C# (CSharp) PxStat.Security Account_ADO.EnoughPrivilegesInAccounts Examples

Programming Language: C# (CSharp)

Namespace/Package Name: PxStat.Security

Class/Type: Account_ADO

Method/Function: EnoughPrivilegesInAccounts

Examples at hotexamples.com: 2

C# (CSharp) PxStat.Security Account_ADO.EnoughPrivilegesInAccounts - 2 examples found. These are the top rated real world C# (CSharp) examples of PxStat.Security.Account_ADO.EnoughPrivilegesInAccounts extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Read(13)

Create(3)

Exists(3)

EnoughPrivilegesInAccounts(2)

Update(2)

Delete(1)

ExistsByEmail(1)

ReadAccounts(1)

ReadMinimumPrivilege(1)

ReadReleaseApprovers(1)

ReadReleaseUsers(1)

Example #1

Show file

        /// <summary>
        /// Execute
        /// </summary>
        /// <returns></returns>
        protected override bool Execute()
        {
            //A power user may not update a user to become an Administrator
            if (IsPowerUser() && DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR))
            {
                Log.Instance.Debug("A power user may not update a user to become an Administrator");
                Response.error = Label.Get("error.privilege");
                return(false);
            }

            //A power user may not downgrade an administrator
            if (IsPowerUser() && IsAdministrator(DTO.CcnUsername) && !DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR))
            {
                Log.Instance.Debug("A power user may not downgrade an administrator");
                Response.error = Label.Get("error.privilege");
                return(false);
            }

            Account_ADO adoAccount = new Account_ADO();

            //There must always be at least one administrator in the system. If this delete would leave no administrator then the request must be refused.
            if (IsAdministrator(DTO.CcnUsername))
            {
                if (!adoAccount.EnoughPrivilegesInAccounts(Ado, Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR))
                {
                    Log.Instance.Debug("There are insufficient Administrators in the Account table to proceed with this update.");
                    Response.error = Label.Get("error.update");
                    return(false);
                }
            }

            //Update and retrieve the number of updated rows
            int nUpdated = adoAccount.Update(Ado, DTO, SamAccountName);

            if (nUpdated == 0)
            {
                Log.Instance.Debug("Failed to update Account");
                Response.error = Label.Get("error.update");
                return(false);
            }

            //An administrator or power user may not be a member of a group. Therefore we will remove any group memberships for the updated user
            // We run the check based on the proposed PrvCode, not on the existing privilege
            if (DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR) || DTO.PrvCode.Equals(Resources.Constants.C_SECURITY_PRIVILEGE_POWER_USER))
            {
                List <GroupAccount_DTO> groupAccountList = getGroupMembership(DTO.CcnUsername);

                foreach (GroupAccount_DTO groupAccount in groupAccountList)
                {
                    GroupAccount_ADO        gaAdo = new GroupAccount_ADO();
                    GroupAccount_DTO_Delete gaDto = new GroupAccount_DTO_Delete();
                    gaDto.CcnUsername = groupAccount.CcnUsername;
                    gaDto.GrpCode     = groupAccount.GrpCode;
                    int deleted = gaAdo.Delete(Ado, gaDto, SamAccountName);
                    if (deleted == 0)
                    {
                        Log.Instance.Debug("Failed to delete account group membership");
                        Response.error = Label.Get("error.update");
                        return(false);
                    }
                }
            }
            //If this user is cached then we must remove it because the data is now out of date
            MemCacheD.Remove_BSO <dynamic>("PxStat.Security", "Account_API", "ReadCurrentAccesss", DTO.CcnUsername);
            Response.data = JSONRPC.success;
            return(true);
        }

Example #2

Show file

File: Account_BSO_Delete.cs Project: Chriz-ONeill/PxStat

        /// <summary>
        /// Execute
        /// </summary>
        /// <returns></returns>
        protected override bool Execute()
        {
            //A power user may not delete an Administrator
            if (IsPowerUser() && IsAdministrator(DTO.CcnUsername))
            {
                Log.Instance.Debug("A power user may not delete an Administrator");
                Response.error = Label.Get("error.privilege");
                return(false);
            }

            //You can't delete yourself
            if (DTO.CcnUsername.Equals(SamAccountName))
            {
                Log.Instance.Debug("A user may not delete themselves");
                Response.error = Label.Get("error.delete");
                return(false);
            }

            var adoAccount = new Account_ADO();

            //There must always be at least one administrator in the system. If this delete would leave no administrator then the request must be refused.
            if (IsAdministrator(DTO.CcnUsername))
            {
                if (!adoAccount.EnoughPrivilegesInAccounts(Ado, Resources.Constants.C_SECURITY_PRIVILEGE_ADMINISTRATOR))
                {
                    Log.Instance.Debug("There are insufficient Administrators in the Account table to proceed with this delete.");
                    Response.error = Label.Get("error.delete");
                    return(false);
                }
            }

            //We also need to delete user membership of any groups
            GroupAccount_ADO      gaAdo = new GroupAccount_ADO();
            GroupAccount_DTO_Read gaDto = new GroupAccount_DTO_Read();

            gaDto.CcnUsername = DTO.CcnUsername;
            ADO_readerOutput groupAccountList = gaAdo.Read(Ado, gaDto);

            if (groupAccountList.hasData)
            {
                foreach (dynamic res in groupAccountList.data)
                {
                    GroupAccount_DTO_Delete dtoDelete = new GroupAccount_DTO_Delete();
                    dtoDelete.CcnUsername = DTO.CcnUsername;
                    dtoDelete.GrpCode     = res.GrpCode;
                    gaAdo.Delete(Ado, dtoDelete, SamAccountName);
                }
            }

            //attempting to delete. The number of entities deleted are passed to the entitiesDeleted variable (this is 1 for a successful delete)
            int nDeleted = adoAccount.Delete(Ado, DTO, SamAccountName);

            if (nDeleted == 0)
            {
                Log.Instance.Debug("adoAccount.Delete - can't delete Account");
                Response.error = Label.Get("error.delete");
                return(false);
            }

            //If this user is cached then we must remove the cache entry as well
            MemCacheD.Remove_BSO <dynamic>("PxStat.Security", "Account_API", "ReadCurrentAccesss", DTO.CcnUsername);

            Response.data = JSONRPC.success;
            return(true);
        }