From ec9ddce6d40bd9d865f2333b8eb0e0ab42b93f74 Mon Sep 17 00:00:00 2001 From: John Cardinal Date: Thu, 18 Nov 2021 19:51:08 +0000 Subject: [PATCH] --- server/AyaNova/biz/UserBiz.cs | 100 ++++++++++++++++++++++++---------- 1 file changed, 72 insertions(+), 28 deletions(-) diff --git a/server/AyaNova/biz/UserBiz.cs b/server/AyaNova/biz/UserBiz.cs index a16ba0d3..582c348a 100644 --- a/server/AyaNova/biz/UserBiz.cs +++ b/server/AyaNova/biz/UserBiz.cs @@ -107,7 +107,7 @@ namespace AyaNova.Biz } } - internal static async Task CustomerUserEffectiveRightsAsync(long userId, long? workorderId=null) + internal static async Task CustomerUserEffectiveRightsAsync(long userId, long? workorderId = null) { using (AyContext ct = ServiceProviderProvider.DBContext) { @@ -116,24 +116,31 @@ namespace AyaNova.Biz if (UserInfo.UserType != UserType.Customer && UserInfo.UserType != UserType.HeadOffice) throw new System.NotSupportedException($"UserBiz::CustomerUserEffectiveRights - Requested for non Customer type user with ID {userId} who is UserType: {UserInfo.UserType}"); - List AllTags = new List(); - AllTags.AddRange(UserInfo.Tags); + //In global settings there are potentially three separate sets of tags that need to be checked + List ContactCustomerHOTagsCombined = new List();//used for most of the customer access features to determine if can even access that feature + List CustomerWorkOrderReportByTagTags = new List();//CUSTOMER & WORKORDER TAGS COMBINED - used to determine correct report to use with customer wo report + List CustomerWorkOrderWikiAttachmentTags = new List();//CONTACT & CUSTOMER & HO & WO TAGS COMBINED - used to determine wo header access like wiki attachments + + ContactCustomerHOTagsCombined.AddRange(UserInfo.Tags); + CustomerWorkOrderWikiAttachmentTags.AddRange(UserInfo.Tags); bool EntityActive = false; //Contact is for a customer or for a head office not both so... if (UserInfo.CustomerId != null && UserInfo.CustomerId != 0) { var CustomerInfo = await ct.Customer.AsNoTracking().Where(x => x.Id == UserInfo.CustomerId).Select(x => new { x.HeadOfficeId, x.Tags, x.Active }).FirstAsync(); - AllTags.AddRange(CustomerInfo.Tags); + ContactCustomerHOTagsCombined.AddRange(CustomerInfo.Tags); + CustomerWorkOrderReportByTagTags.AddRange(CustomerInfo.Tags); + CustomerWorkOrderWikiAttachmentTags.AddRange(CustomerInfo.Tags); EntityActive = CustomerInfo.Active; //does the customer have a head office?? if (CustomerInfo.HeadOfficeId != null && CustomerInfo.HeadOfficeId != 0) - AllTags.AddRange(await ct.HeadOffice.AsNoTracking().Where(x => x.Id == CustomerInfo.HeadOfficeId).Select(x => x.Tags).FirstAsync()); + ContactCustomerHOTagsCombined.AddRange(await ct.HeadOffice.AsNoTracking().Where(x => x.Id == CustomerInfo.HeadOfficeId).Select(x => x.Tags).FirstAsync()); } else if (UserInfo.HeadOfficeId != null && UserInfo.HeadOfficeId != 0) { var HOInfo = await ct.HeadOffice.AsNoTracking().Where(x => x.Id == UserInfo.HeadOfficeId).Select(x => new { x.Tags, x.Active }).FirstAsync(); - AllTags.AddRange(HOInfo.Tags); + ContactCustomerHOTagsCombined.AddRange(HOInfo.Tags); EntityActive = HOInfo.Active; } @@ -141,44 +148,81 @@ namespace AyaNova.Biz if (UserInfo.UserType == UserType.Customer) EntityId = UserInfo.CustomerId ?? 0; if (UserInfo.UserType == UserType.HeadOffice) EntityId = UserInfo.HeadOfficeId ?? 0; + bool WorkorderIsAllowed = CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowViewWO, + ContactCustomerHOTagsCombined, + AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowViewWOInTags); + + + //Workorder access?? + long? ThisWOEffectiveWorkOrderReportId = null; + bool ThisWOCanWiki = false; + bool ThisWOCanAttachments = false; + if (WorkorderIsAllowed) + { + //default report (may be null and may be more detailed tagged version below) + ThisWOEffectiveWorkOrderReportId = AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerDefaultWorkOrderReportId; + + //If a workorder id was provided add it's tags to the wo tag checking rights items + if (workorderId != null) + { + var WoTags = await ct.WorkOrder.AsNoTracking().Where(x => x.Id == workorderId).Select(x => x.Tags).FirstOrDefaultAsync(); + if (WoTags != null) + { + CustomerWorkOrderReportByTagTags.AddRange(WoTags); + CustomerWorkOrderWikiAttachmentTags.AddRange(WoTags); + } + } + + //determine effective wo report if not default, there are 5 slots, any could be used or not so just iterate from bottom to top, last one wins in case of ties + //this prioritizes the lowest numbered slot automatically, i.e. first choice + if (AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerTagWorkOrderReport5Id != null && AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerWorkOrderReport5Tags.Count > 0) + { + if (CustomerWorkOrderReportByTagTags.Intersect(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerWorkOrderReport5Tags).Any()) + ThisWOEffectiveWorkOrderReportId = AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerTagWorkOrderReport5Id; + + } + + + + + } + return new CustomerRightsRecord( CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowCSR, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowCSRInTags), - CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowViewWO, - AllTags, - AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowViewWOInTags), + WorkorderIsAllowed, CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowWOWiki, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowWOWikiInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowWOAttachments, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowWOAttachmentsInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowUserSettings, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowUserSettingsInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyServiceImminent, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyServiceImminentInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyCSRAccepted, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyCSRAcceptedInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyCSRRejected, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyCSRRejectedInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyWOCreated, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyWOCreatedInTags), CustomerUserEffectiveRightsAllowed(AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyWOCompleted, - AllTags, + ContactCustomerHOTagsCombined, AyaNova.Util.ServerGlobalBizSettings.Cache.CustomerAllowNotifyWOCompletedInTags), EntityId, EntityActive @@ -188,27 +232,27 @@ namespace AyaNova.Biz } - private static bool CustomerUserEffectiveRightsAllowed(bool allowed, List contactTags, List inTags) + private static bool CustomerUserEffectiveRightsAllowed(bool globalSettingsAllows, List contactCustomerHOTagsCombined, List inTags) { //Note: tag match rule as planned and documented is that it's a match if *any* single tag in intags are a match to any single tag in contact tags, //not the whole list, just any one of them which differs from how notifications are checked for example which need to *all* match //if outright banned then quickest short circuit here - if (!allowed) return false; + if (!globalSettingsAllows) return false; //No tags to verify means allowed - if (inTags.Count == 0 ) return true; + if (inTags.Count == 0) return true; - //if contact tags is empty and inclusive is empty then it's a match and can short circuit - if (contactTags.Count == 0) return true; + //if tags is empty and inclusive is empty then it's a match and can short circuit + if (contactCustomerHOTagsCombined.Count == 0) return true; - //if contact tags is empty and inclusive is not empty then no match is possible - if (contactTags.Count == 0 ) return false; + //if tags is empty and inclusive is not empty then no match is possible + if (contactCustomerHOTagsCombined.Count == 0) return false; - //any of the inclusive tags in contact tags? - if (contactTags.Intersect(inTags).Any()) return true; + //any of the inclusive tags in tags? + if (contactCustomerHOTagsCombined.Intersect(inTags).Any()) return true; - return false;//this is because there are contact and in tags but there is no match + return false;//this is because there are contactCustomerHOTagsCombined and in tags but there is no match }