Example #1
0
        private PermissionPolicyRole GetUserRole()
        {
            PermissionPolicyRole userRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(u => u.Name == DefaultUserRoleName);

            if (userRole == null)
            {
                userRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                userRole.Name = DefaultUserRoleName;
                // Allow users to read departments only if their title contains 'Development'.
                const string     protectedDepartment = "Development";
                CriteriaOperator departmentCriteria  = new FunctionOperator(FunctionOperatorType.Contains,
                                                                            new OperandProperty(nameof(Department)), new OperandValue(protectedDepartment)
                                                                            );
                userRole.AddObjectPermission <Department>(SecurityOperations.Read, (!departmentCriteria).ToString() /*"!Contains(Title, 'Development')"*/, SecurityPermissionState.Deny);
                // Allow users to read and modify employee records and their fields by criteria.
                userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
                userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
                CriteriaOperator employeeCriteria = new FunctionOperator(FunctionOperatorType.Contains,
                                                                         new OperandProperty(nameof(Employee.Department) + "." + nameof(Department.Title)), new OperandValue(protectedDepartment)
                                                                         );
                userRole.AddObjectPermission <Employee>(SecurityOperations.Delete, employeeCriteria.ToString() /*"Contains(Department.Title, 'Development')"*/, SecurityPermissionState.Allow);
                userRole.AddMemberPermission <Employee>(SecurityOperations.Write, nameof(Employee.LastName), (!employeeCriteria).ToString() /*"!Contains(Department.Title, 'Development')"*/, SecurityPermissionState.Deny);
                // For more information on criteria language syntax (both string and strongly-typed formats), see https://docs.devexpress.com/CoreLibraries/4928/.
            }
            return(userRole);
        }
Example #2
0
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = "Default";

                defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);


                defaultRole.AddObjectPermission <PhoneBook>(SecurityOperations.Read, "[Oid] != ''", SecurityPermissionState.Allow);
                defaultRole.AddObjectPermission <PhoneBook>(SecurityOperations.Write, "[Oid] != ''", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/PhoneBook_ListView", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "Employee", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "Phone", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "Oid", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
            }
            return(defaultRole);
        }
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(r => r.Name == DefaultUserRoleName);

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = DefaultUserRoleName;

                defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Department_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Employee_ListView", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
                //defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                //defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                //defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                //defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Department>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddObjectPermission <Department>(SecurityOperations.Read, "Contains([Title], 'Development')", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
                defaultRole.AddObjectPermission <Employee>(SecurityOperations.Delete, "Contains([Department.Title], 'Development')", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <Employee>(SecurityOperations.Write, "LastName", "Not Contains([Department.Title], 'Development')", SecurityPermissionState.Deny);
            }
            return(defaultRole);
        }
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(role => role.Name == "Default");

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = "Default";

                defaultRole.AddObjectPermissionFromLambda <ApplicationUser>(SecurityOperations.Read, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
                defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "StoredPassword", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);

                defaultRole.AddTypePermission(ObjectSpace.TypesInfo.FindTypeInfo("ClassLibrary1.PersistentClass1").Type, "Create;Read;Write", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/PersistentClass1_ListView", SecurityPermissionState.Allow);
                defaultRole.AddTypePermission(ObjectSpace.TypesInfo.FindTypeInfo("ClassLibrary2.PersistentClass2").Type, SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/PersistentClass2_ListView", SecurityPermissionState.Allow);
            }
            return(defaultRole);
        }
Example #5
0
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = "Default";

                defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);

                defaultRole.AddObjectPermission <Employee>(SecurityOperations.ReadWriteAccess, "[SystemUser.Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddObjectPermission <SystemUsers>(SecurityOperations.ReadWriteAccess, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Company>(SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Departments>(SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Divisions>(SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Positions>(SecurityOperations.Read, SecurityPermissionState.Allow);
            }
            return(defaultRole);
        }
Example #6
0
        private static PermissionPolicyRole CreateDefaultRole2(UnitOfWork uow)
        {
            PermissionPolicyRole defaultRole = new XPQuery <PermissionPolicyRole>(uow).FirstOrDefault(x => x.Name == "Default2");

            if (defaultRole != null)
            {
                defaultRole.Delete();
            }
            defaultRole      = new PermissionPolicyRole(uow);
            defaultRole.Name = "Default2";
            defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
            defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
            //defaultRole.AddTypePermissionsRecursively<Order>(SecurityOperations.Read, SecurityPermissionState.Allow);
            //defaultRole.AddTypePermissionsRecursively<Customer>(SecurityOperations.Read, SecurityPermissionState.Allow);
            defaultRole.IsAdministrative = false;
            return(defaultRole);
        }
Example #7
0
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(role => role.Name == "Default");

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = "Default";
                defaultRole.AddObjectPermissionFromLambda <ApplicationUser>(SecurityOperations.Read, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Department_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Employee_ListView", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
                defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "StoredPassword", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Department>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddObjectPermissionFromLambda <Department>(SecurityOperations.Read, d => d.Title.Contains("Development"), SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddObjectPermissionFromLambda <Employee>(SecurityOperations.Delete, e => e.Department.Title.Contains("Development"), SecurityPermissionState.Allow);
                defaultRole.AddMemberPermissionFromLambda <Employee>(SecurityOperations.Write, "LastName", e => !e.Department.Title.Contains("Development"), SecurityPermissionState.Deny);
                defaultRole.AddActionPermission("RoleGeneratorAction");
            }
            return(defaultRole);
        }
Example #8
0
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = "Default";

                defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.ReadOnlyAccess, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
            }
            return(defaultRole);
        }
Example #9
0
        private PermissionPolicyRole GetUserRole()
        {
            PermissionPolicyRole userRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(u => u.Name == DefaultUserRoleName);

            if (userRole == null)
            {
                userRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                userRole.Name = DefaultUserRoleName;
                // Allow users to read departments only if their title contains 'Development'.
                const string protectedDepartment = "Development";
                userRole.AddObjectPermissionFromLambda <Department>(SecurityOperations.Read, t => !t.Title.Contains(protectedDepartment), SecurityPermissionState.Deny);
                // Allow users to read and modify employee records and their fields by criteria.
                userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
                userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);

                userRole.AddObjectPermissionFromLambda <Employee>(SecurityOperations.Delete, t => t.Department.Title.Contains(protectedDepartment), SecurityPermissionState.Allow);
                userRole.AddMemberPermissionFromLambda <Employee>(SecurityOperations.Write, nameof(Employee.LastName), t => !t.Department.Title.Contains(protectedDepartment), SecurityPermissionState.Deny);
                // For more information on criteria language syntax (both string and strongly-typed formats), see https://docs.devexpress.com/CoreLibraries/4928/.
            }
            return(userRole);
        }
Example #10
0
File: Updater.cs Project: icpac/cap
        private PermissionPolicyRole CreateDefaultRole()
        {
            PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));

            if (defaultRole == null)
            {
                defaultRole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                defaultRole.Name = "Default";

                defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);

                defaultRole.AddTypePermissionsRecursively <Catalogo>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Config>(SecurityOperations.FullObjectAccess, SecurityPermissionState.Allow);

                defaultRole.AddTypePermissionsRecursively <Cliente>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Clasificacion>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);

                defaultRole.AddTypePermissionsRecursively <Servicio>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Poliza>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
                defaultRole.AddTypePermissionsRecursively <Incidencia>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);

                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/ConfiguraciĆ³n/Items/Config_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/ConfiguraciĆ³n/Items/Catalogo_ListView", SecurityPermissionState.Allow);

                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Clientes/Items/Cliente_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Clientes/Items/Clasificacion_ListView", SecurityPermissionState.Allow);

                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/Servicio_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/Poliza_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/Incidencia_ListView", SecurityPermissionState.Allow);
                defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/NewIncidencia", SecurityPermissionState.Allow);
            }
            return(defaultRole);
        }
Example #11
0
        private void createportalroles()
        {
            PermissionPolicyRole newrole = null;
            string rolename      = "";
            string viewpricerole = GeneralValues.viewpricestring;

            rolename = GeneralValues.RejectRole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            rolename = GeneralValues.CloseRole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            rolename = GeneralValues.PostRole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            rolename = GeneralValues.ApprovalRole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            rolename = GeneralValues.ChangeApprovalRole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #region PurchaseQuotation
            rolename = DocTypeCodes.PurchaseQuotation;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchasing/Items/PurchaseQuotation_ListView", SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotation>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseQuotationUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            }
            createGeneralPermission(newrole);

            rolename = rolename + viewpricerole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #endregion

            #region PurchaseReturn
            rolename = DocTypeCodes.PurchaseReturn;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchase Return/Items/PurchaseReturn_ListView", SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturn>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseReturnUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            }
            createGeneralPermission(newrole);

            rolename = rolename + viewpricerole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #endregion

            #region PurchaseDelivery
            rolename = DocTypeCodes.PurchaseDelivery;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchase GRN/Items/PurchaseDelivery_ListView", SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDelivery>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseDeliveryUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            }
            createGeneralPermission(newrole);

            rolename = rolename + viewpricerole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #endregion

            #region PurchaseOrder
            rolename = DocTypeCodes.PurchaseOrder;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchasing/Items/PurchaseOrder_ListView", SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrder>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseOrderUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            }
            createGeneralPermission(newrole);

            rolename = rolename + viewpricerole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #endregion

            #region PurchaseRequest
            rolename = DocTypeCodes.PurchaseRequest;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchasing/Items/PurchaseRequest_ListView", SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequest>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <PurchaseRequestUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            }
            createGeneralPermission(newrole);

            rolename = rolename + viewpricerole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #endregion

            #region StockTransferRequest
            rolename = DocTypeCodes.StockTransferRequest;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Inventory/Items/StockTransferRequest_ListView", SecurityPermissionState.Allow);
                newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Inventory/Items/vwSAP_ITEM_AVAILABILITY_ListView", SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequest>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
                newrole.AddTypePermissionsRecursively <StockTransferRequestUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            }
            createGeneralPermission(newrole);

            rolename = rolename + viewpricerole;
            newrole  = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
            if (newrole == null)
            {
                newrole      = ObjectSpace.CreateObject <PermissionPolicyRole>();
                newrole.Name = rolename;
            }
            #endregion
        }
Example #12
0
        private void createGeneralPermission(PermissionPolicyRole newrole)
        {
            newrole.AddTypePermissionsRecursively <Approval>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <Budget>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <BudgetMaster>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <Company>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <CrReport>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <CrReportParam>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <Departments>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <Divisions>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <DocType>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <DocTypeSeries>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <DocTypeSeriesDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <FilteringCriterion>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <FilteringCriterionRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <FTCrystalReportConn>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <FTModule>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <FTSAPConn>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <MyNotification>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <MyTask>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <Positions>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <Vehicle>(SecurityOperations.Read, SecurityPermissionState.Allow);

            newrole.AddTypePermissionsRecursively <vwAccounts>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwBillToAddress>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwBusinessPartners>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwContactPersons>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwCurrency>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwDimension1>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwDimension2>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwDimension3>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwDimension4>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwDimension5>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwItemMasters>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwPriceList>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwProjects>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwSalesPersons>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwSAP_ITEM_AVAILABILITY>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwShipToAddress>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwTaxes>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <vwWarehouses>(SecurityOperations.Read, SecurityPermissionState.Allow);

            newrole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <SystemUsers>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <PermissionPolicyUser>(SecurityOperations.Read, SecurityPermissionState.Allow);
            newrole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
        }