///<summary>Checks to see if current user is authorized. It also checks any date restrictions. If not authorized, it gives a Message box saying so and returns false.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, bool suppressLockDateMessage, long procCodeNum,
double procCodeFee, long sheetDefNum, long fKey)
{
//No need to check RemotingRole; no call to db.
if (Security.CurUser == null)
{
if (!suppressMessage)
{
MessageBox.Show(Lans.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
try {
return(IsAuthorized(perm, date, suppressMessage, suppressLockDateMessage, curUser, procCodeNum, procCodeFee, sheetDefNum, fKey));
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return(false);
}
}
///<summary>Will throw an error if not authorized and message not suppressed.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, bool suppressLockDateMessage, Userod curUser,
long procCodeNum, double procFee, long sheetDefNum, long fKey)
{
//No need to check RemotingRole; no call to db.
date = date.Date; //Remove the time portion of date so we can compare strictly as a date later.
//Check eConnector permission first.
if (IsValidEServicePermission(perm))
{
return(true);
}
if (!GroupPermissions.HasPermission(curUser, perm, fKey))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized.") + "\r\n"
+ Lans.g("Security", "A user with the SecurityAdmin permission must grant you access for") + ":\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefC.GetDate(PrefName.AccountingLockDate))
{
if (!suppressMessage && !suppressLockDateMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator."));
}
return(false);
}
}
//Check the global security lock------------------------------------------------------------------------------------
if (IsGlobalDateLock(perm, date, suppressMessage || suppressLockDateMessage, procCodeNum, procFee, sheetDefNum))
{
return(false);
}
//Check date/days limits on individual permission----------------------------------------------------------------
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
//Include CEMT users, as a CEMT user could be logged in when this is checked.
DateTime dateLimit = GetDateLimit(perm, curUser.GetGroups(true).Select(x => x.UserGroupNum).ToList());
if (date > dateLimit) //authorized
{
return(true);
}
//Prevents certain bugs when 1/1/1 dates are passed in and compared----------------------------------------------
//Handling of min dates. There might be others, but we have to handle them individually to avoid introduction of bugs.
if (perm == Permissions.ClaimDelete || //older versions did not have SecDateEntry
perm == Permissions.ClaimSentEdit || //no date sent was entered before setting claim received
perm == Permissions.ProcComplEdit || //a completed procedure with a min date.
perm == Permissions.ProcComplEditLimited || //because ProcComplEdit was in this list
perm == Permissions.ProcExistingEdit || //a completed EO or EC procedure with a min date.
perm == Permissions.InsPayEdit || //a claim payment with no date.
perm == Permissions.InsWriteOffEdit || //older versions did not have SecDateEntry or DateEntryC
perm == Permissions.TreatPlanEdit ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.CommlogEdit || //usually from a conversion
perm == Permissions.ProcDelete || //because older versions did not set the DateEntryC.
perm == Permissions.ImageDelete || //In case an image has a creation date of DateTime.MinVal.
perm == Permissions.PerioEdit || //In case perio chart exam has a creation date of DateTime.MinValue.
perm == Permissions.PreAuthSentEdit) //older versions did not have SecDateEntry
{
if (date.Year < 1880 && dateLimit.Year < 1880)
{
return(true);
}
}
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lans.g("Security", "Date limitation"));
}
return(false);
}
///<summary>Will throw an error if not authorized and message not suppressed.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, long userGroupNum)
{
//No need to check RemotingRole; no call to db.
if (!GroupPermissions.HasPermission(userGroupNum, perm))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefC.GetDate(PrefName.AccountingLockDate))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator."));
}
return(false);
}
}
//Check the global security lock------------------------------------------------------------------------------------
//the list below is NOT the list of permissions that take dates. See GroupPermissions.PermTakesDates().
if (perm == Permissions.AdjustmentCreate ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.PaymentCreate ||
perm == Permissions.PaymentEdit ||
perm == Permissions.ProcComplCreate ||
perm == Permissions.ProcComplEdit
//|| perm==Permissions.ImageDelete
|| perm == Permissions.InsPayCreate ||
perm == Permissions.InsPayEdit ||
perm == Permissions.SheetEdit ||
perm == Permissions.CommlogEdit
)
{
//If the global lock is date-based:
if (date.Year > 1 && //if a valid date was passed in
date <= PrefC.GetDate(PrefName.SecurityLockDate)) //and that date is earlier than the lock
{
if (PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) || //if admins are locked out too
!GroupPermissions.HasPermission(userGroupNum, Permissions.SecurityAdmin)) //or is not an admin
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetDate(PrefName.SecurityLockDate).ToShortDateString());
}
return(false);
}
}
//If the global lock is days-based:
if (date.Year > 1 && //if a valid date was passed in
PrefC.GetInt(PrefName.SecurityLockDays) > 0 &&
date <= DateTime.Today.AddDays(-PrefC.GetInt(PrefName.SecurityLockDays))) //and that date is earlier than the lock
{
if (PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) || //if admins are locked out too
!GroupPermissions.HasPermission(userGroupNum, Permissions.SecurityAdmin)) //or is not an admin
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetInt(PrefName.SecurityLockDays).ToString() + " days.");
}
return(false);
}
}
}
//Check date/days limits on individual permission----------------------------------------------------------------
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
DateTime dateLimit = GetDateLimit(perm, userGroupNum);
if (date > dateLimit) //authorized
{
return(true);
}
//Prevents certain bugs when 1/1/1 dates are passed in and compared----------------------------------------------
//Handling of min dates. There might be others, but we have to handle them individually to avoid introduction of bugs.
if (perm == Permissions.ClaimSentEdit || //no date sent was entered before setting claim received
perm == Permissions.ProcComplEdit || //a completed procedure with a min date.
perm == Permissions.InsPayEdit || //a claim payment with no date.
perm == Permissions.TreatPlanEdit ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.CommlogEdit || //usually from a conversion
perm == Permissions.ProcDelete) //because older versions did not set the DateEntryC.
{
if (date.Year < 1880 && dateLimit.Year < 1880)
{
return(true);
}
}
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lans.g("Security", "Date limitation"));
}
return(false);
}
