public Task <IEnumerable <ValidationMessage> > ValidateAsync(IDomainEntityContext <Invoice> context, CancellationToken cancellationToken = default)
{
if (context.EditMode != EditMode.Update)
{
return(ValidationResultTask.Ok());
}
var statussesAllowedToModifyInvoiceContent = new[] { InvoiceStatus.Draft };
if (!statussesAllowedToModifyInvoiceContent.Contains(context.Pristine.Status))
{
try
{
context.Entity.InvoiceDate.Should().Be(context.Pristine.InvoiceDate);
context.Entity.CustomerId.Should().Be(context.Pristine.CustomerId);
context.Entity.InvoiceLines.Should().BeEquivalentTo(context.Pristine.InvoiceLines,
options => options
.Excluding(x => x.Invoice)
//.Excluding(x => x.Item)
.Excluding(x => x.Timestamp)
);
}
catch (System.Exception ex)
{
_logger.LogWarning(ex, "Not allowed to change invoice content in current status.");
return(ValidationResultTask.Invalid("Not allowed to change invoice content in current status."));
}
}
return(ValidationResultTask.Ok());
}
/// <summary>
/// Validates the specified <paramref name="rule" /> as an asynchronous operation.
/// </summary>
/// <param name="manager">The <see cref="SecurityManager" /> that can be used to retrieve user properties.</param>
/// <param name="objectType">The type of the shared object to be found.</param>
/// <param name="objectId">The primary key of the shared object to be found.</param>
/// <param name="rule">The rule to validate.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken" /> used to propagate notifications that the operation should be canceled.</param>
/// <returns>
/// The <see cref="Task" /> that represents the asynchronous operation, containing the <see cref="ValidationResult" /> of the validation operation.
/// </returns>
protected virtual Task <ValidationResult> ValidateUserAsync(SecurityManager manager, AccessObjectType objectType, int objectId, AccessRuleItem rule, CancellationToken cancellationToken)
{
if (rule.Permission == AccessPermission.Unknown)
{
return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.UserPermissionRequired)));
}
if (rule.Visibility != AccessVisibility.Unknown)
{
return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.AccessVisibilityNotSupported)));
}
return(AtLeastOneOwnerRequired(manager, objectType, objectId, rule, cancellationToken));
}
/// <summary>
/// Validates the specified <paramref name="rule" /> as an asynchronous operation.
/// </summary>
/// <param name="manager">The <see cref="SecurityManager" /> that can be used to retrieve user properties.</param>
/// <param name="objectType">The type of the shared object to be found.</param>
/// <param name="objectId">The primary key of the shared object to be found.</param>
/// <param name="rule">The rule to validate.</param>
/// <param name="cancellationToken">The <see cref="CancellationToken" /> used to propagate notifications that the operation should be canceled.</param>
/// <returns>
/// The <see cref="Task" /> that represents the asynchronous operation, containing the <see cref="ValidationResult" /> of the validation operation.
/// </returns>
protected virtual Task <ValidationResult> ValidateAnyoneAsync(SecurityManager manager, AccessObjectType objectType, int objectId, AccessRuleItem rule, CancellationToken cancellationToken)
{
if (rule.Permission != AccessPermission.CanView)
{
return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.AccessPermissionNotSupported)));
}
if (rule.Visibility == AccessVisibility.Unknown)
{
return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.AnyoneVisibilityRequired)));
}
return(ValidationResultTask.Success);
}
public Task <IEnumerable <ValidationMessage> > ValidateAsync(IDomainEntityContext <Invoice> context, CancellationToken cancellationToken = default)
{
if (context.EditMode != EditMode.Delete)
{
return(ValidationResultTask.Ok());
}
var statussesAllowedToDelete = new[] { InvoiceStatus.Draft, InvoiceStatus.Cancelled };
if (!statussesAllowedToDelete.Contains(context.Pristine.Status))
{
return(ValidationResultTask.Invalid("Not allowed to delete invoice in current status."));
}
return(ValidationResultTask.Ok());
}
