admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2021-06-16 00:02:41 +00:00
parent dfe7d990ad
commit e47712d0d8
2 changed files with 13 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
server/AyaNova/Controllers/AuthController.cs
View File

@@ -351,6 +351,7 @@ namespace AyaNova.Api.Controllers
if (u.UserType == UserType.Customer | u.UserType == UserType.HeadOffice) if (u.UserType == UserType.Customer | u.UserType == UserType.HeadOffice)
{ {
//customer type has special rights restrictions for UI features so return them here so client UI can enable or disable //customer type has special rights restrictions for UI features so return them here so client UI can enable or disable
var effectiveRights = await UserBiz.CustomerUserEffectiveRights(u.Id);
return Ok(ApiOkResponse.Response(new return Ok(ApiOkResponse.Response(new
{ {
token = token, token = token,
@@ -359,7 +360,7 @@ namespace AyaNova.Api.Controllers
roles = ((int)u.Roles).ToString(), roles = ((int)u.Roles).ToString(),
dlt = DownloadToken, dlt = DownloadToken,
tfa = u.TwoFactorEnabled, tfa = u.TwoFactorEnabled,
CustomerRights = UserBiz.CustomerUserEffectiveRights(u.Id) CustomerRights = effectiveRights
})); }));
} }
else else

16
server/AyaNova/biz/UserBiz.cs
View File

@@ -112,8 +112,6 @@ namespace AyaNova.Biz
using (AyContext ct = ServiceProviderProvider.DBContext) using (AyContext ct = ServiceProviderProvider.DBContext)
{ {
var UserInfo = await ct.User.AsNoTracking().Where(x => x.Id == userId).Select(x => new { x.UserType, x.HeadOfficeId, x.CustomerId, x.Tags }).FirstAsync(); var UserInfo = await ct.User.AsNoTracking().Where(x => x.Id == userId).Select(x => new { x.UserType, x.HeadOfficeId, x.CustomerId, x.Tags }).FirstAsync();
if (UserInfo.UserType != UserType.Customer && UserInfo.UserType != UserType.HeadOffice) if (UserInfo.UserType != UserType.Customer && UserInfo.UserType != UserType.HeadOffice)
throw new System.NotSupportedException($"UserBiz::CustomerUserEffectiveRights - Requested for non Customer type user with ID {userId} who is UserType: {UserInfo.UserType}"); throw new System.NotSupportedException($"UserBiz::CustomerUserEffectiveRights - Requested for non Customer type user with ID {userId} who is UserType: {UserInfo.UserType}");
@@ -121,12 +119,20 @@ namespace AyaNova.Biz
List<string> AllTags = new List<string>(); List<string> AllTags = new List<string>();
AllTags.AddRange(UserInfo.Tags); AllTags.AddRange(UserInfo.Tags);
//Contact is for a customer or for a head office not both so...
if (UserInfo.CustomerId != null && UserInfo.CustomerId != 0) if (UserInfo.CustomerId != null && UserInfo.CustomerId != 0)
AllTags.AddRange(await ct.Customer.AsNoTracking().Where(x => x.Id == UserInfo.CustomerId).Select(x => x.Tags).FirstAsync()); {
var CustomerInfo = await ct.Customer.AsNoTracking().Where(x => x.Id == UserInfo.CustomerId).Select(x => new { x.HeadOfficeId, x.Tags }).FirstAsync();
if (UserInfo.HeadOfficeId != null && UserInfo.HeadOfficeId != 0) AllTags.AddRange(CustomerInfo.Tags);
//does the customer have a head office??
if (CustomerInfo.HeadOfficeId != null && CustomerInfo.HeadOfficeId != 0)
AllTags.AddRange(await ct.HeadOffice.AsNoTracking().Where(x => x.Id == CustomerInfo.HeadOfficeId).Select(x => x.Tags).FirstAsync());
}
else
if (UserInfo.HeadOfficeId != null && UserInfo.HeadOfficeId != 0)
AllTags.AddRange(await ct.HeadOffice.AsNoTracking().Where(x => x.Id == UserInfo.HeadOfficeId).Select(x => x.Tags).FirstAsync()); AllTags.AddRange(await ct.HeadOffice.AsNoTracking().Where(x => x.Id == UserInfo.HeadOfficeId).Select(x => x.Tags).FirstAsync());
return new CustomerRightsRecord( return new CustomerRightsRecord(
CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowCSR, CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowCSR,
AllTags, AllTags,