public Task <IEnumerable <ValidationMessage> > ValidateAsync(IDomainEntityContext <Invoice> context, CancellationToken cancellationToken = default) { if (context.EditMode != EditMode.Update) { return(ValidationResultTask.Ok()); } var statussesAllowedToModifyInvoiceContent = new[] { InvoiceStatus.Draft }; if (!statussesAllowedToModifyInvoiceContent.Contains(context.Pristine.Status)) { try { context.Entity.InvoiceDate.Should().Be(context.Pristine.InvoiceDate); context.Entity.CustomerId.Should().Be(context.Pristine.CustomerId); context.Entity.InvoiceLines.Should().BeEquivalentTo(context.Pristine.InvoiceLines, options => options .Excluding(x => x.Invoice) //.Excluding(x => x.Item) .Excluding(x => x.Timestamp) ); } catch (System.Exception ex) { _logger.LogWarning(ex, "Not allowed to change invoice content in current status."); return(ValidationResultTask.Invalid("Not allowed to change invoice content in current status.")); } } return(ValidationResultTask.Ok()); }
/// <summary> /// Validates the specified <paramref name="rule" /> as an asynchronous operation. /// </summary> /// <param name="manager">The <see cref="SecurityManager" /> that can be used to retrieve user properties.</param> /// <param name="objectType">The type of the shared object to be found.</param> /// <param name="objectId">The primary key of the shared object to be found.</param> /// <param name="rule">The rule to validate.</param> /// <param name="cancellationToken">The <see cref="CancellationToken" /> used to propagate notifications that the operation should be canceled.</param> /// <returns> /// The <see cref="Task" /> that represents the asynchronous operation, containing the <see cref="ValidationResult" /> of the validation operation. /// </returns> protected virtual Task <ValidationResult> ValidateUserAsync(SecurityManager manager, AccessObjectType objectType, int objectId, AccessRuleItem rule, CancellationToken cancellationToken) { if (rule.Permission == AccessPermission.Unknown) { return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.UserPermissionRequired))); } if (rule.Visibility != AccessVisibility.Unknown) { return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.AccessVisibilityNotSupported))); } return(AtLeastOneOwnerRequired(manager, objectType, objectId, rule, cancellationToken)); }
/// <summary> /// Validates the specified <paramref name="rule" /> as an asynchronous operation. /// </summary> /// <param name="manager">The <see cref="SecurityManager" /> that can be used to retrieve user properties.</param> /// <param name="objectType">The type of the shared object to be found.</param> /// <param name="objectId">The primary key of the shared object to be found.</param> /// <param name="rule">The rule to validate.</param> /// <param name="cancellationToken">The <see cref="CancellationToken" /> used to propagate notifications that the operation should be canceled.</param> /// <returns> /// The <see cref="Task" /> that represents the asynchronous operation, containing the <see cref="ValidationResult" /> of the validation operation. /// </returns> protected virtual Task <ValidationResult> ValidateAnyoneAsync(SecurityManager manager, AccessObjectType objectType, int objectId, AccessRuleItem rule, CancellationToken cancellationToken) { if (rule.Permission != AccessPermission.CanView) { return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.AccessPermissionNotSupported))); } if (rule.Visibility == AccessVisibility.Unknown) { return(ValidationResultTask.Failed(string.Format(CultureInfo.CurrentCulture, SecurityResources.AnyoneVisibilityRequired))); } return(ValidationResultTask.Success); }
public Task <IEnumerable <ValidationMessage> > ValidateAsync(IDomainEntityContext <Invoice> context, CancellationToken cancellationToken = default) { if (context.EditMode != EditMode.Delete) { return(ValidationResultTask.Ok()); } var statussesAllowedToDelete = new[] { InvoiceStatus.Draft, InvoiceStatus.Cancelled }; if (!statussesAllowedToDelete.Contains(context.Pristine.Status)) { return(ValidationResultTask.Invalid("Not allowed to delete invoice in current status.")); } return(ValidationResultTask.Ok()); }