admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-07-13 18:56:13 +00:00
parent b1880ecf04
commit d06986cf53
3 changed files with 93 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
server/AyaNova/biz/BizRoles.cs
View File

@@ -312,14 +312,14 @@ namespace AyaNova.Biz
// //
roles.Add(AyaType.ServiceRate, new BizRoleSet() roles.Add(AyaType.ServiceRate, new BizRoleSet()
{ {
Change = AuthorizationRoles.BizAdmin | AuthorizationRoles.Accounting, Change = AuthorizationRoles.Service
ReadFullRecord = AuthorizationRoles.Service | AuthorizationRoles.BizAdmin
| AuthorizationRoles.Accounting,
ReadFullRecord = AuthorizationRoles.Service//these people can see costs so very limited
| AuthorizationRoles.Sales | AuthorizationRoles.Sales
| AuthorizationRoles.Tech | AuthorizationRoles.Tech
| AuthorizationRoles.BizAdminRestricted | AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.ServiceRestricted | AuthorizationRoles.ServiceRestricted,
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.TechRestricted,
Select = AuthorizationRoles.All Select = AuthorizationRoles.All
}); });
@@ -329,14 +329,14 @@ namespace AyaNova.Biz
// //
roles.Add(AyaType.TravelRate, new BizRoleSet() roles.Add(AyaType.TravelRate, new BizRoleSet()
{ {
Change = AuthorizationRoles.BizAdmin | AuthorizationRoles.Accounting, Change = AuthorizationRoles.Service
ReadFullRecord = AuthorizationRoles.Service | AuthorizationRoles.BizAdmin
| AuthorizationRoles.Accounting,
ReadFullRecord = AuthorizationRoles.Service//these people can see costs so very limited
| AuthorizationRoles.Sales | AuthorizationRoles.Sales
| AuthorizationRoles.Tech | AuthorizationRoles.Tech
| AuthorizationRoles.BizAdminRestricted | AuthorizationRoles.BizAdminRestricted
| AuthorizationRoles.ServiceRestricted | AuthorizationRoles.ServiceRestricted,
| AuthorizationRoles.SalesRestricted
| AuthorizationRoles.TechRestricted,
Select = AuthorizationRoles.All Select = AuthorizationRoles.All
}); });

81
server/AyaNova/biz/WorkOrderBiz.cs
View File

@@ -25,6 +25,7 @@ namespace AyaNova.Biz
UserTranslationId = userTranslationId; UserTranslationId = userTranslationId;
CurrentUserRoles = UserRoles; CurrentUserRoles = UserRoles;
BizType = AyaType.WorkOrder; BizType = AyaType.WorkOrder;
CurrentUserType = currentUserType;
} }
internal static WorkOrderBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null) internal static WorkOrderBiz GetBiz(AyContext ct, Microsoft.AspNetCore.Http.HttpContext httpContext = null)
@@ -56,6 +57,61 @@ namespace AyaNova.Biz
#region WorkOrder level #region WorkOrder level
////////////////////////////////////////////////////////////////////////////////////////////////
// SUBRIGHTS / RESTRICTIONS FOR WORK ORDER
//
internal UserType CurrentUserType { get; set; }
internal bool UserCanViewPartCosts
{
get
{
//the "for sure can not view part cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles
return (CurrentUserRoles.HasFlag(AuthorizationRoles.InventoryRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Inventory)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
internal bool UserCanViewLaborOrTravelRateCosts
{
get
{
//the "for sure can not view labor cost" user types
switch (CurrentUserType)
{
case UserType.Customer:
case UserType.HeadOffice:
case UserType.ServiceContractor:
return false;
}
//Now check roles
return (CurrentUserRoles.HasFlag(AuthorizationRoles.Service)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.ServiceRestricted)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdmin)
|| CurrentUserRoles.HasFlag(AuthorizationRoles.Accounting));
}
}
// internal bool IsTechRestricted
// {
// get
// {
// return CurrentUserType == UserType.Service
// && !CurrentUserRoles.HasFlag(AuthorizationRoles.Tech)
// && CurrentUserRoles.HasFlag(AuthorizationRoles.SubContractorRestricted);
// }
// }
//////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////////
//EXISTS //EXISTS
internal async Task<bool> WorkOrderExistsAsync(long id) internal async Task<bool> WorkOrderExistsAsync(long id)
@@ -63,6 +119,8 @@ namespace AyaNova.Biz
return await ct.WorkOrder.AnyAsync(z => z.Id == id); return await ct.WorkOrder.AnyAsync(z => z.Id == id);
} }
//////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////////
//CREATE //CREATE
// //
@@ -2863,6 +2921,13 @@ namespace AyaNova.Biz
} }
o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz; o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz;
//RESTRICTIONS ON COST VISIBILITY?
if (!UserCanViewLaborOrTravelRateCosts)
{
o.CostViz = 0;
}
} }
// //////////////////////////////////////////////////////////////////////////////////////////////// // ////////////////////////////////////////////////////////////////////////////////////////////////
@@ -4246,6 +4311,12 @@ namespace AyaNova.Biz
} }
} }
o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz; o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz;
//RESTRICTED COST FIELD??
if (!UserCanViewPartCosts)
o.Cost = 0;//cost already used in calcs and will not be updated on any update operation so this ensures the cost isn't sent over the wire
} }
//////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////////
@@ -4270,6 +4341,10 @@ namespace AyaNova.Biz
if (newObj.PartId == oldObj.PartId) if (newObj.PartId == oldObj.PartId)
{ {
SnapshotPricing = false; SnapshotPricing = false;
//maintain old cost as it can come from the client as zero when it shouldn't be or someone using the api and setting it directly
//but we will only allow the price *we* set at the server initially
newObj.Cost = oldObj.Cost;
} }
} }
@@ -5728,6 +5803,12 @@ namespace AyaNova.Biz
} }
} }
o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz; o.LineTotalViz = o.NetViz + o.TaxAViz + o.TaxBViz;
//RESTRICTIONS ON COST VISIBILITY?
if (!UserCanViewLaborOrTravelRateCosts)
{
o.CostViz = 0;
}
} }

2
server/AyaNova/models/WorkOrder.cs
View File

@@ -89,6 +89,8 @@ namespace AyaNova.Models
public bool IsLockedAtServer { get; set; } = false;//signal to client that it came from the server in a locked state public bool IsLockedAtServer { get; set; } = false;//signal to client that it came from the server in a locked state
[NotMapped] [NotMapped]
public string AlertViz { get; set; } = null; public string AlertViz { get; set; } = null;
[NotMapped]
public bool HasPartCosts { get; set; } = false;//signal to client that part costs were not populated (due to user rights / role / type)
[NotMapped, JsonIgnore] [NotMapped, JsonIgnore]