public AjaxForm GetRoleEditForm(Guid? roleID) { SecurityProvider.Role role; if (roleID == null) role = new SecurityProvider.Role(); else { role = SecurityProvider.Role.Load(roleID.Value); if (role == null) throw new AjaxException("The requested role does not exist in the database."); if (role.Locked) throw new AjaxException("This is a system role and cannot be modified."); } AjaxForm form = new AjaxForm("RoleEditForm"); form.RecordID = roleID; AjaxFormFieldBlock block = new AjaxFormFieldBlock("RoleDetails", "Role Details"); block.Add(new AjaxFormInputField("Role Name", "Name", 100, role.Locked, null, null, role.Name, null, "function(value){{if(value.length==0) return 'A name is required'; return null;}}", true, 0)); block.Add(new AjaxFormCheckboxField("Role is enabled", "Enabled", role.Enabled, role.Locked, null, null, false, 1)); block.Rank = 0; form.FieldBlocks.Add(block); List<Guid> roleDescendents = new List<Guid>(); IDbCommand cmd = Database.Main.CreateCommand("ListDescendentRoles", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); DataSet ds = Database.Main.GetDataSet(cmd); foreach (DataRow row in ds.Tables[0].Rows) roleDescendents.Add((Guid)row["RoleID"]); cmd = Database.Main.CreateCommand("ListRoleToRoleAssignmentStates", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); ds = Database.Main.GetDataSet(cmd); block = new AjaxFormFieldBlock("Roles", "Roles that this role should adopt"); block.Rank = 1; int c = 0; foreach (DataRow row in ds.Tables[0].Rows) if (CurrentUser.HasPermission(row["RoleCode"].ToString()) && !roleDescendents.Contains((Guid)row["RoleID"])) block.Add(new AjaxFormCheckboxField( row["Name"].ToString(), row["RoleCode"].ToString(), (bool)row["Inherited"], role.Locked, null, null, false, c++)); if (block.Count > 0) form.FieldBlocks.Add(block); cmd = Database.Main.CreateCommand("ListPermissionValuesForRole", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); Database.Main.AddParameter(cmd, "@ShowAllPermissions", true); ds = Database.Main.GetDataSet(cmd); block = new AjaxFormFieldBlock("Permissions", "Permission Settings"); c = 0; foreach (DataRow row in ds.Tables[0].Rows) if (CurrentUser.HasPermission(row["PermissionTypeCode"].ToString())) block.Add(new AjaxFormCheckboxField( row["Description"].ToString(), row["PermissionTypeCode"].ToString(), row["Value"] == DBNull.Value ? false : (bool)row["Value"], role.Locked, null, null, false, c++)); AjaxFormButtonGroup buttons = new AjaxFormButtonGroup(); block.Rank = 2; buttons.Rank = 10000; buttons.AddSubmitButton(null, "Save", "SecurityInterface.OnRoleSaved", null); if (roleID != null) if (!role.Locked) buttons.AddButton(null, "Delete", "SecurityInterface.DeleteRole('" + roleID.ToString() + "')"); buttons.AddButton(null, "Cancel", "$('security-permissionlist').innerHTML = '';"); block.Add(buttons); if (block.Count > 0) form.FieldBlocks.Add(block); return form; }
public AjaxForm GetUserEditForm(Guid? userID) { /* business rules: * people with user administration access can only see user accounts that have a subset of the logged-in user's own roles/permissions * user accounts containing roles or permissions that are not possessed by this user can NOT be altered by the current user * the current user can only assign roles or permissions to other users if he/she has that role or permission */ string fErr = "function(value){{if(value.length==0) return 'Please enter a {0}'; return null;}}"; string pErr = userID != null ? null : string.Format(fErr, "password"); string username = null, firstname = null, surname = null, email = null, blockheading = null; bool enabled = true, locked = false; if (userID != null) { SecurityProvider.User user = SecurityProvider.User.Load(userID.Value); if (!CurrentUser.CanModifyUser(user)) throw new AjaxException("You don't have access to modify that user."); username = user.Username; firstname = user.FirstName; surname = user.Surname; email = user.Email; enabled = user.Enabled; locked = user.Locked; } blockheading = "User Details"; AjaxForm form = new AjaxForm("UserEditForm"); if (userID != null) form.RecordID = userID.Value; AjaxFormFieldBlock block = new AjaxFormFieldBlock("MainUserFields", blockheading); block.Add(new AjaxFormInputField("Username", "Username", 50, locked, null, "width:150px;", username, null, string.Format(fErr, "username"), true, 0)); block.Add(new AjaxFormInputField("Password", "Password", 50, false, null, "width:150px;", null, null, pErr, true, 1)); block.Add(new AjaxFormInputField("First Name", "FirstName", 50, false, null, "width:150px;", firstname, null, null, true, 2)); block.Add(new AjaxFormInputField("Surname", "Surname", 50, false, null, "width:150px;", surname, null, null, true, 3)); block.Add(new AjaxFormInputField("Email", "Email", 100, false, null, "width:150px;", email, null, string.Format(fErr, "valid email address"), true, 4)); block.Add(new AjaxFormCheckboxField("User account is enabled", "Enabled", enabled, locked, null, null, false, 5)); block.Rank = -10000; form.FieldBlocks.Add(block); if (!locked && username != CurrentUser.Username) { block = new AjaxFormFieldBlock("Roles", "Assigned Roles"); block.Rank = 998; IDbCommand cmd = Database.Main.CreateCommand("ListRolePermissionStates", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@UserID", userID); DataSet ds = Database.Main.GetDataSet(cmd); int c = 0; foreach (DataRow row in ds.Tables[0].Rows) { // check that the current user has access to assign the specified permission/role if (!CurrentUser.HasRole(row["RoleCode"].ToString())) continue; block.Add(new AjaxFormCheckboxField(row["Name"].ToString(), row["RoleCode"].ToString(), (bool)row["HasRole"], false, null, null, false, c++)); } if (c > 0) form.FieldBlocks.Add(block); block = new AjaxFormFieldBlock("Permissions", "Specific Assigned Permissions"); block.Rank = 999; c = 0; foreach (DataRow row in ds.Tables[1].Rows) { // check that the current user has access to assign the specified permission/role if (!CurrentUser.HasPermission(row["PermissionTypeCode"].ToString())) continue; block.Add(new AjaxFormCheckboxField(row["Description"].ToString(), row["PermissionTypeCode"].ToString(), (bool)row["HasPermission"], false, null, null, false, c++)); } if (c > 0) form.FieldBlocks.Add(block); } block = new AjaxFormFieldBlock("SubmitButtons", null); AjaxFormButtonGroup buttons = new AjaxFormButtonGroup(); block.Rank = 10000; buttons.AddSubmitButton(null, "Save", "SecurityInterface.OnUserSaved", null); if (userID != null) { if (!locked) buttons.AddButton(null, "Delete", "SecurityInterface.DeleteUser('" + userID.ToString() + "')"); //buttons.AddButton(null, "Send Password", "SecurityInterface.SendPassword('" + userID.ToString() + "')"); buttons.AddButton(null, "Cancel", "SecurityInterface.CancelUserEdit()"); } block.Add(buttons); form.FieldBlocks.Add(block); if (OnUserEditFormLayout != null) OnUserEditFormLayout(userID, false, form); return form; }
public AjaxForm GetRoleEditForm(Guid?roleID) { SecurityProvider.Role role; if (roleID == null) { role = new SecurityProvider.Role(); } else { role = SecurityProvider.Role.Load(roleID.Value); if (role == null) { throw new AjaxException("The requested role does not exist in the database."); } if (role.Locked) { throw new AjaxException("This is a system role and cannot be modified."); } } AjaxForm form = new AjaxForm("RoleEditForm"); form.RecordID = roleID; AjaxFormFieldBlock block = new AjaxFormFieldBlock("RoleDetails", "Role Details"); block.Add(new AjaxFormInputField("Role Name", "Name", 100, role.Locked, null, null, role.Name, null, "function(value){{if(value.length==0) return 'A name is required'; return null;}}", true, 0)); block.Add(new AjaxFormCheckboxField("Role is enabled", "Enabled", role.Enabled, role.Locked, null, null, false, 1)); block.Rank = 0; form.FieldBlocks.Add(block); List <Guid> roleDescendents = new List <Guid>(); IDbCommand cmd = Database.Main.CreateCommand("ListDescendentRoles", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); DataSet ds = Database.Main.GetDataSet(cmd); foreach (DataRow row in ds.Tables[0].Rows) { roleDescendents.Add((Guid)row["RoleID"]); } cmd = Database.Main.CreateCommand("ListRoleToRoleAssignmentStates", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); ds = Database.Main.GetDataSet(cmd); block = new AjaxFormFieldBlock("Roles", "Roles that this role should adopt"); block.Rank = 1; int c = 0; foreach (DataRow row in ds.Tables[0].Rows) { if (CurrentUser.HasPermission(row["RoleCode"].ToString()) && !roleDescendents.Contains((Guid)row["RoleID"])) { block.Add(new AjaxFormCheckboxField( row["Name"].ToString(), row["RoleCode"].ToString(), (bool)row["Inherited"], role.Locked, null, null, false, c++)); } } if (block.Count > 0) { form.FieldBlocks.Add(block); } cmd = Database.Main.CreateCommand("ListPermissionValuesForRole", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); Database.Main.AddParameter(cmd, "@ShowAllPermissions", true); ds = Database.Main.GetDataSet(cmd); block = new AjaxFormFieldBlock("Permissions", "Permission Settings"); c = 0; foreach (DataRow row in ds.Tables[0].Rows) { if (CurrentUser.HasPermission(row["PermissionTypeCode"].ToString())) { block.Add(new AjaxFormCheckboxField( row["Description"].ToString(), row["PermissionTypeCode"].ToString(), row["Value"] == DBNull.Value ? false : (bool)row["Value"], role.Locked, null, null, false, c++)); } } AjaxFormButtonGroup buttons = new AjaxFormButtonGroup(); block.Rank = 2; buttons.Rank = 10000; buttons.AddSubmitButton(null, "Save", "SecurityInterface.OnRoleSaved", null); if (roleID != null) { if (!role.Locked) { buttons.AddButton(null, "Delete", "SecurityInterface.DeleteRole('" + roleID.ToString() + "')"); } } buttons.AddButton(null, "Cancel", "$('security-permissionlist').innerHTML = '';"); block.Add(buttons); if (block.Count > 0) { form.FieldBlocks.Add(block); } return(form); }
public AjaxForm GetUserEditForm(Guid?userID) { /* business rules: * people with user administration access can only see user accounts that have a subset of the logged-in user's own roles/permissions * user accounts containing roles or permissions that are not possessed by this user can NOT be altered by the current user * the current user can only assign roles or permissions to other users if he/she has that role or permission */ string fErr = "function(value){{if(value.length==0) return 'Please enter a {0}'; return null;}}"; string pErr = userID != null ? null : string.Format(fErr, "password"); string username = null, firstname = null, surname = null, email = null, blockheading = null; bool enabled = true, locked = false; if (userID != null) { SecurityProvider.User user = SecurityProvider.User.Load(userID.Value); if (!CurrentUser.CanModifyUser(user)) { throw new AjaxException("You don't have access to modify that user."); } username = user.Username; firstname = user.FirstName; surname = user.Surname; email = user.Email; enabled = user.Enabled; locked = user.Locked; } blockheading = "User Details"; AjaxForm form = new AjaxForm("UserEditForm"); if (userID != null) { form.RecordID = userID.Value; } AjaxFormFieldBlock block = new AjaxFormFieldBlock("MainUserFields", blockheading); block.Add(new AjaxFormInputField("Username", "Username", 50, locked, null, "width:150px;", username, null, string.Format(fErr, "username"), true, 0)); block.Add(new AjaxFormInputField("Password", "Password", 50, false, null, "width:150px;", null, null, pErr, true, 1)); block.Add(new AjaxFormInputField("First Name", "FirstName", 50, false, null, "width:150px;", firstname, null, null, true, 2)); block.Add(new AjaxFormInputField("Surname", "Surname", 50, false, null, "width:150px;", surname, null, null, true, 3)); block.Add(new AjaxFormInputField("Email", "Email", 100, false, null, "width:150px;", email, null, string.Format(fErr, "valid email address"), true, 4)); block.Add(new AjaxFormCheckboxField("User account is enabled", "Enabled", enabled, locked, null, null, false, 5)); block.Rank = -10000; form.FieldBlocks.Add(block); if (!locked && username != CurrentUser.Username) { block = new AjaxFormFieldBlock("Roles", "Assigned Roles"); block.Rank = 998; IDbCommand cmd = Database.Main.CreateCommand("ListRolePermissionStates", CommandType.StoredProcedure); Database.Main.AddParameter(cmd, "@UserID", userID); DataSet ds = Database.Main.GetDataSet(cmd); int c = 0; foreach (DataRow row in ds.Tables[0].Rows) { // check that the current user has access to assign the specified permission/role if (!CurrentUser.HasRole(row["RoleCode"].ToString())) { continue; } block.Add(new AjaxFormCheckboxField(row["Name"].ToString(), row["RoleCode"].ToString(), (bool)row["HasRole"], false, null, null, false, c++)); } if (c > 0) { form.FieldBlocks.Add(block); } block = new AjaxFormFieldBlock("Permissions", "Specific Assigned Permissions"); block.Rank = 999; c = 0; foreach (DataRow row in ds.Tables[1].Rows) { // check that the current user has access to assign the specified permission/role if (!CurrentUser.HasPermission(row["PermissionTypeCode"].ToString())) { continue; } block.Add(new AjaxFormCheckboxField(row["Description"].ToString(), row["PermissionTypeCode"].ToString(), (bool)row["HasPermission"], false, null, null, false, c++)); } if (c > 0) { form.FieldBlocks.Add(block); } } block = new AjaxFormFieldBlock("SubmitButtons", null); AjaxFormButtonGroup buttons = new AjaxFormButtonGroup(); block.Rank = 10000; buttons.AddSubmitButton(null, "Save", "SecurityInterface.OnUserSaved", null); if (userID != null) { if (!locked) { buttons.AddButton(null, "Delete", "SecurityInterface.DeleteUser('" + userID.ToString() + "')"); } //buttons.AddButton(null, "Send Password", "SecurityInterface.SendPassword('" + userID.ToString() + "')"); buttons.AddButton(null, "Cancel", "SecurityInterface.CancelUserEdit()"); } block.Add(buttons); form.FieldBlocks.Add(block); if (OnUserEditFormLayout != null) { OnUserEditFormLayout(userID, false, form); } return(form); }
public AjaxForm GetRoleEditForm(long?roleID) { Role role; if (roleID == null) { role = new Role(); } else { role = Role.Select(roleID.Value); if (role == null) { throw new AjaxUserMessageException("The requested role does not exist in the database."); } if (role.Locked) { throw new AjaxUserMessageException("This is a system role and cannot be modified."); } } AjaxForm form = new AjaxForm("RoleEditForm"); form.RecordID = roleID; AjaxFormFieldBlock block = new AjaxFormFieldBlock("RoleDetails", "Role Details"); block.Add(new AjaxFormInputField("Role Name", "Name", 100, role.Locked, null, null, role.Name, null, "function(value){{if(value.length==0) return 'A name is required'; return null;}}", true, 0)); block.Add(new AjaxFormCheckboxField("Role is enabled", "Enabled", role.Enabled, role.Locked, null, null, false, ObjectRank.Normal)); block.Rank = 0; form.FieldBlocks.Add(block); //List<Guid> roleDescendents = new List<Guid>(); //List<Role> roleDescendents = SecurityProvider.DataLayer.ListDescendentRoles(role.RoleID); //IDbCommand cmd = Database.Main.CreateCommand("ListDescendentRoles", CommandType.StoredProcedure); //Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); //DataSet ds = Database.Main.GetDataSet(cmd); //foreach (Role role in roleDescendents) // roleDescendents.Add((Guid)row["RoleID"]); List <RoleState> roles = SecurityProvider.DataLayer.ListAllRolesAgainstRole(role.RoleID); //cmd = Database.Main.CreateCommand("ListRoleToRoleAssignmentStates", CommandType.StoredProcedure); //Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); //ds = Database.Main.GetDataSet(cmd); block = new AjaxFormFieldBlock("Roles", "Roles that this role should adopt"); block.Rank = ObjectRank.Normal; int c = 0; foreach (RoleState r in roles) { //if (CurrentUser.HasPermission(row["RoleCode"].ToString()) && !roleDescendents.Contains((Guid)row["RoleID"])) block.Add(new AjaxFormCheckboxField( r.Role.Name, r.Role.RoleCode, r.State == PermissionState.Inherited, r.Role.Locked, null, null, false, ObjectRank.Normal)); } //(bool)row["Inherited"], role.Locked, null, null, false, c++)); if (block.Count > 0) { form.FieldBlocks.Add(block); } //cmd = Database.Main.CreateCommand("ListPermissionValuesForRole", CommandType.StoredProcedure); //Database.Main.AddParameter(cmd, "@RoleID", role.RoleID); //Database.Main.AddParameter(cmd, "@ShowAllPermissions", true); //ds = Database.Main.GetDataSet(cmd); block = new AjaxFormFieldBlock("Permissions", "Permission Settings"); c = 0; foreach (PermissionTypeState pts in SecurityProvider.DataLayer.ListAllPermissionTypesAgainstRole(role.RoleID)) { //if (CurrentUser.HasPermission(row["PermissionTypeCode"].ToString())) block.Add(new AjaxFormCheckboxField( pts.PermissionType.Description, pts.PermissionType.PermissionTypeCode, pts.PermissionState == PermissionState.Specified, role.Locked, null, null, false, ObjectRank.Normal)); } //row["Description"].ToString(), row["PermissionTypeCode"].ToString(), //row["Value"] == DBNull.Value ? false : (bool)row["Value"], role.Locked, null, null, false, c++)); AjaxFormButtonGroup buttons = new AjaxFormButtonGroup(); block.Rank = ObjectRank.Early; buttons.Rank = ObjectRank.Last; buttons.AddSubmitButton(null, "Save", "SecurityInterface.OnRoleSaved", null); if (roleID != null) { if (!role.Locked) { buttons.AddButton(null, "Delete", "SecurityInterface.DeleteRole('" + roleID.ToString() + "')"); } } buttons.AddButton(null, "Cancel", "$('security-permissionlist').innerHTML = '';"); block.Add(buttons); if (block.Count > 0) { form.FieldBlocks.Add(block); } return(form); }
public AjaxForm GetUserEditForm(long?userID) { /* business rules: * people with user administration access can only see user accounts that have a subset of the logged-in user's own roles/permissions * user accounts containing roles or permissions that are not possessed by this user can NOT be altered by the current user * the current user can only assign roles or permissions to other users if he/she has that role or permission */ string fErr = "function(value){{if(value.length==0) return 'Please enter a {0}'; return null;}}"; string pErr = userID != null ? null : string.Format(fErr, "password"); string username = null, firstname = null, surname = null, email = null, blockheading = null; bool enabled = true, locked = false; if (userID != null) { User user = User.Select(userID.Value); username = user.Username; firstname = user.FirstName; surname = user.Surname; email = user.Email; enabled = user.Enabled; locked = user.Locked; } blockheading = "User Details"; AjaxForm form = new AjaxForm("UserEditForm"); if (userID != null) { form.RecordID = userID.Value; } AjaxFormFieldBlock block = new AjaxFormFieldBlock("MainUserFields", blockheading); block.Add(new AjaxFormInputField("Username", "Username", 50, locked, null, "width:150px;", username, null, string.Format(fErr, "username"), true, 0)); block.Add(new AjaxFormInputField("Password", "Password", 50, false, null, "width:150px;", null, null, pErr, true, ObjectRank.Normal)); block.Add(new AjaxFormInputField("First Name", "FirstName", 50, false, null, "width:150px;", firstname, null, null, true, ObjectRank.Normal)); block.Add(new AjaxFormInputField("Surname", "Surname", 50, false, null, "width:150px;", surname, null, null, true, ObjectRank.Normal)); block.Add(new AjaxFormInputField("Email", "Email", 100, false, null, "width:150px;", email, null, string.Format(fErr, "valid email address"), true, ObjectRank.Normal)); block.Add(new AjaxFormCheckboxField("User account is enabled", "Enabled", enabled, locked, null, null, false, ObjectRank.Normal)); block.Rank = ObjectRank.First; form.FieldBlocks.Add(block); if (!locked && username != SecurityProvider.CurrentUser.Username) { block = new AjaxFormFieldBlock("Roles", "Assigned Roles"); block.Rank = ObjectRank.First; List <RoleState> roleStates = SecurityProvider.DataLayer.ListAllRolesAgainstUser(userID == null ? 0 : userID.Value); List <PermissionTypeState> permissions = SecurityProvider.DataLayer.ListAllPermissionTypesAgainstUser(userID == null ? 0 : userID.Value); //IDbCommand cmd = Database.Main.CreateCommand("ListRolePermissionStates", CommandType.StoredProcedure); //Database.Main.AddParameter(cmd, "@UserID", userID); //DataSet ds = Database.Main.GetDataSet(cmd); int c = 0; foreach (RoleState state in roleStates) { // check that the current user has access to assign the specified permission/role //if (CurrentUser.HasRole(...) continue; block.Add(new AjaxFormCheckboxField(state.Role.Name, state.Role.RoleCode, state.IsAccessible, false, null, null, false, ObjectRank.Normal)); } if (c > 0) { form.FieldBlocks.Add(block); } block = new AjaxFormFieldBlock("Permissions", "Specific Assigned Permissions"); block.Rank = ObjectRank.Early; c = 0; foreach (PermissionTypeState state in permissions) { // check that the current user has access to assign the specified permission/role //if (!CurrentUser.HasPermission(row["PermissionTypeCode"].ToString())) continue; block.Add(new AjaxFormCheckboxField(state.PermissionType.Description, state.PermissionType.PermissionTypeCode, state.PermissionState == PermissionState.Specified, false, null, null, false, ObjectRank.Normal)); } if (c > 0) { form.FieldBlocks.Add(block); } } block = new AjaxFormFieldBlock("SubmitButtons", null); AjaxFormButtonGroup buttons = new AjaxFormButtonGroup(); block.Rank = ObjectRank.Last; buttons.AddSubmitButton(null, "Save", "SecurityInterface.OnUserSaved", null); if (userID != null) { if (!locked) { buttons.AddButton(null, "Delete", "SecurityInterface.DeleteUser('" + userID.ToString() + "')"); } //buttons.AddButton(null, "Send Password", "SecurityInterface.SendPassword('" + userID.ToString() + "')"); buttons.AddButton(null, "Cancel", "SecurityInterface.CancelUserEdit()"); } block.Add(buttons); form.FieldBlocks.Add(block); if (OnUserEditFormLayout != null) { OnUserEditFormLayout(userID, false, form); } return(form); }