public static TSubmitChangesResult SaveData(string ATablename, ref TTypedDataTable ASubmitTable, out TVerificationResultCollection AVerificationResult) { // check access permissions for the current user TModuleAccessManager.CheckUserPermissionsForTable(ATablename, TTablePermissionEnum.eCanModify | TTablePermissionEnum.eCanModify | TTablePermissionEnum.eCanDelete); TSubmitChangesResult ReturnValue = TSubmitChangesResult.scrError; TTypedDataTable SubmitTable = null; TVerificationResultCollection VerificationResult = null; TDBTransaction WriteTransaction = new TDBTransaction(); TDataBase db = DBAccess.Connect("SaveData"); SubmitTable = ASubmitTable; bool submitOK = true; // Automatic handling of a DB Transaction - and also the automatic establishment and closing of a DB // Connection where a DB Transaction can be exectued (only if that should be needed). db.WriteTransaction( ref WriteTransaction, ref submitOK, delegate { ReturnValue = SaveData(ATablename, ref SubmitTable, out VerificationResult, WriteTransaction); submitOK = ReturnValue == TSubmitChangesResult.scrOK; }); AVerificationResult = VerificationResult; if ((ATablename == SSystemDefaultsTable.GetTableDBName()) && (ReturnValue == TSubmitChangesResult.scrOK)) { // TODO Reload the site key into the session, in case that was changed } return(ReturnValue); }
/// <summary> /// use the permissions of the user to get all offices that this user has permissions for /// </summary> /// <returns></returns> private static List <Int64> GetRegistrationOfficeKeysOfUser(TDBTransaction ATransaction) { List <Int64> AllowedRegistrationOffices = new List <long>(); // get all offices that have registrations for this event DataTable offices = DBAccess.GDBAccessObj.SelectDT( String.Format("SELECT DISTINCT {0} FROM PUB_{1}", PmShortTermApplicationTable.GetRegistrationOfficeDBName(), PmShortTermApplicationTable.GetTableDBName()), "registrationoffice", ATransaction); // if there are no REG-... module permissions for anyone, allow all offices? this would help with a base database for testing? Int32 CountRegModules = Convert.ToInt32(DBAccess.GDBAccessObj.ExecuteScalar("SELECT COUNT(*) FROM " + SModuleTable.GetTableDBName() + " WHERE " + SModuleTable.GetModuleIdDBName() + " LIKE 'REG-%'", ATransaction)); foreach (DataRow officeRow in offices.Rows) { Int64 RegistrationOffice = Convert.ToInt64(officeRow[0]); try { if ((CountRegModules == 0) || TModuleAccessManager.CheckUserModulePermissions(String.Format("REG-{0:10}", StringHelper.PartnerKeyToStr(RegistrationOffice)))) { AllowedRegistrationOffices.Add(RegistrationOffice); } } catch (ESecurityModuleAccessDeniedException) { // no permissions for this registration office } } // the organizer has access to all attendees if (AllowedRegistrationOffices.Count > MINIMUM_OFFICES_TO_BECOME_ORGANIZER) { AllowedRegistrationOffices = new List <long>(); foreach (DataRow officeRow in offices.Rows) { Int64 RegistrationOffice = Convert.ToInt64(officeRow[0]); AllowedRegistrationOffices.Add(RegistrationOffice); } } return(AllowedRegistrationOffices); }
internal static SUserRow LoadUser(String AUserID, out TPetraPrincipal APetraPrincipal, TDBTransaction ATransaction) { SUserRow ReturnValue = LoadUser(AUserID, ATransaction); APetraPrincipal = new TPetraPrincipal(AUserID, TGroupManager.LoadUserGroups( AUserID, ATransaction), TModuleAccessManager.LoadUserModules(AUserID, ATransaction)); if (!ReturnValue.IsPartnerKeyNull()) { APetraPrincipal.PartnerKey = ReturnValue.PartnerKey; } /* * TLogging.LogAtLevel (8, "APetraPrincipal.IsTableAccessOK(tapMODIFY, 'p_person'): " + * APetraPrincipal.IsTableAccessOK(TTableAccessPermission.tapMODIFY, "p_person").ToString()); */ return(ReturnValue); }
internal static SUserRow LoadUser(String AUserID, out TPetraPrincipal APetraPrincipal, TDBTransaction ATransaction) { SUserRow ReturnValue; TPetraIdentity PetraIdentity; ReturnValue = LoadUser(AUserID, out PetraIdentity, ATransaction); APetraPrincipal = new TPetraPrincipal(PetraIdentity, TGroupManager.LoadUserGroups( AUserID, ATransaction), TTableAccessPermissionManager.LoadTableAccessPermissions( AUserID, ATransaction), TModuleAccessManager.LoadUserModules(AUserID, ATransaction)); /* * TLogging.LogAtLevel (8, "APetraPrincipal.IsTableAccessOK(tapMODIFY, 'p_person'): " + * APetraPrincipal.IsTableAccessOK(TTableAccessPermission.tapMODIFY, "p_person").ToString()); */ return(ReturnValue); }
public static SUserRow LoadUser(String AUserID, out TPetraPrincipal APetraPrincipal) { SUserRow ReturnValue; Ict.Petra.Shared.Security.TPetraIdentity PetraIdentity; ReturnValue = LoadUser(AUserID, out PetraIdentity); APetraPrincipal = new TPetraPrincipal(PetraIdentity, TGroupManager.LoadUserGroups( AUserID), TTableAccessPermissionManager.LoadTableAccessPermissions( AUserID), TModuleAccessManager.LoadUserModules(AUserID)); /* * TLogging.LogAtLevel (8, "APetraPrincipal.IsTableAccessOK(tapMODIFY, 'p_person'): " + * APetraPrincipal.IsTableAccessOK(TTableAccessPermission.tapMODIFY, "p_person").ToString()); */ return(ReturnValue); }
public static void GetData(string ATablename, TSearchCriteria[] ASearchCriteria, out TTypedDataTable AResultTable, TDBTransaction AReadTransaction) { AResultTable = null; string context = string.Format("GetData {0}", SharedConstants.MODULE_ACCESS_MANAGER); // check access permissions for the current user TModuleAccessManager.CheckUserPermissionsForTable(ATablename, TTablePermissionEnum.eCanRead); // TODO: auto generate if (ATablename == AApSupplierTable.GetTableDBName()) { AResultTable = AApSupplierAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == AApDocumentTable.GetTableDBName()) { AResultTable = AApDocumentAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == ATransactionTypeTable.GetTableDBName()) { AResultTable = ATransactionTypeAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == ACurrencyTable.GetTableDBName()) { AResultTable = ACurrencyAccess.LoadAll(AReadTransaction); } else if (ATablename == ADailyExchangeRateTable.GetTableDBName()) { AResultTable = ADailyExchangeRateAccess.LoadAll(AReadTransaction); } else if (ATablename == ACorporateExchangeRateTable.GetTableDBName()) { AResultTable = ACorporateExchangeRateAccess.LoadAll(AReadTransaction); } else if (ATablename == ACurrencyLanguageTable.GetTableDBName()) { AResultTable = ACurrencyLanguageAccess.LoadAll(AReadTransaction); } else if (ATablename == AFeesPayableTable.GetTableDBName()) { AResultTable = AFeesPayableAccess.LoadAll(AReadTransaction); } else if (ATablename == AFeesReceivableTable.GetTableDBName()) { AResultTable = AFeesReceivableAccess.LoadAll(AReadTransaction); } else if (ATablename == AAnalysisTypeTable.GetTableDBName()) { AResultTable = AAnalysisTypeAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == AGiftBatchTable.GetTableDBName()) { AResultTable = AGiftBatchAccess.LoadAll(AReadTransaction); } else if (ATablename == AJournalTable.GetTableDBName()) { AResultTable = AJournalAccess.LoadAll(AReadTransaction); } else if (ATablename == ALedgerTable.GetTableDBName()) { AResultTable = ALedgerAccess.LoadAll(AReadTransaction); } else if (ATablename == MExtractMasterTable.GetTableDBName()) { if (ASearchCriteria == null) { AResultTable = MExtractMasterAccess.LoadAll(AReadTransaction); } else { AResultTable = MExtractMasterAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } } else if (ATablename == MExtractTable.GetTableDBName()) { // it does not make sense to load ALL extract rows for all extract masters so search criteria needs to be set if (ASearchCriteria != null) { AResultTable = MExtractAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } } else if (ATablename == PcAttendeeTable.GetTableDBName()) { AResultTable = PcAttendeeAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == PcConferenceCostTable.GetTableDBName()) { AResultTable = PcConferenceCostAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == PcEarlyLateTable.GetTableDBName()) { AResultTable = PcEarlyLateAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == PcSupplementTable.GetTableDBName()) { AResultTable = PcSupplementAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == PcDiscountTable.GetTableDBName()) { AResultTable = PcDiscountAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == PCountryTable.GetTableDBName()) { AResultTable = PCountryAccess.LoadAll(AReadTransaction); } else if (ATablename == PFormTable.GetTableDBName()) { string[] columns = TTypedDataTable.GetColumnStringList(PFormTable.TableId); StringCollection fieldList = new StringCollection(); for (int i = 0; i < columns.Length; i++) { // Do not load the template document - we don't display it and it is big! if (columns[i] != PFormTable.GetTemplateDocumentDBName()) { fieldList.Add(columns[i]); } } AResultTable = PFormAccess.LoadAll(fieldList, AReadTransaction); } else if (ATablename == PInternationalPostalTypeTable.GetTableDBName()) { AResultTable = PInternationalPostalTypeAccess.LoadAll(AReadTransaction); } else if (ATablename == PtApplicationTypeTable.GetTableDBName()) { AResultTable = PtApplicationTypeAccess.LoadAll(AReadTransaction); } else if (ATablename == PFormalityTable.GetTableDBName()) { AResultTable = PFormalityAccess.LoadAll(AReadTransaction); } else if (ATablename == PMailingTable.GetTableDBName()) { AResultTable = PMailingAccess.LoadAll(AReadTransaction); } else if (ATablename == PPartnerGiftDestinationTable.GetTableDBName()) { AResultTable = PPartnerGiftDestinationAccess.LoadUsingTemplate(ASearchCriteria, AReadTransaction); } else if (ATablename == PmDocumentTypeTable.GetTableDBName()) { AResultTable = PmDocumentTypeAccess.LoadAll(AReadTransaction); } else if (ATablename == SGroupTable.GetTableDBName()) { TSecurityChecks.CheckUserModulePermissions(SharedConstants.PETRAMODULE_SYSADMIN, context); AResultTable = SGroupAccess.LoadAll(AReadTransaction); } else if (ATablename == SSystemDefaultsTable.GetTableDBName()) { TSecurityChecks.CheckUserModulePermissions(SharedConstants.PETRAMODULE_SYSADMIN, context); AResultTable = SSystemDefaultsAccess.LoadAll(AReadTransaction); } else if (ATablename == SSystemDefaultsGuiTable.GetTableDBName()) { AResultTable = SSystemDefaultsGuiAccess.LoadAll(AReadTransaction); } else { throw new Exception("TCommonDataReader.GetData: unknown table " + ATablename); } // Accept row changes here so that the Client gets 'unmodified' rows AResultTable.AcceptChanges(); }