/// <summary>
/// Page Load - This is executed when the page is first requested
/// by the user and additionally when the user clicks a button on
/// the form
/// </summary>
protected void Page_Load(object sender, System.EventArgs e)
{
//
// To prevent users from by-passing the portal page (index.aspx)
// and going directly to this page, use URL Authorization
// See <url> for details.
//
//
// Get the transaction ID from the posted variables
// if no transaction ID was posted, i.e. the user
// went directly to this page and not from the List.aspx page,
// show an error message
//
try
{
transID = Convert.ToInt32(Request.QueryString["transactionId"]);
}
catch (System.ArgumentNullException)
{
Message.Text = "There was an error retrieving the transaction ID.";
return;
}
//
// Get the expense report data from the transaction ID
// and check that the transaction exists
//
ExpenseData = ExpenseCommon.GetTransData(transID);
if (ExpenseData == null)
{
Message.Text = "There was an error retrieving the transaction data. <br>The specified transaction does not exist.";
return;
}
//
// Check for this is the first time the page is being loaded
// only fill in the form if this is the first time otherwise
// any user changes will be lost
//
if (!Page.IsPostBack)
{
//
// Check if the approver is also the owner of the
// expense report and either display the report
// or a message depending on the Self Approval setting
// of the application
//
//
// Get the status of the transaction
//
string transStatus = string.Concat(ExpenseCommon.GetTransactionStatus(transID), "");
//
// Check for the transaction has not been approved
//
if (transStatus == "")
{
//
// Check if the current user is the owner of the expense report
//
if ((ExpenseCommon.GetClientSamName() == ExpenseData["SamName"]))
{
//
// Check for Self Approval is allowed
//
if (ExpenseCommon.GetSelfApproval() == false)
{
//
// Self approval is not allowed so do not display the
// decision buttons and show an error message
//
Status.Text = string.Concat(Status.Text, "PENDING", "<P>You are not authorized to approve your own expense.</p>");
DecisionGroup.Visible = false;
}
else
{
//
// Self Approval is allowed so display the
// decision buttons and it's status
//
Status.Text = string.Concat(Status.Text, "PENDING");
DecisionGroup.Visible = true;
}
}
else
{
//
// The current user is not the owner of the expense report so
// display the decision buttons
//
Status.Text = string.Concat(Status.Text, "PENDING");
DecisionGroup.Visible = true;
}
}
else
{
//
// The expense report has been reviewed already
// Display it's status and do not show the decision buttons
//
Status.Text = string.Concat(Status.Text, transStatus);
DecisionGroup.Visible = false;
}
//
// Check if the user has permission to list expenses
//
//
//
// Get the client context from the session variables
//
IAzClientContext3 AzClient = ExpenseCommon.GetAzClientContext();
//
// Set BizRule Parameters
//
IAzBizRuleParameters BizRuleParams = AzClient.BizRuleParameters;
BizRuleParams.AddParameter("Amount", ExpenseData["Amount"]);
BizRuleParams.AddParameter("Date", DateTime.Now.ToShortDateString());
BizRuleParams.AddParameter("SubmitterName", (object)ExpenseData["User"]);
BizRuleParams.AddParameter("UserName", ExpenseCommon.GetClientSamName());
//
// Run the access check on the submit operation
// Passing the audit text, scope, operations and business rule parameters
//
uint result = AzClient.AccessCheck2("Read Expense Report", "", ExpenseCommon.AzopRead);
//
// Check for success of the access check
//
bool bAuthorized = false;
if (result == ExpenseCommon.NoError)
{
bAuthorized = true;
}
else if (result == ExpenseCommon.AccessDenied)
{
string errorMessage = AzClient.GetBusinessRuleString();
if (errorMessage != "")
{
Message.Text = "<font color=\"FF0000\">Access Denied." + errorMessage + "</font>";
}
else
{
Message.Text = "<font color=\"FF0000\">Access Denied. You do not have sufficient permissions to perform this operation.</font>";
}
bAuthorized = false;
}
else
{
//
// Check for other error
//
if (result != ExpenseCommon.NoError)
{
Win32Exception ex = new Win32Exception();
Message.Text = "<font color=\"FF0000\">There was an error performing the AccessCheck: " + ex.Message + "</font>";
}
}
if (bAuthorized)
{
//
// Display the expense report
//
DisplayExpense();
}
else
{
//
// Access Check failed so display an error message to the user
//
Message.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString();
return;
}
}
}
/// <summary>
/// Page Load - This is executed when the page is first requested
/// by the user and additionally when the user clicks a button on
/// the form
/// </summary>
protected void Page_Load(object sender, System.EventArgs e)
{
//
// To prevent users from by-passing the portal page (index.aspx)
// and going directly to this page, use URL Authorization
// See <url> for details.
//
//
// Get the transaction ID from the posted variables
// if no transaction ID was posted, i.e. the user
// went directly to this page and not from the List.aspx page,
// show an error message
//
try
{
transID = Convert.ToInt32(Request.QueryString["transactionId"]);
}
catch (System.ArgumentNullException)
{
Message.Text = "There was an error retrieving the transaction ID.";
return;
}
//
// Get the expense report data from the transaction ID
// and check that the transaction exists
//
ExpenseData = ExpenseCommon.GetTransData(transID);
if (ExpenseData == null)
{
Message.Text = "There was an error retrieving the transaction data. <br>The specified transaction does not exist.";
return;
}
//
// Check for this is the first time the page is being loaded
// only fill in the form if this is the first time otherwise
// any user changes will be lost
//
if (!Page.IsPostBack)
{
//
// Check if the approver is also the owner of the
// expense report and either display the report
// or a message depending on the Self Approval setting
// of the application
//
//
// Get the status of the transaction
//
string transStatus = string.Concat(ExpenseCommon.GetTransactionStatus(transID), "");
//
// Check for the transaction has not been approved
//
if (transStatus == "")
{
//
// Check if the current user is the owner of the expense report
//
if ((ExpenseCommon.GetClientSamName() == ExpenseData["SamName"]))
{
//
// Check for Self Approval is allowed
//
if (ExpenseCommon.GetSelfApproval() == false)
{
//
// Self approval is not allowed so do not display the
// decision buttons and show an error message
//
Status.Text = string.Concat(Status.Text, "PENDING", "<P>You are not authorized to approve your own expense.</p>");
DecisionGroup.Visible = false;
}
else
{
//
// Self Approval is allowed so display the
// decision buttons and it's status
//
Status.Text = string.Concat(Status.Text, "PENDING");
DecisionGroup.Visible = true;
}
}
else
{
//
// The current user is not the owner of the expense report so
// display the decision buttons
//
Status.Text = string.Concat(Status.Text, "PENDING");
DecisionGroup.Visible = true;
}
}
else
{
//
// The expense report has been reviewed already
// Display it's status and do not show the decision buttons
//
Status.Text = string.Concat(Status.Text, transStatus);
DecisionGroup.Visible = false;
}
//
// Get the client context
//
IAzClientContext AzClient = ExpenseCommon.GetAzClientContext();
//
// Check if the user has permission to list expenses
//
//
// Contains the scope of the access check request
// which is set to the application level (null)
//
object[] scope = new Object[1];
scope[0] = (object)"";
//
// Contains all the operations associated with
// reading an expense
// In this case the readExpense operation
//
object[] operations = new Object[1];
operations[0] = ExpenseCommon.AzopRead;
//
// Contains all the parameter names associated with
// approving an expense. These are organized as
// name-value pairs and passed to the business rule
// if one is defined
//
// THEY MUST BE IN ALPHABETICAL ORDER (A-Z)
//
Object[] BRNames = new Object[3];
BRNames[0] = (object)ExpenseCommon.ParamAmount;
BRNames[1] = (object)ExpenseCommon.ParamDate;
BRNames[2] = (object)ExpenseCommon.ParamUserName;
//
// Contains all the paramenter values associted with
// approving an expense.
//
Object[] BRValues = new Object[3];
BRValues[0] = (object)0;
BRValues[1] = (object)DateTime.Now.ToShortDateString();
BRValues[2] = (object)ExpenseCommon.GetClientSamName();
// Contains the results from AccessCheck
object[] results;
try
{
//
// Run the access check on the administer operation
// Passing the audit text, scope, operations and business rule parameters
//
results = (object[])AzClient.AccessCheck("Read Expense Report", (object)scope, (object)operations, BRNames, BRValues, null, null, null);
}
catch (Exception ex)
{
Message.Text = "There was an error running AccessCheck: " + ex.Message;
return;
}
//
// Check for success of the access check
//
bool bAuthorized = true;
foreach (int iResCode in results)
{
//
// Check for access denied
//
if (iResCode == ExpenseCommon.AccessDenied)
{
string errorMessage = AzClient.GetBusinessRuleString();
if (errorMessage != "")
{
Message.Text = "Read Denied. " + errorMessage;
}
else
{
Message.Text = "Access Denied. You do not have sufficient permissions to perform this operation.";
}
bAuthorized = false;
break;
}
//
// Check for other error
//
else if (iResCode != ExpenseCommon.NoError)
{
Win32Exception ex = new Win32Exception();
Message.Text = "There was an error performing the AccessCheck: " + ex.Message;
}
}
if (bAuthorized)
{
//
// Display the expense report
//
DisplayExpense();
}
else
{
//
// Access Check failed so display an error message to the user
//
Message.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString();
return;
}
}
}
