/// <summary>
/// Gets all views allowed by a specified user
/// Note: A view is allowed to a user if and only if:
/// 1. USR_ACCESS.UACC_ALLOWED is 1 for the view and user
/// OR
/// 2a. USR_ACCESS.UACC_ALLOWED is null for the view and user
/// AND
/// 2b. ROL_ACCESS.RACC_ALLOWED is 1 for the view and user's role
/// </summary>
/// <param name="userid">Id of the user</param>
/// <returns>DataTable with ONLY one column (VIE_ID) with all views allowed by the user</returns>
public static DataTable GetViewsAllowedByUser(int userid)
{
CmpSecurityDB cdb = new CmpSecurityDB();
CmpUsuarioDB udb = new CmpUsuarioDB();
// STEP 1: Get the role of the user
int roleid = udb.GetUserRole(userid);
// STEP 2: Get all the views associated by the role
DataTable dtViewsByRole = cdb.GetViewsByRole(roleid);
// STEP 3: Get all views associated by the user
DataTable dtViewsAllowedByUser = cdb.GetViewsByUser(userid, true);
// STEP 4: Get all views denied by the user
DataTable dtViewsDeniedByUser = cdb.GetViewsByUser(userid, false);
// STEP 5: Join all the current info in a new DataTable and return it...
DataTable dtRet = new DataTable("ViewsByUser");
dtRet.Columns.Add(new DataColumn("VIE_ID", Type.GetType("System.Int32")));
dtRet.Columns.Add(new DataColumn("VIE_LIT_ID", Type.GetType("System.Int32")));
// 5.1 All views allowed by user are allowed
foreach (DataRow dr in dtViewsAllowedByUser.Rows)
{
DataRow nrow = dtRet.NewRow();
nrow["VIE_ID"] = dr["UACC_VIE_ID"];
nrow["VIE_LIT_ID"] = dr["VIE_LIT_ID"];
dtRet.Rows.Add(nrow);
}
// 5.2 All views allowed by role AND not denied by user are also added
foreach (DataRow dr in dtViewsByRole.Rows)
{
string vieid = dr["RACC_VIE_ID"].ToString();
DataRow[] draSelected = dtViewsDeniedByUser.Select("UACC_VIE_ID = " + vieid);
if (draSelected != null && draSelected.Length > 0)
{
// 5.2.1 The view was not denied by the user...
DataRow[] draSelected2 = dtRet.Select("VIE_ID = " + vieid);
if (draSelected2 != null && draSelected2.Length > 0)
{
// 5.2.2 ... and was not previously added in dtRet, so we can add it
DataRow nrow = dtRet.NewRow();
nrow["VIE_ID"] = dr["RACC_VIE_ID"];
nrow["VIE_LIT_ID"] = dr["VIE_LIT_ID"];
dtRet.Rows.Add(nrow);
}
}
}
dtRet.AcceptChanges();
return(dtRet);
}
/// <summary>
/// Creates a new CmpUsuario with the info of a specified user
/// The user MUST exist in the database
/// </summary>
/// <param name="usrId"></param>
public CmpUsuario(int usrId)
{
DataTable dt = new CmpUsuarioDB().GetData(null, "USERS.USR_ID = @USERS.USR_ID@", null, new object[] { usrId });
if (dt.Rows.Count == 1)
{
DataRow dr = dt.Rows[0];
_id = Convert.ToInt32(dr["USR_ID"]);
_nombre = dr["USR_NAME"].ToString();
_apellido1 = dr["USR_SURNAME1"].ToString();
_apellido2 = dr["USR_SURNAME2"].ToString();
_login = dr["USR_LOGIN"].ToString();
_lanid = Convert.ToInt32(dr["USR_LAN_ID"]);
_rol = Convert.ToInt32(dr["USR_ROL_ID"]);
}
else
{
throw new System.Exception("CmpUsuario::<ctor>: Not found USER with login: " + usrId);
}
}
public static bool GetUserData(string login, out CmpUsuario usr)
{
CmpUsuarioDB udb = new CmpUsuarioDB();
DataSet ds = udb.GetUserData(login);
DataTable dt = ds.Tables[0];
usr = null;
if (dt.Rows.Count == 0)
{
return(false); // User not found, so login or password is incorrect!
}
usr = new CmpUsuario();
usr._id = Convert.ToInt32(dt.Rows[0]["USR_ID"]);
usr._login = dt.Rows[0]["USR_LOGIN"].ToString();
usr._nombre = dt.Rows[0]["USR_NAME"].ToString();
usr._apellido1 = dt.Rows[0]["USR_SURNAME1"].ToString();
usr._rol = Convert.ToInt32(dt.Rows[0]["USR_ROL_ID"]);
usr._password = dt.Rows[0]["USR_PASSWORD"].ToString();
usr._lanid = Convert.ToInt32(dt.Rows[0]["USR_LAN_ID"]);
return(true);
}
