protected DataSet gridUsers_OnDataReload(string completeWhere, string currentOrder, int currentTopN, string columns, int currentOffset, int currentPageSize, ref int totalRecords) { object[,] searchParams = new object[2, 3]; searchParams[0, 0] = "@search"; searchParams[0, 1] = "%" + txtSearch.Text + "%"; searchParams[1, 0] = "@siteID"; searchParams[1, 1] = CMSContext.CurrentSite.SiteID; string where = "UserName NOT LIKE N'public'"; // If user is not global administrator and control is in LiveSite mode if (IsLiveSite && !CMSContext.CurrentUser.IsGlobalAdministrator) { // Do not select hidden users where = SqlHelperClass.AddWhereCondition(where, "((UserIsHidden IS NULL) OR (UserIsHidden=0))"); // Select only approved users where = SqlHelperClass.AddWhereCondition(where, "((UserWaitingForApproval IS NULL) OR (UserWaitingForApproval = 0))"); // Select only enabled users where = SqlHelperClass.AddWhereCondition(where, UserInfoProvider.USER_ENABLED_WHERE_CONDITION); } // Load all users for current site if (CMSContext.CurrentSite != null) { // Public user has no actions if (CMSContext.CurrentUser.IsPublic()) { gridUsers.GridView.Columns[0].Visible = false; } } return(ConnectionHelper.ExecuteQuery("cms.user.finduserinsite", QueryDataParameters.FromArray(searchParams), where, "UserName ASC", currentTopN, "View_CMS_User.UserID,UserName,UserNickName,FullName", currentOffset, currentPageSize, ref totalRecords)); }
/// <summary> /// Build list where condition. /// </summary> string ucTaskList_BuildCondition(object sender, string whereCondition) { // Keep current user CurrentUserInfo currentUser = CMSContext.CurrentUser; // Switch by display type switch (this.TasksDisplayType) { // Tasks owned by me case TasksDisplayTypeEnum.TasksOwnedByMe: whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, "ProjectTaskOwnerID = " + currentUser.UserID); break; // Tasks assigned to me case TasksDisplayTypeEnum.TasksAssignedToMe: whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, "ProjectTaskAssignedToUserID = " + currentUser.UserID); break; // Project tasks case TasksDisplayTypeEnum.ProjectTasks: // Check whether project names are defined if (!String.IsNullOrEmpty(ProjectNames)) { string condition = SqlHelperClass.GetSafeQueryString(ProjectNames, false); condition = "N'" + condition.Replace(";", "',N'") + "'"; // Add condition for specified projects condition = "ProjectTaskProjectID IN (SELECT ProjectID FROM PM_Project WHERE ProjectName IN (" + condition + "))"; // Add condition for private task, only if current user isn't project management admin if (!currentUser.IsAuthorizedPerResource("CMS.ProjectManagement", CMSAdminControl.PERMISSION_MANAGE)) { condition = SqlHelperClass.AddWhereCondition(condition, "(ProjectTaskIsPrivate = 0 OR ProjectTaskIsPrivate IS NULL) OR (ProjectTaskOwnerID = " + currentUser.UserID + " OR ProjectTaskAssignedToUserID = " + currentUser.UserID + " OR ProjectOwner = " + currentUser.UserID + ")"); } // Complete where condition whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, condition); } // If project names aren't defined do nothing else { whereCondition = "(1=2)"; } break; } // Do not dsiplay finished tasks if (!ShowFinishedTasks) { whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, "TaskStatusIsFinished = 0"); } // Do not display on time tasks if (!ShowOnTimeTasks) { whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, "((ProjectTaskDeadline < @Now) OR (ProjectTaskDeadline IS NULL))"); } // Do not display overdue tasks if (!ShowOverdueTasks) { whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, "((ProjectTaskDeadline > @Now) OR (ProjectTaskDeadline IS NULL))"); } // Do not display private tasks if (!ShowPrivateTasks) { whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, "ProjectTaskIsPrivate = 0"); } // Task assigned to me, Task owned by me webparts object[,] projectParameters = null; if ((!ShowOnTimeTasks) || (!ShowOverdueTasks)) { projectParameters = new object[1, 3]; projectParameters[0, 0] = "@Now"; projectParameters[0, 1] = DateTime.Now; this.ucTaskList.Grid.QueryParameters = QueryDataParameters.FromArray(projectParameters); } // Add security condition - display only tasks which are assigned or owned by the current user or which are a part of a project where the current user is authorised to Read from whereCondition = SqlHelperClass.AddWhereCondition(whereCondition, ProjectTaskInfoProvider.CombineSecurityWhereCondition(whereCondition, currentUser, SiteName)); return(whereCondition); }