/// <summary> /// Returns the folder name for a given entity /// </summary> /// <param name="entityName"></param> /// <param name="entityId"></param> /// <param name="getFromDocumentLocation"></param> /// <param name="_dynamicsClient"></param> /// <returns></returns> public static async Task <string> GetFolderName(this IDynamicsClient _dynamicsClient, string entityName, string entityId, bool getFromDocumentLocation = true) { string folderName = null; if (getFromDocumentLocation) { folderName = _dynamicsClient.GetEntitySharePointDocumentLocation(entityName, entityId); } if (folderName == null) { switch (entityName.ToLower()) { case "account": var account = await _dynamicsClient.GetAccountByIdAsync(Guid.Parse(entityId)).ConfigureAwait(true); folderName = account.GetDocumentFolderName(); break; case "application": var application = await _dynamicsClient.GetApplicationById(Guid.Parse(entityId)).ConfigureAwait(true); folderName = application.GetDocumentFolderName(); break; case "contact": var contact = await _dynamicsClient.GetContactById(Guid.Parse(entityId)).ConfigureAwait(true); folderName = contact.GetDocumentFolderName(); break; case "worker": var worker = await _dynamicsClient.GetWorkerById(Guid.Parse(entityId)).ConfigureAwait(true); folderName = worker.GetDocumentFolderName(); break; case "event": var eventEntity = _dynamicsClient.GetEventById(Guid.Parse(entityId)); folderName = eventEntity.GetDocumentFolderName(); break; case "licence": var licenceEntity = _dynamicsClient.GetLicenceById(Guid.Parse(entityId)); folderName = licenceEntity.GetDocumentFolderName(); break; case "specialevent": var entity = _dynamicsClient.GetSpecialEventById(entityId); folderName = entity.GetDocumentFolderName(); break; } } return(folderName); }
/// <summary> /// Returns true if the current user can access the entity /// </summary> /// <param name="entityName"></param> /// <param name="entityId"></param> /// <param name="isDelete">Some access rules are different for deletes</param> /// <returns></returns> private async Task <bool> CanAccessEntity(string entityName, string entityId, bool isDelete = false) { var result = false; var id = Guid.Parse(entityId); switch (entityName.ToLower()) { case "account": var account = await _dynamicsClient.GetAccountByIdAsync(id).ConfigureAwait(true); result = account != null && CurrentUserHasAccessToAccount(account.Accountid); break; case "application": var application = await _dynamicsClient.GetApplicationById(id).ConfigureAwait(true); result = application != null && CurrentUserHasAccessToAccount(application._adoxioApplicantValue); var allowLGAccess = await CurrentUserIsLGForApplication(application); result = result || allowLGAccess && !isDelete; break; case "contact": var contact = await _dynamicsClient.GetContactById(id).ConfigureAwait(true); result = contact != null && CurrentUserHasAccessToContactOwnedBy(contact.Contactid); break; case "worker": var worker = await _dynamicsClient.GetWorkerById(id).ConfigureAwait(true); result = worker != null && CurrentUserHasAccessToContactOwnedBy(worker._adoxioContactidValue); break; case "event": var eventEntity = _dynamicsClient.GetEventById(id); result = eventEntity != null && CurrentUserHasAccessToAccount(eventEntity._adoxioAccountValue); break; } return(result); }
/// <summary> /// Returns true if the current user can access the entity /// </summary> /// <param name="entityName"></param> /// <param name="entityId"></param> /// <param name="isDelete">Some access rules are different for deletes</param> /// <returns></returns> private async Task <bool> CanAccessEntity(string entityName, string entityId, string relativeUrl, bool isDelete = false) { var result = false; var id = Guid.Parse(entityId); string folderName = null; switch (entityName.ToLower()) { case "account": var account = await _dynamicsClient.GetAccountByIdAsync(id).ConfigureAwait(true); if (account != null) { result = CurrentUserHasAccessToAccount(account.Accountid); folderName = account.GetDocumentFolderName(); } break; case "application": var application = await _dynamicsClient.GetApplicationById(id).ConfigureAwait(true); if (application != null) { result = CurrentUserHasAccessToAccount(application._adoxioApplicantValue); var allowLGAccess = await CurrentUserIsLGForApplication(application); result = result || allowLGAccess && !isDelete; folderName = application.GetDocumentFolderName(); } break; case "contact": var contact = await _dynamicsClient.GetContactById(id).ConfigureAwait(true); if (contact != null) { result = CurrentUserHasAccessToContactOwnedBy(contact.Contactid); folderName = contact.GetDocumentFolderName(); } break; case "worker": var worker = await _dynamicsClient.GetWorkerById(id).ConfigureAwait(true); if (worker != null) { result = CurrentUserHasAccessToContactOwnedBy(worker._adoxioContactidValue); folderName = worker.GetDocumentFolderName(); } break; case "event": var eventEntity = _dynamicsClient.GetEventById(id); if (eventEntity != null) { result = CurrentUserHasAccessToAccount(eventEntity._adoxioAccountValue); folderName = eventEntity.GetDocumentFolderName(); } break; } if (folderName != null && result && relativeUrl != null) // do a case insensitive comparison of the first part. { int slashPos = relativeUrl.IndexOf("/"); if (slashPos != -1 && slashPos < relativeUrl.Length) { slashPos = relativeUrl.IndexOf("/", slashPos + 1); } result = relativeUrl.ToUpper().Substring(slashPos + 1).StartsWith(folderName.ToUpper()); } return(result); }