221 lines
8.6 KiB
C#
221 lines
8.6 KiB
C#
using System;
|
|
using System.Collections.Generic;
|
|
using AyaNova.Biz;
|
|
|
|
|
|
namespace AyaNova.Biz
|
|
{
|
|
|
|
/// <summary>
|
|
/// roles of all business objects
|
|
/// </summary>
|
|
internal static class BizRoles
|
|
{
|
|
|
|
static Dictionary<AyaType, BizRoleSet> roles = new Dictionary<AyaType, BizRoleSet>();
|
|
|
|
static BizRoles()
|
|
{
|
|
|
|
//Add all object roles here
|
|
//NOTE: do not need to add change roles to read roles, Authorized.cs takes care of that automatically
|
|
//by assuming if you can change you can read
|
|
|
|
//HOW THIS WORKS / WHATS EXPECTED
|
|
//Change = CREATE, RETRIEVE, UPDATE, DELETE - Full rights
|
|
//ReadFullRecord = You can read *all* the fields of the record, but can't modify it. Change is automatically checked for so only add different roles from change
|
|
//MINI / PICKLIST NOTE: roles do not control getting a list of names for selection which is role independent because it's required for so much indirectly
|
|
//DELETE = There is no specific delete right for now though it's checked for by routes in Authorized.cs in case we want to add it in future as a separate right from create.
|
|
|
|
#region All roles initialization
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//USER
|
|
//
|
|
roles.Add(AyaType.User, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.BizAdminLimited
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//USEROPTIONS
|
|
//(Identical to User, though route also allows own record access full changes)
|
|
//
|
|
roles.Add(AyaType.UserOptions, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.BizAdminLimited
|
|
});
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//WIDGET
|
|
//
|
|
roles.Add(AyaType.Widget, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.InventoryFull,
|
|
ReadFullRecord = AuthorizationRoles.BizAdminLimited | AuthorizationRoles.InventoryLimited
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//SERVERSTATE
|
|
//
|
|
roles.Add(AyaType.ServerState, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.OpsAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.All
|
|
});
|
|
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//LICENSE
|
|
//
|
|
roles.Add(AyaType.License, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.OpsAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.BizAdminLimited | AuthorizationRoles.OpsAdminLimited
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//LOGFILE
|
|
//
|
|
roles.Add(AyaType.LogFile, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.NoRole,
|
|
ReadFullRecord = AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited
|
|
});
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//OPERATIONS / JOBS
|
|
//Only opsfull can change operations
|
|
//ops and biz admin can view operations
|
|
roles.Add(AyaType.JobOperations, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.OpsAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.OpsAdminLimited | AuthorizationRoles.BizAdminFull | AuthorizationRoles.BizAdminLimited
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//AyaNova7Import
|
|
//Only opsfull can change operations and view
|
|
roles.Add(AyaType.AyaNova7Import, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.OpsAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.NoRole
|
|
});
|
|
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//METRICS
|
|
//
|
|
roles.Add(AyaType.Metrics, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.NoRole,
|
|
ReadFullRecord = AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited
|
|
});
|
|
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//LOCALE
|
|
//
|
|
roles.Add(AyaType.Locale, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.OpsAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.All
|
|
});
|
|
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//DATALISTFILTER
|
|
//
|
|
roles.Add(AyaType.DataListFilter, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.All
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//DATALISTTEMPLATE
|
|
//
|
|
roles.Add(AyaType.DataListTemplate, new BizRoleSet()
|
|
{
|
|
Change = AuthorizationRoles.BizAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.All
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////
|
|
//FORMCUSTOM
|
|
//
|
|
roles.Add(AyaType.FormCustom, new BizRoleSet()
|
|
{
|
|
//Only BizAdminFull can modify forms
|
|
Change = AuthorizationRoles.BizAdminFull,
|
|
ReadFullRecord = AuthorizationRoles.All
|
|
});
|
|
|
|
////////////////////////////////////////////////////////////////////
|
|
#endregion all roles init
|
|
|
|
|
|
#region output as JSON for client side
|
|
#if (DEBUG)
|
|
|
|
//################## HOW TO USE ##########
|
|
//############## Uncomment SerializeObject line, put a break on lastRoles, copy from the output in the LOG (good for javascript with quotes formatted that way) #######
|
|
// #### NEED to separately take a copy and update "lastRoles" string here by copying from the variable watch in the debugger because need the C# format escaped quotes string
|
|
|
|
//GENERATE JSON FROM ROLES
|
|
string json = Newtonsoft.Json.JsonConvert.SerializeObject(roles, Newtonsoft.Json.Formatting.None);
|
|
|
|
//Output roles JSON FRAGMENT string for CLIENT to log
|
|
System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", "BizRoles.cs -> biz-role-rights.js Client roles JSON fragment:");
|
|
System.Diagnostics.Debugger.Log(1, "JSONFRAGMENTFORCLIENT", json);
|
|
|
|
//ONGOING VALIDATION TO CATCH MISMATCH WHEN NEW ROLES ADDED (wont' catch changes to existing unfortunately)
|
|
var lastRoles = "{\"User\":{\"Change\":2,\"ReadFullRecord\":1},\"UserOptions\":{\"Change\":2,\"ReadFullRecord\":1},\"Widget\":{\"Change\":34,\"ReadFullRecord\":17},\"ServerState\":{\"Change\":16384,\"ReadFullRecord\":32767},\"License\":{\"Change\":16386,\"ReadFullRecord\":8193},\"LogFile\":{\"Change\":0,\"ReadFullRecord\":24576},\"JobOperations\":{\"Change\":16384,\"ReadFullRecord\":8195},\"AyaNova7Import\":{\"Change\":16384,\"ReadFullRecord\":0},\"Metrics\":{\"Change\":0,\"ReadFullRecord\":24576},\"Locale\":{\"Change\":16386,\"ReadFullRecord\":32767},\"DataListFilter\":{\"Change\":2,\"ReadFullRecord\":32767},\"FormCustom\":{\"Change\":2,\"ReadFullRecord\":32767}}";
|
|
|
|
Dictionary<AyaType, BizRoleSet> lastRolesDeserialized = Newtonsoft.Json.JsonConvert.DeserializeObject<Dictionary<AyaType, BizRoleSet>>(lastRoles);
|
|
if (lastRolesDeserialized.Count != roles.Count)
|
|
{
|
|
throw new System.ArgumentException("BizRoles::Constructor - roles were modified from last snapshot for client!!!");
|
|
}
|
|
|
|
|
|
#endif
|
|
#endregion
|
|
|
|
|
|
|
|
|
|
}//end of constructor
|
|
|
|
|
|
/// <summary>
|
|
/// Get roleset for biz object
|
|
/// </summary>
|
|
/// <param name="forType"></param>
|
|
/// <returns></returns>
|
|
internal static BizRoleSet GetRoleSet(AyaType forType)
|
|
{
|
|
if (roles.ContainsKey(forType))
|
|
{
|
|
return roles[forType];
|
|
}
|
|
else
|
|
{
|
|
return null;
|
|
}
|
|
}
|
|
|
|
|
|
}//end of class
|
|
|
|
|
|
}//eons
|
|
|