private Permissions GetNonRolePermissions(IndPair moduleOperation, int idProject) { //The permission that comes not from the user role (which can only be business administrator, technical administrator or //financial team), but from the user being a program manager or core team member (different from program manager) Permissions nonRolePermission = Permissions.None; //Get the nonRolePermission from the program manager permissions if this user is a program manager, //else get it from the core team member permissions //else get it from the program reader permissions if (_ProgramManagerProjects.ContainsKey(idProject)) { nonRolePermission = _ProgramManagerPermissions[moduleOperation]; return(nonRolePermission); } if (_CoreTeamProjects.ContainsKey(idProject)) { nonRolePermission = _CoreTeamPermissions[moduleOperation]; return(nonRolePermission); } if (_ProgramReaderProjects.ContainsKey(idProject)) { nonRolePermission = _ProgramReaderPermissions[moduleOperation]; return(nonRolePermission); } return(nonRolePermission); }
/// <summary> /// Checks if this user has permission to perform the given operation on the given module /// </summary> /// <param name="moduleCode">the code of the module</param> /// <param name="operation">the operation to be performed</param> /// <returns>true if this user has permission to perform the given operation on the given module, false otherwise</returns> private bool HasXPermission(string moduleCode, Operations operation) { //Get the view permission from the user role corresponding to the given module Permissions rolePermission = _UserRole.GetPermission(moduleCode, operation); IndPair moduleOperation = new IndPair(moduleCode, operation); //If the CoreTeamPermission dictionary does not contain this permission, then the permission for this user will be the one from //its role if (!_ProgramManagerPermissions.ContainsKey(moduleOperation) && !_CoreTeamPermissions.ContainsKey(moduleOperation) && !_ProgramReaderPermissions.ContainsKey(moduleOperation)) { //The user has view permission if the permission is not none return(rolePermission != Permissions.None); } //The permission that comes not from the user role (which can only be business administrator, technical administrator or //financial team), but from the user being a program manager or core team member (different from program manager) Permissions nonRolePermission = GetNonRolePermissions(moduleOperation); //Else, if either of the 2 permissions (from the role of the user, or from the core team role) is not none, than the user //will have view permission return((rolePermission != Permissions.None) || (nonRolePermission != Permissions.None)); }
/// <summary> /// Gets the permissions for the given module code and operation, for modules which are accessed only after a project is selected /// </summary> /// <param name="moduleCode">The code of the module</param> /// <param name="operation">The operation to be performed on the module</param> /// <param name="idProject">The project for which the permission is applied</param> /// <returns></returns> public Permissions GetPermission(string moduleCode, Operations operation, int idProject) { try { Permissions permission = _UserRole.GetPermission(moduleCode, operation); IndPair moduleOperation = new IndPair(moduleCode, operation); //If this user does not belong to the core team of the given project, the permission is the one from its role if (!_ProgramManagerProjects.ContainsKey(idProject) && !_CoreTeamProjects.ContainsKey(idProject) && !_ProgramReaderProjects.ContainsKey(idProject)) { return(permission); } //The permission that comes not from the user role (which can only be business administrator, technical administrator or //financial team), but from the user being a program manager or core team member (different from program manager) Permissions nonRolePermission = GetNonRolePermissions(moduleOperation, idProject); //The permission will be the smallest of the 2 permissions (Permission.All = 1, Permissions.Restricted = 2, Permissions.None = 3 // - this means that choosing the least restrictive permission from the permissions enumeration is the same thing as chosing the // permission with the smallest value - this is why we calculate the minimum value of the 2 permissions). return((permission < nonRolePermission) ? permission : nonRolePermission); } catch (Exception ex) { throw new IndException(ex); } }
/// <summary> /// Populates the _CoreTeamPermissions dictionary with the permissions the core team role if this user is a core team member /// (other than program manager). If he is not a core team member (other than program manager), this function will not get called /// </summary> private void GetProgramReaderPermissions() { DataTable permissionsDataTable = DBCurrentUser.GetRolePermissions(ApplicationConstants.ROLE_PROGRAM_READER); foreach (DataRow row in permissionsDataTable.Rows) { //Build the pair of module code and operation which will be the key of the dictionary IndPair pair = new IndPair(row["ModuleCode"].ToString(), (Operations)row["IdOperation"]); //Add the key-value pair to the dictionary (the value is the permission) _ProgramReaderPermissions.Add(pair, (Permissions)row["IdPermission"]); } }
/// <summary> /// Initialize the permissions of the role from the given DataTable /// </summary> /// <param name="dataTable">the DataTable containing the permissions of the role</param> private void InitializePermissionsInformation(DataTable dataTable) { //Instantiate the role permissions dictionary _RolePermissions = new Dictionary <IndPair, Permissions>(new IndPairComparer()); //For each row in the table foreach (DataRow row in dataTable.Rows) { //Build the pair of module code and operation which will be the key of the dictionary IndPair pair = new IndPair(row["ModuleCode"].ToString(), (Operations)row["IdOperation"]); //Add the key-value pair to the dictionary (the value is the permission) _RolePermissions.Add(pair, (Permissions)row["IdPermission"]); } }