This commit is contained in:
2022-08-23 14:59:58 +00:00
parent a9b7cafc1d
commit f8f0aeba4c
4 changed files with 76 additions and 25 deletions

View File

@@ -339,8 +339,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user) //Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here //by users with no User right but with Customer rights so need to double check here
if ( if (
(newObject.IsOutsideUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.Customer)) || (newObject.IsOutsideCustomerContactTypeUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.Customer)) ||
(!newObject.IsOutsideUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.User)) (!newObject.IsOutsideCustomerContactTypeUser && !Authorized.HasCreateRole(CurrentUserRoles, AyaType.User))
) )
{ {
AddError(ApiErrorCode.NOT_AUTHORIZED); AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -452,8 +452,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user) //Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here //by users with no User right but with Customer rights so need to double check here
if ( if (
(dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) || (dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User)) (!dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
) )
{ {
AddError(ApiErrorCode.NOT_AUTHORIZED); AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -558,8 +558,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user) //Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here //by users with no User right but with Customer rights so need to double check here
if ( if (
(dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) || (dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User)) (!dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
) )
{ {
AddError(ApiErrorCode.NOT_AUTHORIZED); AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -669,8 +669,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user) //Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here //by users with no User right but with Customer rights so need to double check here
if ( if (
(dbObject.IsOutsideUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.Customer)) || (dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.Customer)) ||
(!dbObject.IsOutsideUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.User)) (!dbObject.IsOutsideCustomerContactTypeUser && !Authorized.HasDeleteRole(CurrentUserRoles, AyaType.User))
) )
{ {
AddError(ApiErrorCode.NOT_AUTHORIZED); AddError(ApiErrorCode.NOT_AUTHORIZED);
@@ -739,7 +739,7 @@ namespace AyaNova.Biz
//UserType change has Inside / Outside role implications //UserType change has Inside / Outside role implications
//a user attempting to change a UserType between inside or outside status must have the correct rights //a user attempting to change a UserType between inside or outside status must have the correct rights
//to *BOTH* Customer and User since it's affecting both types //to *BOTH* Customer and User since it's affecting both types
if (!isNew && (currentObj.IsOutsideUser != proposedObj.IsOutsideUser)) if (!isNew && (currentObj.IsOutsideCustomerContactTypeUser != proposedObj.IsOutsideCustomerContactTypeUser))
{ {
//only can change if have both rights //only can change if have both rights
if ( if (
@@ -751,18 +751,70 @@ namespace AyaNova.Biz
} }
} }
//do we need to check the license situation?
if (proposedObj.IsTech && proposedObj.Active) #if (SUBSCRIPTION_BUILD)
//Check the SUBSCRIPTION license allows this
//INTERNAL USERS
if (!proposedObj.IsOutsideCustomerContactTypeUser && proposedObj.Active)
{ {
//Yes, it might be affected depending on things //Yes, it might be affected depending on things
long CurrentActiveCount = await UserBiz.ActiveTechUserCountAsync(); long CurrentActiveInternalUserCount = await UserBiz.ActiveInternalUserCountAsync();
HERE long LicensedInternalUserCount = AyaNova.Core.License.ActiveKey.ActiveInternalUsersCount;
long LicensedUserCount = AyaNova.Core.License.ActiveKey.ActiveTechsCount;
if (isNew) if (isNew)
{ {
//This operation is about to consume one more license, check that we are not at the limit already //This operation is about to consume one more license, check that we are not at the limit already
await CheckActiveForValidation(CurrentActiveCount, LicensedUserCount); await AddErrorIfExcessUsersAnyBuildType(CurrentActiveInternalUserCount, LicensedInternalUserCount);
}
else
{
//did anything that might affect licensing change?
if (currentObj.IsOutsideCustomerContactTypeUser || (!currentObj.Active))//currently not a inside user or if it is it's not active
{
//going from non inside to inside and/or to active
//Yes, this is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveInternalUserCount, LicensedInternalUserCount);
}
}
}
//CUSTOMERS
if (proposedObj.IsOutsideCustomerContactTypeUser && proposedObj.Active)
{
//Yes, it might be affected depending on things
long CurrentActiveCustomerContactUserCount = await UserBiz.ActiveCustomerContactUserCountAsync();
long LicensedCustomerContactCount = AyaNova.Core.License.ActiveKey.ActiveCustomerContactUsersCount;
if (isNew)
{
//This operation is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveCustomerContactUserCount, LicensedCustomerContactCount);
}
else
{
//did anything that might affect licensing change?
if (!currentObj.IsOutsideCustomerContactTypeUser || (!currentObj.Active))//currently not a customer contact user or if it is it's not active
{
//going from non customer contact to customer contact and or active (may not happen but better safe than sorry down the road some day)
//Yes, this is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveCustomerContactUserCount, LicensedCustomerContactCount);
}
}
}
#else
//Check the PERPETUAL license allows this
//TECHS ONLY
if (proposedObj.IsTech && proposedObj.Active)
{
//Yes, it might be affected depending on things
long CurrentActiveTechCount = await UserBiz.ActiveTechUserCountAsync();
long LicensedTechCount = AyaNova.Core.License.ActiveKey.ActiveTechsCount;
if (isNew)
{
//This operation is about to consume one more license, check that we are not at the limit already
await AddErrorIfExcessUsersAnyBuildType(CurrentActiveTechCount, LicensedTechCount);
} }
else else
{ {
@@ -771,15 +823,14 @@ namespace AyaNova.Biz
{ {
//going from non tech to tech and active //going from non tech to tech and active
//Yes, this is about to consume one more license, check that we are not at the limit already //Yes, this is about to consume one more license, check that we are not at the limit already
await CheckActiveForValidation(CurrentActiveCount, LicensedUserCount); await AddErrorIfExcessUsersAnyBuildType(CurrentActiveTechCount, LicensedTechCount);
} }
} }
} }
#endif
// TODO: check user count if not new to see if affected that way
//also check user count in general to see if it's exceeded
//And maybe check it in login as well as a good central spot or wherever makes sense
//Name required //Name required
if (string.IsNullOrWhiteSpace(proposedObj.Name)) if (string.IsNullOrWhiteSpace(proposedObj.Name))
@@ -900,11 +951,11 @@ namespace AyaNova.Biz
return; return;
} }
private async Task CheckActiveForValidation(long CurrentActiveCount, long LicensedUserCount) private async Task AddErrorIfExcessUsersAnyBuildType(long CurrentActiveCount, long LicensedUserCount)
{ {
if (CurrentActiveCount >= LicensedUserCount) if (CurrentActiveCount >= LicensedUserCount)
{ {
AddError(ApiErrorCode.INVALID_OPERATION, "generalerror", await Translate("ErrorSecurityUserCapacity")); AddError(ApiErrorCode.INVALID_OPERATION, "generalerror", await Translate("ErrorSecurityUserCapacity"));//THIS IS A GENERIC ERROR GOOD FOR ANY BUILD TYPE
} }
} }

View File

@@ -93,8 +93,8 @@ namespace AyaNova.Biz
//Also used for Contacts (customer type user or ho type user) //Also used for Contacts (customer type user or ho type user)
//by users with no User right but with Customer rights so need to double check here //by users with no User right but with Customer rights so need to double check here
if ( if (
(u.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) || (u.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.Customer)) ||
(!u.IsOutsideUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User)) (!u.IsOutsideCustomerContactTypeUser && !Authorized.HasModifyRole(CurrentUserRoles, AyaType.User))
) )
{ {
AddError(ApiErrorCode.NOT_AUTHORIZED); AddError(ApiErrorCode.NOT_AUTHORIZED);

View File

@@ -133,7 +133,7 @@ namespace AyaNova.Models
} }
} }
public bool IsOutsideUser public bool IsOutsideCustomerContactTypeUser
{ {
get get
{ {

View File

@@ -795,7 +795,7 @@ namespace AyaNova.Core
#else #else
if (await AyaNova.Biz.UserBiz.ActiveTechUserCountAsync() > _ActiveLicense.ActiveNumber) if (await AyaNova.Biz.UserBiz.ActiveTechUserCountAsync() > _ActiveLicense.ActiveTechsCount)
{ {
var msg = $"E1020 - Active count exceeded capacity"; var msg = $"E1020 - Active count exceeded capacity";
apiServerState.SetSystemLock(msg); apiServerState.SetSystemLock(msg);