private PlayerGroup(int enumVal, string groupName, string groupColour, string prefix,
PermissionLevel permissionLevel, PlayerGroupCommandPermissions commandPermission, ActionPermissions actionPermission)
{
EnumVal = enumVal;
GroupName = groupName;
GroupColour = groupColour;
Prefix = prefix;
CommandPermission = commandPermission;
PermissionLevel = permissionLevel;
ActionPermission = actionPermission;
Values.Add(this);
}
protected override void beforeWriteNodeLogic( bool Creating, bool OverrideUniqueValidation )
{
// The user cannot change his or her own Administrator privileges.
if( Administrator.wasAnySubFieldModified() &&
Administrator.Checked != CswConvert.ToTristate( Administrator.GetOriginalPropRowValue() ) &&
_CswNbtResources.CurrentUser.RoleId == _CswNbtNode.NodeId )
{
_CswNbtNode.Properties.clearModifiedFlag(); // prevents multiple error messages from appearing if we attempt to write() again
throw new CswDniException( CswEnumErrorType.Warning, "You may not change your own administrator status", "User (" + _CswNbtResources.CurrentUser.Username + ") attempted to edit the Administrator property of their own Role" );
}
// case 22512
// also case 22557 - use the original name, not the new one
CswNbtNodePropWrapper NamePropWrapper = Node.Properties[PropertyName.Name];
if( NamePropWrapper.GetOriginalPropRowValue( _CswNbtResources.MetaData.getFieldTypeRule( NamePropWrapper.getFieldTypeValue() ).SubFields.Default.Column ) == ChemSWAdminRoleName &&
_CswNbtResources.CurrentNbtUser.Username != CswNbtObjClassUser.ChemSWAdminUsername &&
false == ( _CswNbtResources.CurrentNbtUser is CswNbtSystemUser ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "The " + ChemSWAdminRoleName + " role cannot be edited", "Current user (" + _CswNbtResources.CurrentUser.Username + ") attempted to edit the '" + ChemSWAdminRoleName + "' role." );
}
if( NodeTypePermissions.wasAnySubFieldModified( false ) )
{
// case 25444 - was it *really* modified?
CswNbtNodePropWrapper NodeTypePermissionsPropWrapper = Node.Properties[PropertyName.NodeTypePermissions];
string NodeTypePermissionsOriginalValueStr = NodeTypePermissionsPropWrapper.GetOriginalPropRowValue( CswEnumNbtPropColumn.ClobData );
CswCommaDelimitedString NodeTypePermissionsOriginalValue = new CswCommaDelimitedString();
NodeTypePermissionsOriginalValue.FromString( NodeTypePermissionsOriginalValueStr );
if( NodeTypePermissions.Value != NodeTypePermissionsOriginalValue )
{
// Prevent granting permission to Design nodetypes without Design Action permission
if( NodeTypePermissions.Gestalt.Contains( "Design" ) && // shortcut
false == _CswNbtResources.Permit.can( CswEnumNbtActionName.Design, this ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to Design NodeTypes without the Design Action Permission",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to grant access to Design NodeTypes on role: " + _CswNbtNode.NodeName );
}
}
}
// case 22437
if( ActionPermissions.wasAnySubFieldModified() )
{
// case 25444 - was it *really* modified?
CswNbtNodePropWrapper ActionPermissionsPropWrapper = Node.Properties[PropertyName.ActionPermissions];
string ActionPermissionsOriginalValueStr = ActionPermissionsPropWrapper.GetOriginalPropRowValue( ( (CswNbtFieldTypeRuleMultiList) _CswNbtResources.MetaData.getFieldTypeRule( ActionPermissionsPropWrapper.getFieldTypeValue() ) ).ValueSubField.Column );
CswCommaDelimitedString ActionPermissionsOriginalValue = new CswCommaDelimitedString();
ActionPermissionsOriginalValue.FromString( ActionPermissionsOriginalValueStr );
if( ActionPermissions.Value != ActionPermissionsOriginalValue )
{
// You can never grant your own action permissions
if( _CswNbtResources.CurrentUser.RoleId == _CswNbtNode.NodeId && this.Name.Text != ChemSWAdminRoleName )
{
// case 26346 - we might be trimming invalid actions out automatically,
// so just throw if an action permissions is being ADDED, not removed
bool ActionAdded = false;
foreach( string ActionStr in ActionPermissions.Value )
{
if( false == ActionPermissionsOriginalValue.Contains( ActionStr ) )
{
ActionAdded = true;
}
}
if( ActionAdded )
{
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to actions for which you have no permissions",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to edit their own action permissions on role: " + _CswNbtNode.NodeName );
}
}
// You can only grant action permissions on other roles to which you have access
foreach( CswNbtAction Action in _CswNbtResources.Actions )
{
if( true == _CswNbtResources.Permit.can( Action, this ) ) // permission is being granted
{
if( ( Action.Name == CswEnumNbtActionName.Design ||
Action.Name == CswEnumNbtActionName.Create_Inspection || //Case 24288
Action.Name == CswEnumNbtActionName.View_Scheduled_Rules ) && //Case 28564
_CswNbtResources.CurrentNbtUser.Rolename != ChemSWAdminRoleName && //Case 28433: chemsw_admin can grant Design to anyone.
false == _CswNbtResources.IsSystemUser )
{
// case 23677
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to " + Action.DisplayName + " to this role",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to grant access to action " + Action.DisplayName + " to role " + _CswNbtNode.NodeName );
}
//Case 29338 - If the Role has no Material NT create permissions, remove the Create Material action permission
if( Action.Name == CswEnumNbtActionName.Create_Material )
{
CswNbtMetaDataPropertySet MaterialPS = _CswNbtResources.MetaData.getPropertySet( CswEnumNbtPropertySetName.MaterialSet );
bool HasOneMaterialCreate = false;
foreach( CswNbtMetaDataObjectClass MaterialOc in MaterialPS.getObjectClasses() )
{
foreach( CswNbtMetaDataNodeType MaterialNt in MaterialOc.getNodeTypes() )
{
string NodeTypePermission = MakeNodeTypePermissionValue(
MaterialNt.FirstVersionNodeTypeId,
CswEnumNbtNodeTypePermission.Create );
HasOneMaterialCreate = HasOneMaterialCreate ||
NodeTypePermissions.CheckValue( NodeTypePermission );
}
}
if( false == HasOneMaterialCreate )
{
ActionPermissions.RemoveValue( MakeActionPermissionValue( Action ) );
}
}
if( false == _CswNbtResources.Permit.can( Action, _CswNbtResources.CurrentNbtUser ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to actions for which you have no permissions",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to grant access to action " + Action.DisplayName + " to role " + _CswNbtNode.NodeName );
}
} // if( true == _CswNbtResources.Permit.can( Action, this ) )
} // foreach( string ActionNameString in ActionPermissions.YValues )
} // if( ActionPermissions.Value != ActionPermissionsOriginalValue )
} // if( ActionPermissions.getAnySubFieldModified() )
}//beforeWriteNode()
