deleted
|
||||
|
||||
* Work order *Item* restrictions
|
||||
* These restricted Users will only be able to access the Work order Items for which they are Scheduled in the work order editing form. In other words if you do not want a Sub contractor or tech - restricted user to see parts of a work order do not add them to the Scheduled users collection on those work order items
|
||||
* Reporting convenience field: IsCompleteRecord field is included with the report header data to indicate if any items were removed due to restricted user
|
||||
|
||||
* "Tech - Limited" user role specific restrictions
|
||||
* All restrictions listed above in Work order *Item* restrictions plus:
|
||||
* Tasks: view and edit existing tasks only, no add or remove or changing task text
|
||||
* Scheduled Users: view only where they are the selected User and convert to labor record
|
||||
* Labors: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
|
||||
* Travels: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
|
||||
* Units: view only and limited to fields to identify unit
|
||||
* Parts: view only and limited to fields to identify part
|
||||
* Part requests: view only
|
||||
* Expenses: add (no user selection defaults to themselves), view, partial fields available to edit only where they are the selected user and only edit fields Summary, Cost, Tax paid, Description
|
||||
* Loans: view only and limited fields to identify unit and dates
|
||||
* Outside services: view only, limited fields
|
||||
|
||||
* "Sub contractor" User type and "Tech - Limited" user role specific restrictions
|
||||
* All restrictions listed above in Work order *Item* restrictions plus:
|
||||
* Tasks: view and edit existing tasks only, no add or remove or changing task text
|
||||
* Scheduled Users: view only where they are the selected User and convert to labor record
|
||||
* Labors: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
|
||||
* Travels: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
|
||||
* Units: view only and limited to fields to identify unit
|
||||
* Parts: view only and limited to fields to identify part
|
||||
* Part requests: view only
|
||||
* Expenses: add (no user selection defaults to themselves), view, partial fields available to edit only where they are the selected user and only edit fields Summary, Cost, Tax paid, Description
|
||||
* Loans: view only and limited fields to identify unit and dates
|
||||
* Outside services: view only, limited fields
|
||||
|
||||
* "Sub contractor - restricted" user type specific restrictions
|
||||
* All restrictions listed above in Work order *Item* restrictions plus:
|
||||
* Tasks: view and edit existing tasks only, no add or remove or changing task text
|
||||
* Scheduled Users: view only where they are the selected User and convert to labor record
|
||||
* Labors: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
|
||||
* Travels: add (no user selection defaults to themselves), remove, view and edit only when they are the selected User
|
||||
* NO ACCESS TO: Units, Parts, Part Requests, Expenses, Loans, Outside Services
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -83,6 +83,32 @@ namespace AyaNova.Biz
|
||||
}
|
||||
}
|
||||
|
||||
internal bool UserIsRestrictedType
|
||||
{
|
||||
get
|
||||
{
|
||||
switch (CurrentUserType)
|
||||
{
|
||||
case UserType.Customer:
|
||||
case UserType.HeadOffice:
|
||||
case UserType.ServiceContractor:
|
||||
return true;
|
||||
}
|
||||
//Now check roles that have at least partial access to a work order
|
||||
if (CurrentUserRoles.HasFlag(AuthorizationRoles.TechRestricted)) return true;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
internal bool UserIsSubContractorRestricted //most limited type, can not view many objects even in their own scheduled work order item
|
||||
{
|
||||
get
|
||||
{
|
||||
return (CurrentUserType == UserType.ServiceContractor && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractorRestricted));
|
||||
}
|
||||
}
|
||||
|
||||
internal bool UserCanViewPartCosts
|
||||
{
|
||||
get
|
||||
@@ -367,6 +393,25 @@ namespace AyaNova.Biz
|
||||
}
|
||||
}
|
||||
|
||||
//subcontractor restricted can not even view most children of their own scheduled woitem
|
||||
//a further restriction from above. This ensures they are not sent that data even over the wire let alone in the UI
|
||||
if (UserIsSubContractorRestricted)
|
||||
{
|
||||
foreach (WorkOrderItem wi in ret.Items)
|
||||
{
|
||||
wi.ScheduledUsers.RemoveAll(x => x.UserId != UserId);
|
||||
wi.Labors.RemoveAll(x => x.UserId != UserId);
|
||||
wi.Travels.RemoveAll(x => x.UserId != UserId);
|
||||
wi.Units.RemoveAll(x => true);
|
||||
wi.Parts.RemoveAll(x => true);
|
||||
wi.PartRequests.RemoveAll(x => true);
|
||||
wi.Expenses.RemoveAll(x => true);
|
||||
wi.Loans.RemoveAll(x => true);
|
||||
wi.OutsideServices.RemoveAll(x => true);
|
||||
//tasks are allowed to be viewed and update the task completion types
|
||||
}
|
||||
}
|
||||
|
||||
if (populateDisplayFields)
|
||||
await WorkOrderPopulateVizFields(ret, false);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user