/// <summary> /// The users permission group. Default, and assigned to all persons. /// </summary> public Users() { Name("Users"); Default(); CanEditMembershipOf(); HasAccessLevel(ChainOfCommandLevels.Self); HasChainOfCommand(ChainsOfCommand.Main) .CanReturn(PropertySelector.SelectPropertiesFrom <Entities.Person>( x => x.Id, x => x.LastName, x => x.FirstName, x => x.MiddleName, x => x.Suffix, x => x.Remarks, x => x.Supervisor, x => x.WorkCenter, x => x.WorkRoom, x => x.Shift, x => x.CurrentMusterRecord, x => x.EmergencyContactInstructions, x => x.Division, x => x.Department, x => x.Command, x => x.Paygrade, x => x.UIC, x => x.Designation, x => x.Sex, x => x.WatchQualifications, x => x.SubscribedEvents, x => x.GTCTrainingDate, x => x.HasCompletedAWARE, x => x.ADAMSTrainingDate, x => x.BilletAssignment, x => x.WatchAssignments, x => x.PhoneNumbers)) .And.CanReturn(PropertySelector.SelectPropertiesFrom <Entities.Person>( x => x.Id, x => x.LastName, x => x.FirstName, x => x.MiddleName, x => x.SSN, x => x.Suffix, x => x.DateOfBirth, x => x.Sex, x => x.Remarks, x => x.Ethnicity, x => x.ReligiousPreference, x => x.Paygrade, x => x.Designation, x => x.Division, x => x.Department, x => x.Command, x => x.PrimaryNEC, x => x.SecondaryNECs, x => x.Supervisor, x => x.WorkCenter, x => x.WorkRoom, x => x.Shift, x => x.WorkRemarks, x => x.DutyStatus, x => x.UIC, x => x.DateOfArrival, x => x.JobTitle, x => x.EAOS, x => x.PRD, x => x.DateOfDeparture, x => x.CurrentMusterRecord, x => x.EmailAddresses, x => x.PhoneNumbers, x => x.PhysicalAddresses, x => x.EmergencyContactInstructions, x => x.ContactRemarks, x => x.IsClaimed, x => x.Username, x => x.PermissionGroupNames, x => x.AccountHistory, x => x.Changes, x => x.UserPreferences, x => x.DoDId)) .IfSelf() .And.CanEdit(PropertySelector.SelectPropertiesFrom <Entities.Person>( x => x.LastName, x => x.FirstName, x => x.MiddleName, x => x.Suffix, x => x.ReligiousPreference, x => x.CurrentMusterRecord, x => x.EmailAddresses, x => x.PhoneNumbers, x => x.PhysicalAddresses, x => x.EmergencyContactInstructions, x => x.ContactRemarks, x => x.UserPreferences, x => x.SubscribedEvents)) .IfSelf(); }
/// <summary> /// The Command Leadership permission group. For the top leadership in the command. /// </summary> public CommandLeadership() { CanAccessSubModules(SubModules.AdminTools, SubModules.CreatePerson); CanEditMembershipOf(typeof(Users), typeof(DivisionLeadership), typeof(DepartmentLeadership), typeof(Admin), typeof(CommandLeadership), typeof(DivisionMuster), typeof(DepartmentMuster), typeof(CommandMuster)); HasAccessLevel(ChainOfCommandLevels.Command); HasChainOfCommand(ChainsOfCommand.Main) .CanReturn(PropertySelector.SelectPropertiesFrom <Entities.Person>( x => x.DateOfBirth, x => x.Ethnicity, x => x.ReligiousPreference, x => x.PrimaryNEC, x => x.SecondaryNECs, x => x.WorkRemarks, x => x.DutyStatus, x => x.DateOfArrival, x => x.JobTitle, x => x.EAOS, x => x.PRD, x => x.DateOfDeparture, x => x.EmailAddresses, x => x.PhoneNumbers, x => x.PhysicalAddresses, x => x.ContactRemarks, x => x.IsClaimed, x => x.Username, x => x.PermissionGroupNames, x => x.AccountHistory, x => x.Changes, x => x.SSN, x => x.DoDId, x => x.BilletAssignment)) .IfInChainOfCommand() .And.CanEdit(PropertySelector.SelectPropertiesFrom <Entities.Person>( x => x.LastName, x => x.FirstName, x => x.MiddleName, x => x.Suffix, x => x.DateOfBirth, x => x.Sex, x => x.Remarks, x => x.Ethnicity, x => x.Paygrade, x => x.Designation, x => x.Division, x => x.Department, x => x.Supervisor, x => x.WorkCenter, x => x.WorkRoom, x => x.Shift, x => x.WorkRemarks, x => x.JobTitle, x => x.CurrentMusterRecord, x => x.EmailAddresses, x => x.PhoneNumbers, x => x.PhysicalAddresses, x => x.EmergencyContactInstructions, x => x.ContactRemarks, x => x.ReligiousPreference, x => x.Command, x => x.DutyStatus, x => x.UIC, x => x.PrimaryNEC, x => x.SecondaryNECs, x => x.EAOS, x => x.PRD, x => x.WatchQualifications, x => x.GTCTrainingDate, x => x.HasCompletedAWARE, x => x.ADAMSTrainingDate, x => x.BilletAssignment, x => x.DoDId, x => x.SubscribedEvents)) .IfInChainOfCommand(); HasChainOfCommand(ChainsOfCommand.Muster); HasChainOfCommand(ChainsOfCommand.QuarterdeckWatchbill); }
/// <summary> /// Gets this person's chain of command. /// </summary> /// <returns></returns> public virtual Dictionary <ChainsOfCommand, Dictionary <ChainOfCommandLevels, List <Person> > > GetChainOfCommand() { //Our result var result = new Dictionary <ChainsOfCommand, Dictionary <ChainOfCommandLevels, List <Person> > >(); //Populate the dictionary foreach (var chainOfCommand in Enum.GetValues(typeof(ChainsOfCommand)).Cast <ChainsOfCommand>()) { result.Add(chainOfCommand, new Dictionary <ChainOfCommandLevels, List <Person> >()); foreach (var level in Enum.GetValues(typeof(ChainOfCommandLevels)).Cast <ChainOfCommandLevels>()) { result[chainOfCommand].Add(level, new List <Person>()); } } var permissionGroupNamesProperty = PropertySelector.SelectPropertiesFrom <Person>(x => x.PermissionGroupNames).First(); foreach (var groupLevel in new[] { ChainOfCommandLevels.Command, ChainOfCommandLevels.Department, ChainOfCommandLevels.Division }) { var permissionGroups = Authorization.Groups.PermissionGroup.AllPermissionGroups .Where(x => x.AccessLevel == groupLevel) .ToList(); using (var session = DataProvider.CurrentSession) { var queryString = "from Person as person where ("; for (var x = 0; x < permissionGroups.Count(); x++) { queryString += $" '{permissionGroups[x].GroupName}' in elements(person.{permissionGroupNamesProperty.Name}) "; if (x + 1 != permissionGroups.Count) { queryString += " or "; } } queryString += " ) "; NHibernate.IQuery query; switch (groupLevel) { case ChainOfCommandLevels.Command: { if (this.Command == null) { continue; } queryString += " and person.Command = :command"; query = session.CreateQuery(queryString) .SetParameter("command", this.Command); break; } case ChainOfCommandLevels.Department: { if (this.Command == null || this.Department == null) { continue; } queryString += " and person.Command = :command and person.Department = :department"; query = session.CreateQuery(queryString) .SetParameter("command", this.Command) .SetParameter("department", this.Department); break; } case ChainOfCommandLevels.Division: { if (this.Command == null || this.Department == null || this.Division == null) { continue; } queryString += " and person.Command = :command and person.Department = :department and person.Division = :division"; query = session.CreateQuery(queryString) .SetParameter("command", this.Command) .SetParameter("department", this.Department) .SetParameter("division", this.Division); break; } default: { throw new NotImplementedException("Hit default in the chain of command switch."); } } var persons = query.List <Person>(); //Go through all the results. foreach (var person in persons) { //Collect the person's highest level permission in each chain of command. var highestLevels = new Dictionary <ChainsOfCommand, ChainOfCommandLevels>(); //Here, let's make sure to ignore the developers permission group and the admin permission group. foreach (var group in permissionGroups.Where(x => person.PermissionGroupNames.Contains(x.GroupName, StringComparer.CurrentCultureIgnoreCase))) { if (group.GetType() != typeof(Authorization.Groups.Definitions.Developers) && group.GetType() != typeof(Authorization.Groups.Definitions.Admin)) { foreach (var chainOfCommand in group.ChainsOfCommandParts) { //This is just a check to make sure we're doing this right. if (group.AccessLevel != groupLevel) { throw new Exception("During the GetChaindOfCommand check, we accessed a group level that was unintended."); } //Now here we need to ask "Is the person in the same access level as the person in question?" //Meaning, if the access level is division, are they in the same division? highestLevels[chainOfCommand.ChainOfCommand] = group.AccessLevel; } } } //Now just add them to the corresponding lists. foreach (var highestLevel in highestLevels) { result[highestLevel.Key][highestLevel.Value].Add(person); } } } } return(result); }