admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
635626cb7836c708fc06322879b9310d02fa528f
raven/server/AyaNova/biz/BizRoles.cs
John Cardinal 635626cb78
2018-08-27 19:55:41 +00:00

178 lines
6.4 KiB
C#
Raw Blame History

using System;
using System.Collections.Generic;
using AyaNova.Biz;
namespace AyaNova.Biz
{
/// <summary>
/// roles of all business objects
/// </summary>
internal static class BizRoles
{
static Dictionary<AyaType, BizRoleSet> roles = new Dictionary<AyaType, BizRoleSet>();
static BizRoles()
{
//Add all object roles here
//NOTE: do not need to add change roles to read roles, Authorized.cs takes care of that automatically
//by assuming if you can change you can read
#region All roles initialization
////////////////////////////////////////////////////////////
//USER
//
//TODO: flesh this out more when user routes are made
//These rights only apply to the core User object itself
//any settings that are user configurable should go under a UserOptions object instead
roles.Add(AyaType.User, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdminFull,
EditOwn = AuthorizationRoles.NoRole,//Only biz admin has full rights to edit a user?? Maybe minor changes are allowed or not stored as a User sub field for user configurable things
Read = AuthorizationRoles.BizAdminFull | AuthorizationRoles.BizAdminLimited
});
////////////////////////////////////////////////////////////
//WIDGET
//
roles.Add(AyaType.Widget, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.InventoryFull,
EditOwn = AuthorizationRoles.TechFull,
Read = AuthorizationRoles.BizAdminLimited | AuthorizationRoles.InventoryLimited |
AuthorizationRoles.TechFull | AuthorizationRoles.TechLimited | AuthorizationRoles.AccountingFull
});
////////////////////////////////////////////////////////////
//SERVERSTATE
//
roles.Add(AyaType.ServerState, new BizRoleSet()
{
Change = AuthorizationRoles.OpsAdminFull,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.AnyRole
});
////////////////////////////////////////////////////////////
//LICENSE
//
roles.Add(AyaType.License, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.OpsAdminFull,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.BizAdminLimited | AuthorizationRoles.OpsAdminLimited
});
////////////////////////////////////////////////////////////
//LOGFILE
//
roles.Add(AyaType.LogFile, new BizRoleSet()
{
Change = AuthorizationRoles.NoRole,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited
});
////////////////////////////////////////////////////////////
//TAG
//Full roles can make new tags and can edit or delete existing tags
roles.Add(AyaType.Tag, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.DispatchFull | AuthorizationRoles.InventoryFull | AuthorizationRoles.TechFull | AuthorizationRoles.AccountingFull,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.AnyRole
});
////////////////////////////////////////////////////////////
//TAGMAP
//Any roles can tag objects and remove tags as per their rights to the taggable object type in question
roles.Add(AyaType.TagMap, new BizRoleSet()
{
Change = AuthorizationRoles.AnyRole,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.AnyRole
});
////////////////////////////////////////////////////////////
//OPERATIONS
//Only opsfull can change operations
//ops and biz admin can view operations
roles.Add(AyaType.JobOperations, new BizRoleSet()
{
Change = AuthorizationRoles.OpsAdminFull,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.OpsAdminLimited | AuthorizationRoles.BizAdminFull | AuthorizationRoles.BizAdminLimited
});
////////////////////////////////////////////////////////////
//AyaNova7Import
//Only opsfull can change operations
//opsfull can view operations
roles.Add(AyaType.AyaNova7Import, new BizRoleSet()
{
Change = AuthorizationRoles.OpsAdminFull,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.OpsAdminFull
});
////////////////////////////////////////////////////////////
//METRICS
//
roles.Add(AyaType.Metrics, new BizRoleSet()
{
Change = AuthorizationRoles.NoRole,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.OpsAdminFull | AuthorizationRoles.OpsAdminLimited
});
////////////////////////////////////////////////////////////
//LOCALE
//
roles.Add(AyaType.Locale, new BizRoleSet()
{
Change = AuthorizationRoles.BizAdminFull | AuthorizationRoles.OpsAdminFull,
EditOwn = AuthorizationRoles.NoRole,
Read = AuthorizationRoles.AnyRole
});
////////////////////////////////////////////////////////////////////
#endregion all roles init
}//end of constructor
/// <summary>
/// Get roleset for biz object
/// </summary>
/// <param name="forType"></param>
/// <returns></returns>
internal static BizRoleSet GetRoleSet(AyaType forType)
{
if (roles.ContainsKey(forType))
{
return roles[forType];
}
else
{
return null;
}
}
}//end of class
}//eons
Reference in New Issue View Git Blame Copy Permalink