admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2022-08-23 14:59:58 +00:00
parent a9b7cafc1d
commit f8f0aeba4c
4 changed files with 76 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
server/AyaNova/biz/UserBiz.cs
View File

@@ -339,8 +339,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here
if (
(newObject.IsOutsideUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.Customer)) ||
(!newObject.IsOutsideUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.User))
(newObject.IsOutsideCustomerContactTypeUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.Customer)) ||
(!newObject.IsOutsideCustomerContactTypeUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.User))
)
{
AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -452,8 +452,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here
if (
(dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
(dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
)
{
AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -558,8 +558,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here
if (
(dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
(dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
)
{
AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -669,8 +669,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here
if (
(dbObject.IsOutsideUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.User))
(dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.User))
)
{
AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -739,7 +739,7 @@ namespace AyaNova.Biz
//UserType change has Inside / Outside role implications
//a user attempting to change a UserType between inside or outside status must have the correct rights
//to *BOTH* Customer and User since it's affecting both types
if (!isNew && (currentObj.IsOutsideUser != proposedObj.IsOutsideUser))
if (!isNew && (currentObj.IsOutsideCustomerContactTypeUser != proposedObj.IsOutsideCustomerContactTypeUser))
{
//only can change if have both rights
if (
@@ -751,18 +751,70 @@ namespace AyaNova.Biz
}
}
//do we need to check the license situation?
if (proposedObj.IsTech && proposedObj.Active)
#if (SUBSCRIPTION_BUILD)
//Check the SUBSCRIPTION license allows this
//INTERNAL USERS
if (!proposedObj.IsOutsideCustomerContactTypeUser && proposedObj.Active)
{
//Yes, it might be affected depending on things
long CurrentActiveCount = await UserBiz.ActiveTechUserCountAsync();
HERE
long LicensedUserCount = AyaNova.Core.License.ActiveKey.ActiveTechsCount;
long CurrentActiveInternalUserCount = await UserBiz.ActiveInternalUserCountAsync();
long LicensedInternalUserCount = AyaNova.Core.License.ActiveKey.ActiveInternalUsersCount;
if (isNew)
{
//This operation is about to consume one more license, check that we are not at the limit already
await CheckActiveForValidation(CurrentActiveCount, LicensedUserCount);
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveInternalUserCount, LicensedInternalUserCount);
}
else
{
//did anything that might affect licensing change?
if (currentObj.IsOutsideCustomerContactTypeUser || (!currentObj.Active))//currently not a inside user or if it is it's not active
{
//going from non inside to inside and/or to active
//Yes, this is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveInternalUserCount, LicensedInternalUserCount);
}
}
}
//CUSTOMERS
if (proposedObj.IsOutsideCustomerContactTypeUser && proposedObj.Active)
{
//Yes, it might be affected depending on things
long CurrentActiveCustomerContactUserCount = await UserBiz.ActiveCustomerContactUserCountAsync();
long LicensedCustomerContactCount = AyaNova.Core.License.ActiveKey.ActiveCustomerContactUsersCount;
if (isNew)
{
//This operation is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveCustomerContactUserCount, LicensedCustomerContactCount);
}
else
{
//did anything that might affect licensing change?
if (!currentObj.IsOutsideCustomerContactTypeUser || (!currentObj.Active))//currently not a customer contact user or if it is it's not active
{
//going from non customer contact to customer contact and or active (may not happen but better safe than sorry down the road some day)
//Yes, this is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveCustomerContactUserCount, LicensedCustomerContactCount);
}
}
}
#else
//Check the PERPETUAL license allows this
//TECHS ONLY
if (proposedObj.IsTech && proposedObj.Active)
{
//Yes, it might be affected depending on things
long CurrentActiveTechCount = await UserBiz.ActiveTechUserCountAsync();
long LicensedTechCount = AyaNova.Core.License.ActiveKey.ActiveTechsCount;
if (isNew)
{
//This operation is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveTechCount, LicensedTechCount);
}
else
{
@@ -771,15 +823,14 @@ namespace AyaNova.Biz
{
//going from non tech to tech and active
//Yes, this is about to consume one more license, check that we are not at the limit already
await CheckActiveForValidation(CurrentActiveCount, LicensedUserCount);
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveTechCount, LicensedTechCount);
}
}
}
#endif
// TODO: check user count if not new to see if affected that way
//also check user count in general to see if it's exceeded
//And maybe check it in login as well as a good central spot or wherever makes sense
//Name required
if (string.IsNullOrWhiteSpace(proposedObj.Name))
@@ -900,11 +951,11 @@ namespace AyaNova.Biz
return;
}
private async Task CheckActiveForValidation(long CurrentActiveCount, long LicensedUserCount)
private async Task AddErrorIfExcessUsersAnyBuildType(long CurrentActiveCount, long LicensedUserCount)
{
if (CurrentActiveCount >= LicensedUserCount)
{
AddError(ApiErrorCode.INVALID_OPERATION, "generalerror", await Translate("ErrorSecurityUserCapacity"));
AddError(ApiErrorCode.INVALID_OPERATION, "generalerror", await Translate("ErrorSecurityUserCapacity"));//THIS IS A GENERIC ERROR GOOD FOR ANY BUILD TYPE
}
}

4
server/AyaNova/biz/UserOptionsBiz.cs
View File

@@ -93,8 +93,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here
if (
(u.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!u.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
(u.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!u.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
)
{
AddError(ApiErrorCode.NOT_AUTHORIZED);