/// <summary> /// Checks the specified owner id. /// </summary> /// <param name="ownerId">The owner id.</param> /// <param name="companyId">The company id.</param> /// <returns></returns> public static Access Check(Guid?ownerId = null, Guid?companyId = null) { var DataManager = new DataManager(); var access = new Access(); var accessProfileModule = new tbl_AccessProfileModule(); // Проверка доступа модулей на уровне сайта var site = DataManager.Sites.SelectById(CurrentUser.Instance.SiteID); if (site.AccessProfileID != null) { var accessProfile = DataManager.AccessProfile.SelectById((Guid)site.AccessProfileID); { var modules = DataManager.Module.SelectAll(); foreach (var module in modules) { Match match = Regex.Match(HttpContext.Current.Request.RawUrl, string.Format("/{0}($|/)", module.Name), RegexOptions.IgnoreCase); if (match.Success) { accessProfileModule = accessProfile.tbl_AccessProfileModule.Where(a => a.ModuleID == module.ID).SingleOrDefault(); if (accessProfileModule != null && !accessProfileModule.Write) { access.Read = accessProfileModule.Read; access.Write = accessProfileModule.Write; access.Delete = accessProfileModule.Delete; } } } } } // Проверка доступа модулей на уровне пользователя var user = CurrentUser.Instance; if (user.AccessProfileID != null) { var accessProfile = DataManager.AccessProfile.SelectById((Guid)user.AccessProfileID); { var modules = DataManager.Module.SelectAll(); foreach (var module in modules) { Match match = Regex.Match(HttpContext.Current.Request.RawUrl, string.Format("/{0}($|/)", module.Name), RegexOptions.IgnoreCase); if (match.Success) { accessProfileModule = accessProfile.tbl_AccessProfileModule.Where(a => a.ModuleID == module.ID).SingleOrDefault(); if (accessProfileModule != null && !accessProfileModule.Write) { access.Read = accessProfileModule.Read; access.Write = accessProfileModule.Write; access.Delete = accessProfileModule.Delete; } } } } } if (user.AccessProfileID != null) { var path = HttpContext.Current.Request.AppRelativeCurrentExecutionFilePath.Split(new[] { '/' }); var accessProfileRecords = DataManager.AccessProfileRecord.SelectByAccessProfileID((Guid)user.AccessProfileID).Where(a => a.tbl_Module.Name == path[2]).ToList(); if (accessProfileRecords.Count > 0) { var readList = new List <bool>(); var writeList = new List <bool>(); var deleteList = new List <bool>(); foreach (var accessProfileRecord in accessProfileRecords) { switch ((AccessProfileRecordRule)accessProfileRecord.CompanyRuleID) { case AccessProfileRecordRule.SelfValue: if (user.CompanyID == companyId) { readList.Add(accessProfileRecord.Read); writeList.Add(accessProfileRecord.Write); deleteList.Add(accessProfileRecord.Delete); } else { readList.Add(false); writeList.Add(false); deleteList.Add(false); } break; case AccessProfileRecordRule.SpecificValue: if (accessProfileRecord.CompanyID == companyId) { readList.Add(accessProfileRecord.Read); writeList.Add(accessProfileRecord.Write); deleteList.Add(accessProfileRecord.Delete); } else { readList.Add(false); writeList.Add(false); deleteList.Add(false); } break; } switch ((AccessProfileRecordRule)accessProfileRecord.OwnerRuleID) { case AccessProfileRecordRule.SelfValue: if (user.ContactID == ownerId) { readList.Add(accessProfileRecord.Read); writeList.Add(accessProfileRecord.Write); deleteList.Add(accessProfileRecord.Delete); } else { readList.Add(false); writeList.Add(false); deleteList.Add(false); } break; case AccessProfileRecordRule.SpecificValue: if (accessProfileRecord.OwnerID == ownerId) { readList.Add(accessProfileRecord.Read); writeList.Add(accessProfileRecord.Write); deleteList.Add(accessProfileRecord.Delete); } else { readList.Add(false); writeList.Add(false); deleteList.Add(false); } break; } } if (readList.Count > 0 && readList.IndexOf(false) != -1) { access.Read = false; } if (writeList.Count > 0 && writeList.IndexOf(false) != -1) { access.Write = false; } if (deleteList.Count > 0 && deleteList.IndexOf(false) != -1) { access.Delete = false; } } } return(access); }
/// <summary> /// Updates the specified access profile module. /// </summary> /// <param name="accessProfileModule">The access profile module.</param> public void Update(tbl_AccessProfileModule accessProfileModule) { _dataContext.SaveChanges(); }