admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-07-13 18:56:13 +00:00
parent b1880ecf04
commit d06986cf53
3 changed files with 93 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
server/AyaNova/biz/BizRoles.cs
View File

@@ -312,14 +312,14 @@ namespace AyaNova.Biz
//
roles.Add(AyaType.ServiceRate, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdmin | AuthorizationRoles.Accounting,
ReadFullRecord = AuthorizationRoles.Service
Change = AuthorizationRoles.Service
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.Accounting,
ReadFullRecord = AuthorizationRoles.Service//these people can see costs so very limited
| AuthorizationRoles.Sales
| AuthorizationRoles.Tech
| AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.ServiceRestricted
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.TechRestricted,
| AuthorizationRoles.ServiceRestricted,
Select = AuthorizationRoles.All
});
@@ -329,14 +329,14 @@ namespace AyaNova.Biz
//
roles.Add(AyaType.TravelRate, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdmin | AuthorizationRoles.Accounting,
ReadFullRecord = AuthorizationRoles.Service
Change = AuthorizationRoles.Service
| AuthorizationRoles.BizAdmin
| AuthorizationRoles.Accounting,
ReadFullRecord = AuthorizationRoles.Service//these people can see costs so very limited
| AuthorizationRoles.Sales
| AuthorizationRoles.Tech
| AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.ServiceRestricted
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.TechRestricted,
| AuthorizationRoles.ServiceRestricted,
Select = AuthorizationRoles.All
});

81
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -25,6 +25,7 @@ namespace AyaNova.Biz
UserTranslationId = userTranslationId;
CurrentUserRoles = UserRoles;
BizType = AyaType.WorkOrder;
CurrentUserType = currentUserType;
}
internal static WorkOrderBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null)
@@ -56,6 +57,61 @@ namespace AyaNova.Biz
#region WorkOrder level
////////////////////////////////////////////////////////////////////////////////////////////////
// SUBRIGHTS / RESTRICTIONS FOR WORK ORDER
//
internal UserType CurrentUserType { get; set; }
internal bool UserCanViewPartCosts
{
get
{
//the "for sure can not view part cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles
return (CurrentUserRoles.HasFlag(AuthorizationRoles.InventoryRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Inventory)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
internal bool UserCanViewLaborOrTravelRateCosts
{
get
{
//the "for sure can not view labor cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles
return (CurrentUserRoles.HasFlag(AuthorizationRoles.Service)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
// internal bool IsTechRestricted
// {
// get
// {
// return CurrentUserType == UserType.Service
// && !CurrentUserRoles.HasFlag(AuthorizationRoles.Tech)
// && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractorRestricted);
// }
// }
////////////////////////////////////////////////////////////////////////////////////////////////
//EXISTS
internal async Task<bool> WorkOrderExistsAsync(long id)
@@ -63,6 +119,8 @@ namespace AyaNova.Biz
return await ct.WorkOrder.AnyAsync(z => z.Id == id);
}
////////////////////////////////////////////////////////////////////////////////////////////////
//CREATE
//
@@ -2863,6 +2921,13 @@ namespace AyaNova.Biz
}
o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz;
//RESTRICTIONS ON COST VISIBILITY?
if (!UserCanViewLaborOrTravelRateCosts)
{
o.CostViz = 0;
}
}
// ////////////////////////////////////////////////////////////////////////////////////////////////
@@ -4246,6 +4311,12 @@ namespace AyaNova.Biz
}
}
o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz;
//RESTRICTED COST FIELD??
if (!UserCanViewPartCosts)
o.Cost = 0;//cost already used in calcs and will not be updated on any update operation so this ensures the cost isn't sent over the wire
}
////////////////////////////////////////////////////////////////////////////////////////////////
@@ -4270,6 +4341,10 @@ namespace AyaNova.Biz
if (newObj.PartId == oldObj.PartId)
{
SnapshotPricing = false;
//maintain old cost as it can come from the client as zero when it shouldn't be or someone using the api and setting it directly
//but we will only allow the price *we* set at the server initially
newObj.Cost = oldObj.Cost;
}
}
@@ -5728,6 +5803,12 @@ namespace AyaNova.Biz
}
}
o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz;
//RESTRICTIONS ON COST VISIBILITY?
if (!UserCanViewLaborOrTravelRateCosts)
{
o.CostViz = 0;
}
}

2
server/AyaNova/models/WorkOrder.cs
View File

@@ -89,6 +89,8 @@ namespace AyaNova.Models
public bool IsLockedAtServer { get; set; } = false;//signal to client that it came from the server in a locked state
[NotMapped]
public string AlertViz { get; set; } = null;
[NotMapped]
public bool HasPartCosts { get; set; } = false;//signal to client that part costs were not populated (due to user rights / role / type)
[NotMapped, JsonIgnore]