public GXRemoveUserFromUserGroupResponse Post(GXRemoveUserFromUserGroupRequest request)
{
IAuthSession s = this.GetSession(false);
//Normal user can't change user group name or add new one.
if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s))
{
throw new ArgumentException("Access denied.");
}
long adderId = Convert.ToInt64(s.Id);
List<GXEventsItem> events = new List<GXEventsItem>();
lock (Db)
{
using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted))
{
bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s);
foreach (long user in request.Users)
{
foreach (long group in request.Groups)
{
if (!superAdmin)
{
//User can't update user data if he do not have access to the user group.
long[] groups1 = GXUserGroupService.GetUserGroups(Db, adderId);
long[] groups2 = GXUserGroupService.GetUserGroups(Db, group);
bool found = false;
foreach (long it1 in groups1)
{
foreach (long it2 in groups2)
{
if (it1 == it2)
{
found = true;
break;
}
}
if (found)
{
break;
}
}
if (!found)
{
throw new ArgumentException("Access denied.");
}
}
string query = "SELECT * FROM " + GuruxAMI.Server.AppHost.GetTableName<GXAmiUserGroupUser>(Db);
query += string.Format("WHERE UserID = {0} AND UserGroupID = {1}", user, group);
List<GXAmiUserGroupUser> items = Db.Select<GXAmiUserGroupUser>(query);
foreach (GXAmiUserGroupUser it in items)
{
Db.DeleteById<GXAmiUserGroupUser>(it.Id);
events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Edit, group));
}
}
}
trans.Commit();
}
}
AppHost host = this.ResolveService<AppHost>();
host.SetEvents(Db, this.Request, adderId, events);
return new GXRemoveUserFromUserGroupResponse();
}
public GXRemoveUserFromUserGroupResponse Post(GXRemoveUserFromUserGroupRequest request)
{
IAuthSession s = this.GetSession(false);
//Normal user can't change user group name or add new one.
if (!GuruxAMI.Server.GXBasicAuthProvider.CanUserEdit(s))
{
throw new ArgumentException("Access denied.");
}
long adderId = Convert.ToInt64(s.Id);
List <GXEventsItem> events = new List <GXEventsItem>();
lock (Db)
{
using (var trans = Db.OpenTransaction(IsolationLevel.ReadCommitted))
{
bool superAdmin = GuruxAMI.Server.GXBasicAuthProvider.IsSuperAdmin(s);
foreach (long user in request.Users)
{
foreach (long group in request.Groups)
{
if (!superAdmin)
{
//User can't update user data if he do not have access to the user group.
long[] groups1 = GXUserGroupService.GetUserGroups(Db, adderId);
long[] groups2 = GXUserGroupService.GetUserGroups(Db, group);
bool found = false;
foreach (long it1 in groups1)
{
foreach (long it2 in groups2)
{
if (it1 == it2)
{
found = true;
break;
}
}
if (found)
{
break;
}
}
if (!found)
{
throw new ArgumentException("Access denied.");
}
}
string query = "SELECT * FROM " + GuruxAMI.Server.AppHost.GetTableName <GXAmiUserGroupUser>(Db);
query += string.Format("WHERE UserID = {0} AND UserGroupID = {1}", user, group);
List <GXAmiUserGroupUser> items = Db.Select <GXAmiUserGroupUser>(query);
foreach (GXAmiUserGroupUser it in items)
{
Db.DeleteById <GXAmiUserGroupUser>(it.Id);
events.Add(new GXEventsItem(ActionTargets.UserGroup, Actions.Edit, group));
}
}
}
trans.Commit();
}
}
AppHost host = this.ResolveService <AppHost>();
host.SetEvents(Db, this.Request, adderId, events);
return(new GXRemoveUserFromUserGroupResponse());
}
