2020-01-22 18:10:12 +00:00
parent b5708667c2
commit e78b54b040
8 changed files with 150 additions and 9 deletions
--- a/server/AyaNova/Controllers/DataListController.cs
+++ b/server/AyaNova/Controllers/DataListController.cs
@@ -62,7 +62,7 @@ namespace AyaNova.Api.Controllers
                ApiPagedResponse pr = await DataListFetcher.GetResponse(listOptions.DataListKey, ct, Url, nameof(List), listOptions, UserId, UserRoles);
                return Ok(new ApiOkWithPagingResponse(pr));
            }
-            catch (System.NotSupportedException)
+            catch (System.UnauthorizedAccessException)
            {
                return StatusCode(403, new ApiNotAuthorizedResponse());
            }
--- a/server/AyaNova/DataList/AyaDataList.cs
+++ b/server/AyaNova/DataList/AyaDataList.cs
@@ -20,7 +20,8 @@ namespace AyaNova.DataList

        public string SQLFrom { get; set; }
        public List<AyaDataListFieldDefinition> FieldDefinitions { get; set; }
-        public AuthorizationRoles AllowedRoles { get; set; }
+        public AuthorizationRoles FullListAllowedRoles { get; set; }
+        public AuthorizationRoles MiniListAllowedRoles { get; set; }
        public AyaType DefaultListObjectType { get; set; }
        public string ListKey { get; set; }
        public string DefaultDataListDisplayTemplate { get; set; }
--- a/server/AyaNova/DataList/DataListFetcher.cs
+++ b/server/AyaNova/DataList/DataListFetcher.cs
@@ -26,9 +26,15 @@ namespace AyaNova.DataList
            }

            //check rights
-            if (!UserRoles.HasAnyFlags(DataList.AllowedRoles))
+            if (listOptions.Mini)
+            {                
+                if (!UserRoles.HasAnyFlags(DataList.MiniListAllowedRoles))
+                    throw new System.UnauthorizedAccessException("User roles insufficient for this mini format datalist");
+            }
+            else
            {
-                throw new System.NotSupportedException("User roles insufficient for this datalist");
+                if (!UserRoles.HasAnyFlags(DataList.FullListAllowedRoles))
+                    throw new System.UnauthorizedAccessException("User roles insufficient for this full format datalist");
            }

            //FETCH DATALISTTEMPLATE HERE OR USE DEFAULT IF FAULTY OR NOT FOUND
--- a/server/AyaNova/DataList/IAyaDataList.cs
+++ b/server/AyaNova/DataList/IAyaDataList.cs
@@ -13,8 +13,12 @@ namespace AyaNova.DataList
        //List of fields for this object
        List<AyaDataListFieldDefinition> FieldDefinitions { get; set; }

-        //allowed roles to access this list
-        AuthorizationRoles AllowedRoles { get; set; }
+        //allowed roles to access the full list templated fields
+        AuthorizationRoles FullListAllowedRoles { get; set; }
+
+        //allowed roles to access mini list templated fields
+        AuthorizationRoles MiniListAllowedRoles { get; set; }
+

        //Default object type to open for rows of this list (use no object if no)
        AyaType DefaultListObjectType { get; set; }
--- a/server/AyaNova/DataList/TestWidgetDataList.cs
+++ b/server/AyaNova/DataList/TestWidgetDataList.cs
@@ -9,7 +9,8 @@ namespace AyaNova.DataList
        {
            ListKey = nameof(TestWidgetDataList);
            SQLFrom = "from awidget left outer join auser on (awidget.userid=auser.id)";
-            AllowedRoles = AuthorizationRoles.AllInternalStaff;//anyone but clients and subcontractors (just for test)
+            FullListAllowedRoles = AuthorizationRoles.AllInternalStaff;//anyone but clients and subcontractors (just for test)
+            MiniListAllowedRoles = AuthorizationRoles.All;//anyone (so can select on forms)
            DefaultListObjectType = AyaType.Widget;
            DefaultDataListDisplayTemplate = @"
            {
--- a/server/AyaNova/DataList/TestWidgetUserEmailDataList.cs
+++ b/server/AyaNova/DataList/TestWidgetUserEmailDataList.cs
@@ -17,7 +17,8 @@ namespace AyaNova.DataList
        {
            ListKey = nameof(TestWidgetUserEmailDataList);
            SQLFrom = "from awidget left outer join auser on (awidget.userid=auser.id) left outer join auseroptions on (auser.id=auseroptions.userid)";
-            AllowedRoles = AuthorizationRoles.AllInternalStaff;//anyone but clients and subcontractors (just for test)
+            FullListAllowedRoles = AuthorizationRoles.AllInternalStaff;//anyone but clients and subcontractors (just for test)
+            MiniListAllowedRoles = AuthorizationRoles.All;//anyone (so can select on forms)
            DefaultListObjectType = AyaType.Widget;
            DefaultDataListDisplayTemplate = @"
            {
--- a/server/AyaNova/DataList/UserDataList.cs
+++ b/server/AyaNova/DataList/UserDataList.cs
@@ -0,0 +1,127 @@
+using System.Collections.Generic;
+using AyaNova.Biz;
+namespace AyaNova.DataList
+{
+    internal class UserDataList : AyaDataList
+    {
+
+        public UserDataList()
+        {
+            ListKey = nameof(UserDataList);
+            SQLFrom = "from auser";
+            FullListAllowedRoles = AuthorizationRoles.AllInternalStaff;//anyone but clients and subcontractors (just for test)
+            MiniListAllowedRoles = AuthorizationRoles.All;//anyone (so can select on forms)
+            DefaultListObjectType = AyaType.Widget;
+            DefaultDataListDisplayTemplate = @"
+            {
+                ""full"":[""widgetname"",""widgetserial"",""widgetdollaramount"",""widgetroles"",""widgetstartdate"",""widgetactive"",""username""],
+                ""mini"":[""widgetname"",""widgetserial""]
+            }
+            ";
+
+            //NOTE: Due to the join, all the sql id and name fields that can conflict with the joined (in this case User) table need to be specified completely
+            FieldDefinitions = new List<AyaDataListFieldDefinition>();
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { FieldKey = "df", AyaObjectType = (int)AyaType.Widget, SqlIdColumnName = "awidget.id" });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetName",
+                FieldKey = "widgetname",
+                UiFieldDataType = (int)AyaUiFieldDataType.Text,
+                SqlIdColumnName = "awidget.id",
+                SqlValueColumnName = "awidget.name"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetSerial",
+                FieldKey = "widgetserial",
+                UiFieldDataType = (int)AyaUiFieldDataType.Integer,
+                SqlValueColumnName = "awidget.serial"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetDollarAmount",
+                FieldKey = "widgetdollaramount",
+                UiFieldDataType = (int)AyaUiFieldDataType.Currency,
+                SqlValueColumnName = "awidget.dollaramount"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetCount",
+                FieldKey = "widgetcount",
+                UiFieldDataType = (int)AyaUiFieldDataType.Integer,
+                SqlValueColumnName = "awidget.count"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetRoles",
+                FieldKey = "widgetroles",
+                UiFieldDataType = (int)AyaUiFieldDataType.Enum,
+                EnumType = typeof(AuthorizationRoles).ToString(),
+                SqlValueColumnName = "awidget.roles"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetStartDate",
+                FieldKey = "widgetstartdate",
+                UiFieldDataType = (int)AyaUiFieldDataType.DateTime,
+                SqlValueColumnName = "awidget.startdate"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetEndDate",
+                FieldKey = "widgetenddate",
+                UiFieldDataType = (int)AyaUiFieldDataType.DateTime,
+                SqlValueColumnName = "awidget.enddate"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "WidgetNotes",
+                FieldKey = "widgetnotes",
+                UiFieldDataType = (int)AyaUiFieldDataType.Text,
+                SqlValueColumnName = "awidget.notes"
+            });
+
+            //FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "User", FieldKey = "userid", UiFieldDataType = (int)AyaUiFieldDataType.Text, AyaObjectType = (int)AyaType.User });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                FieldKey = "username",
+                LtKey = "User",
+                UiFieldDataType = (int)AyaUiFieldDataType.Text,
+                AyaObjectType = (int)AyaType.User,
+                SqlIdColumnName = "auser.id",
+                SqlValueColumnName = "auser.name"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "Active",
+                FieldKey = "widgetactive",
+                UiFieldDataType = (int)AyaUiFieldDataType.Bool,
+                SqlValueColumnName = "awidget.active"
+            });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition
+            {
+                LtKey = "Tags",
+                FieldKey = "widgettags",
+                UiFieldDataType = (int)AyaUiFieldDataType.Tags,
+                SqlValueColumnName = "awidget.tags"
+            });
+
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom1", FieldKey = "widgetcustom1", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom2", FieldKey = "widgetcustom2", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom3", FieldKey = "widgetcustom3", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom4", FieldKey = "widgetcustom4", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom5", FieldKey = "widgetcustom5", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom6", FieldKey = "widgetcustom6", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom7", FieldKey = "widgetcustom7", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom8", FieldKey = "widgetcustom8", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom9", FieldKey = "widgetcustom9", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom10", FieldKey = "widgetcustom10", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom11", FieldKey = "widgetcustom11", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom12", FieldKey = "widgetcustom12", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom13", FieldKey = "widgetcustom13", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom14", FieldKey = "widgetcustom14", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom15", FieldKey = "widgetcustom15", IsCustomField = true });
+            FieldDefinitions.Add(new AyaDataListFieldDefinition { LtKey = "WidgetCustom16", FieldKey = "widgetcustom16", IsCustomField = true });
+        }
+    }//eoc
+}//eons