admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2020-12-22 17:55:30 +00:00
parent 4b17cec79a
commit e5bdb635b7
5 changed files with 23 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
server/AyaNova/DataList/DataListFetcher.cs
View File

@@ -48,7 +48,7 @@ namespace AyaNova.DataList
//Hard coded extra criteria from server end
if (DataList is IAyaDataListViewServerCriteria)
{
var ServerCriteriaListView = JArray.Parse(((IAyaDataListViewServerCriteria)DataList).ListViewServerCriteria(userId));
var ServerCriteriaListView = JArray.Parse(((IAyaDataListViewServerCriteria)DataList).ListViewServerCriteria(await ct.User.AsNoTracking().FirstOrDefaultAsync(z => z.Id == userId), ct));
foreach (JToken jt in ServerCriteriaListView)
InternalListViewArray.Add(jt);
}
@@ -267,7 +267,7 @@ namespace AyaNova.DataList
//Hard coded extra criteria from server end
if (DataList is IAyaDataListViewServerCriteria)
{
var ServerCriteriaListView = JArray.Parse(((IAyaDataListViewServerCriteria)DataList).ListViewServerCriteria(userId));
var ServerCriteriaListView = JArray.Parse(((IAyaDataListViewServerCriteria)DataList).ListViewServerCriteria(await ct.User.AsNoTracking().FirstOrDefaultAsync(z => z.Id == userId), ct));
foreach (JToken jt in ServerCriteriaListView)
ListViewArray.Add(jt);
}

4
server/AyaNova/DataList/IAyaDataListExtraCriteria.cs
View File

@@ -1,9 +1,9 @@
namespace AyaNova.DataList
{
internal interface IAyaDataListViewServerCriteria
{
{
//Additional criteria for security or other reasons
//hard coded into some lists (e.g. MemoDataList so users can't get other people's memos)
string ListViewServerCriteria (long userId);
string ListViewServerCriteria(AyaNova.Models.User user, AyaNova.Models.AyContext ct);
}
}

5
server/AyaNova/DataList/MemoDataList.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Generic;
using Newtonsoft.Json.Linq;
using AyaNova.Models;
using AyaNova.Biz;
namespace AyaNova.DataList
{
@@ -137,9 +138,9 @@ namespace AyaNova.DataList
string IAyaDataListViewServerCriteria.ListViewServerCriteria(long userId)
string IAyaDataListViewServerCriteria.ListViewServerCriteria(User user, AyaNova.Models.AyContext ct)
{
return "[{\"fld\":\"metamemoto\",\"filter\":{\"items\":[{\"op\":\"=\",\"value\":" + userId.ToString() + "}]}}]";
return "[{\"fld\":\"metamemoto\",\"filter\":{\"items\":[{\"op\":\"=\",\"value\":" + user.Id.ToString() + "}]}}]";
}
}//eoc

7
server/AyaNova/DataList/ReminderDataList.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Generic;
using Newtonsoft.Json.Linq;
using AyaNova.Models;
using AyaNova.Biz;
namespace AyaNova.DataList
{
@@ -17,7 +18,7 @@ namespace AyaNova.DataList
//######## DEFAULT VIEW WHEN NO VIEW CHOSEN ############
dynamic dlistView = new JArray();
dynamic cm = new JObject();
cm.fld = "ReminderName";
dlistView.Add(cm);
@@ -113,9 +114,9 @@ namespace AyaNova.DataList
}
//Ensure only current user can fetch their reminders
string IAyaDataListViewServerCriteria.ListViewServerCriteria(long userId)
string IAyaDataListViewServerCriteria.ListViewServerCriteria(User user, AyContext ct)
{
return "[{\"fld\":\"metareminderuser\",\"filter\":{\"items\":[{\"op\":\"=\",\"value\":" + userId.ToString() + "}]}}]";
return "[{\"fld\":\"metareminderuser\",\"filter\":{\"items\":[{\"op\":\"=\",\"value\":" + user.Id.ToString() + "}]}}]";
}
}//eoc

14
server/AyaNova/DataList/ReviewDataList.cs
View File

@@ -1,5 +1,6 @@
using System.Collections.Generic;
using Newtonsoft.Json.Linq;
using AyaNova.Models;
using AyaNova.Biz;
namespace AyaNova.DataList
{
@@ -184,9 +185,18 @@ namespace AyaNova.DataList
string IAyaDataListViewServerCriteria.ListViewServerCriteria(long userId)
string IAyaDataListViewServerCriteria.ListViewServerCriteria(User user, AyaNova.Models.AyContext ct)
{
return "[{\"fld\":\"metareviewuser\",\"filter\":{\"items\":[{\"op\":\"=\",\"value\":" + userId.ToString() + "}]}}]";
var CurrentUserRoles = user.Roles;
bool HasSupervisorRole =
CurrentUserRoles.HasFlag(AuthorizationRoles.BizAdminFull) ||
CurrentUserRoles.HasFlag(AuthorizationRoles.DispatchFull) ||
CurrentUserRoles.HasFlag(AuthorizationRoles.InventoryFull) ||
CurrentUserRoles.HasFlag(AuthorizationRoles.SalesFull) ||
CurrentUserRoles.HasFlag(AuthorizationRoles.AccountingFull);
if (!HasSupervisorRole)
return "[{\"fld\":\"metareviewuser\",\"filter\":{\"items\":[{\"op\":\"=\",\"value\":" + user.Id.ToString() + "}]}}]";
return null;
}
}//eoc