public bool CanRead(FileEntry entry, Guid userId) { if (entry.FileEntryType == FileEntryType.Folder) { return(false); } if (!CRMSecurity.IsAvailableForUser(userId)) { return(false); } using (var scope = DIHelper.Resolve()) { var daoFactory = scope.Resolve <DaoFactory>(); var invoice = daoFactory.InvoiceDao.GetByFileId(Convert.ToInt32(entry.ID)); if (invoice != null) { return(CRMSecurity.CanAccessTo(invoice, userId)); } var reportFile = daoFactory.ReportDao.GetFile(Convert.ToInt32(entry.ID), userId); if (reportFile != null) { return(CRMSecurity.IsAdministrator(userId)); } using (var tagDao = FilesIntegration.GetTagDao()) { var eventIds = tagDao.GetTags(entry.ID, FileEntryType.File, TagType.System) .Where(x => x.TagName.StartsWith("RelationshipEvent_")) .Select(x => Convert.ToInt32(x.TagName.Split(new[] { '_' })[1])) .ToList(); if (!eventIds.Any()) { return(false); } var eventItem = daoFactory.RelationshipEventDao.GetByID(eventIds.First()); return(CRMSecurity.CanAccessTo(eventItem, userId)); } } }
public bool CanEdit(FileEntry entry, Guid userId) { return (CanRead(entry, userId) && entry.CreateBy == userId || entry.ModifiedBy == userId || CRMSecurity.IsAdministrator(userId)); }
public bool CanEdit(FileEntry file, Guid userId) { return(file.CreateBy == userId || file.ModifiedBy == userId || CRMSecurity.IsAdministrator(userId)); }