private async Task <EmployeeCreationVM> PrepareEmployeeEditionViewModel(EmployeeCreationVM employeeCreationVM,
Employee concernedEmployee, UserRoles concernedEmployeesRoles,
EditionPermissions editionPermissions)
{
var currentUserData = await GetCurrentUserData();
if (editionPermissions == null)
{
editionPermissions = await GetEditionPermission(concernedEmployee);
}
employeeCreationVM = await SetEmployeeCompanyAndManagerState(employeeCreationVM, editionPermissions);
employeeCreationVM.ProfileDataEnabled = editionPermissions.AllowEditProfile;
employeeCreationVM.ContactDataEnabled = editionPermissions.AllowEditContacts;
employeeCreationVM.RolesListEnabled = editionPermissions.AllowEditAccess; //!concernedEmployee.Id.Equals(currentUserData.Item1.Id);
employeeCreationVM.RolesList = await GetListAllowedRoles(currentUserData.Item3);
employeeCreationVM.Roles = UserManagerExtensions.FromUserRoles(concernedEmployeesRoles).ToList();
employeeCreationVM.ManagerEnabled = editionPermissions.AllowChangeManager;
employeeCreationVM.CompanyEnabled = editionPermissions.AllowChangeCompany;
return(employeeCreationVM);
}
private async Task <EditionPermissions> GetEditionPermission(
Employee concernedEmployee)
{
///User allowed edit account in the case when
/// - Is not employee but company admin
/// - Is redactor is privileged user from same company
/// - If recactor ant concerned user is same persone
var currentUserData = await GetCurrentUserData();
var currentUser = currentUserData.Item1;
var currentUserRoles = currentUserData.Item3;
var currentEmployee = currentUserData.Item2;
bool isCompanyPriveleged = (currentUserRoles & (UserRoles.CompanyAdministrator | UserRoles.HRManager)) > 0;
bool isAppAdministrator = (currentUserRoles & UserRoles.AppAdministrator) == UserRoles.AppAdministrator;
if (concernedEmployee == null)
{
if (isCompanyPriveleged || isAppAdministrator)
{
EditionPermissions permissions = EditionPermissions.AllGranted;
permissions.AllowChangeCompany = isAppAdministrator;
permissions.AllowEditAccess = isAppAdministrator || ((currentUserRoles & UserRoles.CompanyAdministrator) == UserRoles.CompanyAdministrator);
permissions.IsSelfEdition = false;
return(permissions);
}
else
{
return(EditionPermissions.AllForbidden);
}
}
bool allowEdition = (currentUser != null && (currentUserRoles & UserRoles.AppAdministrator) == UserRoles.AppAdministrator)
||
(currentEmployee != null && currentEmployee.CompanyId == concernedEmployee?.CompanyId && ((currentUserRoles & (UserRoles.CompanyAdministrator | UserRoles.HRManager)) > 0)) ||
currentEmployee != null && currentEmployee.Id == concernedEmployee?.Id;
if (currentUser == null || !allowEdition)
{
return new EditionPermissions()
{
AllowEdition = false
}
}
;
bool isItSelfEdition = concernedEmployee?.Id.Equals(currentUser.Id) ?? false;
bool isItSameCompanyEdition = concernedEmployee.CompanyId == currentEmployee?.CompanyId;
bool allowEditProfile = (isCompanyPriveleged & isItSameCompanyEdition) || isAppAdministrator;
bool allowEditAccess = await GetAllowedRolesAsync(currentUserRoles, isItSelfEdition) != UserRoles.None;
bool allowEditContact = isAppAdministrator || (isItSameCompanyEdition && isCompanyPriveleged) || isItSelfEdition;
bool allowChangeManager = (isCompanyPriveleged && isItSameCompanyEdition) || isAppAdministrator;
bool allowChangeCompany = (currentUserRoles & UserRoles.AppAdministrator) == UserRoles.AppAdministrator;
bool allowRemoveProfile = (currentUserRoles & (UserRoles.AppAdministrator | UserRoles.CompanyAdministrator)) > UserRoles.None;
return(new EditionPermissions()
{
AllowEdition = allowEdition,
IsSelfEdition = isItSelfEdition,
AllowEditAccess = allowEditAccess,
AllowEditProfile = allowEditProfile,
AllowEditContacts = allowEditContact,
AllowChangeManager = allowChangeManager,
AllowChangeCompany = allowChangeCompany,
AllowRemoveAccount = allowRemoveProfile
});
}
private async Task <bool> ValidateInput(Employee consernedEmployee, EmployeeCreationVM employeeVM, EditionPermissions permission)
{
if (consernedEmployee == null || !permission.AllowEdition)
{
return(false);
}
bool inputValid = permission.AllowEdition;
bool rolesListValid = await ValidateRoles(consernedEmployee, employeeVM, permission.AllowEditAccess);
if (!rolesListValid)
{
ModelState.AddModelError("", _DataLocalizer["You not autorized to change the roles"]);
}
inputValid &= rolesListValid;
bool profileValid = ValidateProfileEdition(consernedEmployee, employeeVM, permission.AllowEditProfile);
if (!profileValid)
{
ModelState.AddModelError("", _DataLocalizer["You not autorized to edit profile data"]);
}
inputValid &= profileValid;
bool contactsValid = ValidateContactData(consernedEmployee, employeeVM, permission.AllowEditContacts);
if (!contactsValid)
{
ModelState.AddModelError("", _DataLocalizer["You not autorized to edit contacts data"]);
}
inputValid &= contactsValid;
bool managerValid = ValidateManagerData(consernedEmployee, employeeVM, permission.AllowChangeManager);
if (!managerValid)
{
ModelState.AddModelError("", _DataLocalizer["You not autorized to change your manager"]);
}
inputValid &= managerValid;
bool companyValid = await ValidateCompanyData(consernedEmployee, employeeVM, permission.AllowChangeCompany);
if (!companyValid)
{
ModelState.AddModelError("", _DataLocalizer["You not autorized to change your manager"]);
}
inputValid &= companyValid;
return(inputValid);
}
//Todo: Review this section
private async Task <EmployeeCreationVM> SetEmployeeCompanyAndManagerState(EmployeeCreationVM employeeCreationVM, EditionPermissions editionPermissions)
{
//Case when employee created by app admin
var currentLoginData = await GetCurrentUserData();
var currentUserRoles = currentLoginData.Item3;
var currentEmployee = currentLoginData.Item2;
bool currentUserIsAppAdmin = (currentUserRoles & UserRoles.AppAdministrator) == UserRoles.AppAdministrator;
bool currentUserIsCompanyPriveleged = (currentUserRoles & (UserRoles.CompanyAdministrator | UserRoles.HRManager)) > 0;
employeeCreationVM.CompanyEnabled = editionPermissions.AllowChangeCompany;
if (editionPermissions.AllowChangeCompany)
{
var companiesList = (await _UnitOfWork.Companies.WhereAsync(x => x.Active))
.Select(x => new SelectListItem(x.CompanyName, x.Id.ToString(), x.Id.Equals(employeeCreationVM?.CompanyId))).ToList();
companiesList.Insert(0, new SelectListItem(_DataLocalizer["Please select the company"], "0", true, true));
companiesList.Insert(1, new SelectListItem(_DataLocalizer["None"], String.Empty, true, !currentUserIsAppAdmin));
employeeCreationVM.Companies = companiesList;
}
else
{
if (currentEmployee?.CompanyId != null)
{
if (employeeCreationVM.CompanyId == null)
{
employeeCreationVM.CompanyId = currentEmployee.CompanyId;
}
if (employeeCreationVM.CompanyId != null)
{
if (currentEmployee?.Company != null)
{
employeeCreationVM.Company = currentEmployee.Company;
}
else
{
employeeCreationVM.Company = await _UnitOfWork.Companies.FindAsync(x => x.Id == (int)employeeCreationVM.CompanyId);
}
employeeCreationVM.Companies = new SelectListItem[] { new SelectListItem(employeeCreationVM.Company.CompanyName,
employeeCreationVM.Company.Id.ToString(), true, true) };
}
}
}
employeeCreationVM.ManagerEnabled = editionPermissions.AllowChangeManager;
if (editionPermissions.AllowChangeManager)
{
var managers = await GetEmployeesByCompany(employeeCreationVM.CompanyId, employeeCreationVM.ManagerId);
managers.Insert(0, new SelectListItem(_DataLocalizer["None"], null));
employeeCreationVM.Managers = managers;
}
else
{
if (employeeCreationVM?.Manager != null)
{
employeeCreationVM.Managers = new SelectListItem[] { new SelectListItem(employeeCreationVM.Manager.FormatEmployeeSNT(), employeeCreationVM.ManagerId, true, true) }
}
;
}
return(employeeCreationVM);
}
