///<summary></summary>
public static long Insert(GroupPermission gp)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
gp.GroupPermNum = Meth.GetLong(MethodBase.GetCurrentMethod(), gp);
return(gp.GroupPermNum);
}
if (gp.NewerDate.Year > 1880 && gp.NewerDays > 0)
{
throw new Exception(Lans.g("GroupPermissions", "Date or days can be set, but not both."));
}
if (!GroupPermissions.PermTakesDates(gp.PermType))
{
if (gp.NewerDate.Year > 1880 || gp.NewerDays > 0)
{
throw new Exception(Lans.g("GroupPermissions", "This type of permission may not have a date or days set."));
}
}
if (gp.PermType == Permissions.SecurityAdmin)
{
//Make sure there are no hidden users in the group that is about to get the Security Admin permission.
string command = "SELECT COUNT(*) FROM userod "
+ "INNER JOIN usergroupattach ON usergroupattach.UserNum=userod.UserNum "
+ "WHERE userod.IsHidden=1 "
+ "AND usergroupattach.UserGroupNum=" + gp.UserGroupNum;
int count = PIn.Int(Db.GetCount(command));
if (count != 0) //there are hidden users in this group
{
throw new Exception(Lans.g("FormSecurity", "The Security Admin permission cannot be given to a user group with hidden users."));
}
}
return(Crud.GroupPermissionCrud.Insert(gp));
}
///<summary>Returns true if at least one of the usergroups passed in has the SecurityAdmin permission.</summary>
public static bool IsAdminGroup(List <long> listUserGroupNums)
{
//No need to check RemotingRole; no call to db.
List <GroupPermission> listAdminPerms = GroupPermissions.GetWhere(x => x.PermType == Permissions.SecurityAdmin);
if (listUserGroupNums.Any(x => listAdminPerms.Select(y => y.UserGroupNum).Contains(x)))
{
return(true);
}
return(false);
}
///<summary>Used to check if user has permission to access the report. Pass in a list of DisplayReports to avoid a call to the db.</summary>
public static bool HasReportPermission(string reportName, Userod user, List <DisplayReport> listReports = null)
{
//No need to check RemotingRole; no call to db.
DisplayReport report = (listReports ?? DisplayReports.GetAll(false)).FirstOrDefault(x => x.InternalName == reportName);
if (report == null) //Report is probably hidden.
{
return(false);
}
List <GroupPermission> listReportPermissions = GroupPermissions.GetPermsForReports();
if (listReportPermissions.Exists(x => x.FKey == report.DisplayReportNum && Userods.IsInUserGroup(user.UserNum, x.UserGroupNum)))
{
return(true);
}
return(false);
}
///<summary>Returns the Date that the user is restricted to for the passed-in PermType.
///Returns MinVal if the user is not restricted or does not have the permission.</summary>
private static DateTime GetDateLimit(Permissions permType, List <long> listUserGroupNums)
{
//No need to check RemotingRole; no call to db.
DateTime nowDate = DateTime.MinValue;
Func <DateTime> getNowDate = new Func <DateTime>(() => {
if (nowDate.Year < 1880)
{
nowDate = MiscData.GetNowDateTime().Date;
}
return(nowDate);
});
DateTime retVal = DateTime.MinValue;
List <GroupPermission> listGroupPerms = GroupPermissions.GetForUserGroups(listUserGroupNums, permType);
//get the permission that applies
GroupPermission perm = listGroupPerms.OrderBy((GroupPermission y) => {
if (y.NewerDays == 0 && y.NewerDate == DateTime.MinValue)
{
return(DateTime.MinValue);
}
if (y.NewerDays == 0)
{
return(y.NewerDate);
}
return(getNowDate().AddDays(-y.NewerDays));
}).FirstOrDefault();
if (perm == null)
{
//do not change retVal. The user does not have the permission.
}
else if (perm.NewerDate.Year < 1880 && perm.NewerDays == 0)
{
//do not change retVal. The user is not restricted by date.
}
else if (perm.NewerDate.Year > 1880)
{
retVal = perm.NewerDate;
}
else if (getNowDate().AddDays(-perm.NewerDays) > retVal)
{
retVal = getNowDate().AddDays(-perm.NewerDays);
}
return(retVal);
}
///<summary></summary>
public static void Update(GroupPermission gp)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
Meth.GetVoid(MethodBase.GetCurrentMethod(), gp);
return;
}
if (gp.NewerDate.Year > 1880 && gp.NewerDays > 0)
{
throw new Exception(Lans.g("GroupPermissions", "Date or days can be set, but not both."));
}
if (!GroupPermissions.PermTakesDates(gp.PermType))
{
if (gp.NewerDate.Year > 1880 || gp.NewerDays > 0)
{
throw new Exception(Lans.g("GroupPermissions", "This type of permission may not have a date or days set."));
}
}
Crud.GroupPermissionCrud.Update(gp);
}
///<summary>If ClientWeb, then this method is instead run on the server, and the result passed back to the client. And since it's ClientWeb, FillCache will be run on the client.</summary>
public static DataSet GetCacheDs(bool doRefreshServerCache, params InvalidType[] arrayITypes)
{
if (RemotingClient.RemotingRole == RemotingRole.ClientWeb)
{
return(Meth.GetDS(MethodBase.GetCurrentMethod(), doRefreshServerCache, arrayITypes));
}
Logger.LogToPath("", LogPath.Signals, LogPhase.Start, "InvalidType(s): " + string.Join(" - ", arrayITypes.OrderBy(x => x.ToString())));
List <InvalidType> listITypes = arrayITypes.ToList();
//so this part below only happens if direct or server------------------------------------------------
bool isAll = false;
if (listITypes.Contains(InvalidType.AllLocal))
{
isAll = true;
}
DataSet ds = new DataSet();
//All Internal OD Tables that are cached go here
if (PrefC.IsODHQ)
{
if (listITypes.Contains(InvalidType.JobPermission) || isAll)
{
ds.Tables.Add(JobPermissions.RefreshCache());
}
if (listITypes.Contains(InvalidType.PhoneComps) || isAll)
{
ds.Tables.Add(PhoneComps.GetTableFromCache(doRefreshServerCache));
}
}
//All cached public tables go here
if (listITypes.Contains(InvalidType.AccountingAutoPays) || isAll)
{
ds.Tables.Add(AccountingAutoPays.GetTableFromCache(doRefreshServerCache));
}
//if(listITypes.Contains(InvalidType.AlertItems) || isAll) {//THIS IS NOT CACHED. But is used to make server run the alert logic in OpenDentalService.
// ds.Tables.Add(AlertItems.RefreshCache());
//}
if (listITypes.Contains(InvalidType.AlertCategories) || isAll)
{
ds.Tables.Add(AlertCategories.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.AlertCategoryLinks) || isAll)
{
ds.Tables.Add(AlertCategoryLinks.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.AppointmentTypes) || isAll)
{
ds.Tables.Add(AppointmentTypes.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.AutoCodes) || isAll)
{
ds.Tables.Add(AutoCodes.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(AutoCodeItems.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(AutoCodeConds.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Automation) || isAll)
{
ds.Tables.Add(Automations.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.AutoNotes) || isAll)
{
ds.Tables.Add(AutoNotes.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(AutoNoteControls.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Carriers) || isAll)
{
ds.Tables.Add(Carriers.GetTableFromCache(doRefreshServerCache)); //run on startup, after telephone reformat, after list edit.
}
if (listITypes.Contains(InvalidType.ClaimForms) || isAll)
{
ds.Tables.Add(ClaimFormItems.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ClaimForms.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ClearHouses) || isAll)
{
ds.Tables.Add(Clearinghouses.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ClinicErxs) || isAll)
{
ds.Tables.Add(ClinicErxs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ClinicPrefs) || isAll)
{
ds.Tables.Add(ClinicPrefs.GetTableFromCache(doRefreshServerCache));
}
//InvalidType.Clinics see InvalidType.Providers
if (listITypes.Contains(InvalidType.Computers) || isAll)
{
ds.Tables.Add(Computers.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(Printers.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Defs) || isAll)
{
ds.Tables.Add(Defs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.DentalSchools) || isAll)
{
ds.Tables.Add(SchoolClasses.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(SchoolCourses.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.DictCustoms) || isAll)
{
ds.Tables.Add(DictCustoms.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Diseases) || isAll)
{
ds.Tables.Add(DiseaseDefs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ICD9s.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.DisplayFields) || isAll)
{
ds.Tables.Add(DisplayFields.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.DisplayReports) || isAll)
{
ds.Tables.Add(DisplayReports.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Ebills) || isAll)
{
ds.Tables.Add(Ebills.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.EhrCodes))
{
EhrCodes.UpdateList(); //Unusual pattern for an unusual "table". Not really a table, but a mishmash of hard coded partial code systems that are needed for CQMs.
}
if (listITypes.Contains(InvalidType.ElectIDs) || isAll)
{
ds.Tables.Add(ElectIDs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Email) || isAll)
{
ds.Tables.Add(EmailAddresses.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(EmailTemplates.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(EmailAutographs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Employees) || isAll)
{
ds.Tables.Add(Employees.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(PayPeriods.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Employers) || isAll)
{
ds.Tables.Add(Employers.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Fees) || isAll)
{
//Fee Cache follows an unusual pattern. This fills the cache with the HQ fees, and whatever clinics happen to be currently cached.
ds.Tables.Add(Fees.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.FeeScheds) || isAll)
{
ds.Tables.Add(FeeScheds.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.HL7Defs) || isAll)
{
ds.Tables.Add(HL7Defs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(HL7DefMessages.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(HL7DefSegments.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(HL7DefFields.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.InsCats) || isAll)
{
ds.Tables.Add(CovCats.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(CovSpans.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.InsFilingCodes) || isAll)
{
ds.Tables.Add(InsFilingCodes.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(InsFilingCodeSubtypes.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Languages) || isAll)
{
if (CultureInfo.CurrentCulture.Name != "en-US")
{
ds.Tables.Add(Lans.GetTableFromCache(doRefreshServerCache));
}
}
if (listITypes.Contains(InvalidType.Letters) || isAll)
{
ds.Tables.Add(Letters.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.LetterMerge) || isAll)
{
ds.Tables.Add(LetterMergeFields.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(LetterMerges.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Medications) || isAll)
{
ds.Tables.Add(Medications.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Operatories) || isAll)
{
ds.Tables.Add(Operatories.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.OrthoChartTabs) || isAll)
{
ds.Tables.Add(OrthoChartTabs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(OrthoChartTabLinks.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.PatFields) || isAll)
{
ds.Tables.Add(PatFieldDefs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ApptFieldDefs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Pharmacies) || isAll)
{
ds.Tables.Add(Pharmacies.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Prefs) || isAll)
{
ds.Tables.Add(Prefs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ProcButtons) || isAll)
{
ds.Tables.Add(ProcButtons.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ProcButtonItems.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ProcCodes) || isAll)
{
ds.Tables.Add(ProcedureCodes.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ProcCodeNotes.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Programs) || isAll)
{
ds.Tables.Add(Programs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ProgramProperties.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ProviderErxs) || isAll)
{
ds.Tables.Add(ProviderErxs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ProviderIdents) || isAll)
{
ds.Tables.Add(ProviderIdents.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Providers) || isAll)
{
ds.Tables.Add(Providers.GetTableFromCache(doRefreshServerCache));
//Refresh the clinics as well because InvalidType.Providers has a comment that says "also includes clinics". Also, there currently isn't an itype for Clinics.
ds.Tables.Add(Clinics.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.QuickPaste) || isAll)
{
ds.Tables.Add(QuickPasteNotes.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(QuickPasteCats.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.RecallTypes) || isAll)
{
ds.Tables.Add(RecallTypes.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(RecallTriggers.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ReplicationServers) || isAll)
{
ds.Tables.Add(ReplicationServers.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.RequiredFields) || isAll)
{
ds.Tables.Add(RequiredFields.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(RequiredFieldConditions.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Security) || isAll)
{
ds.Tables.Add(Userods.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(UserGroups.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(GroupPermissions.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(UserGroupAttaches.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Sheets) || isAll)
{
ds.Tables.Add(SheetDefs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(SheetFieldDefs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.SigMessages) || isAll)
{
ds.Tables.Add(SigElementDefs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(SigButDefs.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Sites) || isAll)
{
ds.Tables.Add(Sites.GetTableFromCache(doRefreshServerCache));
if (PrefC.IsODHQ)
{
ds.Tables.Add(SiteLinks.GetTableFromCache(doRefreshServerCache));
}
}
if (listITypes.Contains(InvalidType.SmsBlockPhones) || isAll)
{
ds.Tables.Add(SmsBlockPhones.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.SmsPhones) || isAll)
{
ds.Tables.Add(SmsPhones.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Sops) || isAll) //InvalidType.Sops is currently never used 11/14/2014
{
ds.Tables.Add(Sops.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.StateAbbrs) || isAll)
{
ds.Tables.Add(StateAbbrs.GetTableFromCache(doRefreshServerCache));
}
//InvalidTypes.Tasks not handled here.
if (listITypes.Contains(InvalidType.TimeCardRules) || isAll)
{
ds.Tables.Add(TimeCardRules.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.ToolBut) || isAll)
{
ds.Tables.Add(ToolButItems.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.UserClinics) || isAll)
{
ds.Tables.Add(UserClinics.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.UserQueries) || isAll)
{
ds.Tables.Add(UserQueries.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Vaccines) || isAll)
{
ds.Tables.Add(VaccineDefs.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(DrugManufacturers.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(DrugUnits.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Views) || isAll)
{
ds.Tables.Add(ApptViews.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ApptViewItems.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(AppointmentRules.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(ProcApptColors.GetTableFromCache(doRefreshServerCache));
}
if (listITypes.Contains(InvalidType.Wiki) || isAll)
{
ds.Tables.Add(WikiListHeaderWidths.GetTableFromCache(doRefreshServerCache));
ds.Tables.Add(WikiPages.RefreshCache());
}
if (listITypes.Contains(InvalidType.ZipCodes) || isAll)
{
ds.Tables.Add(ZipCodes.GetTableFromCache(doRefreshServerCache));
}
Logger.LogToPath("", LogPath.Signals, LogPhase.End);
return(ds);
}
protected override void FillCacheIfNeeded()
{
GroupPermissions.GetTableFromCache(false);
}
///<summary>Surrond with Try/Catch. Error messages will be thrown to caller.</summary>
public static bool IsGlobalDateLock(Permissions perm, DateTime date, bool isSilent = false, long codeNum = 0, double procFee = -1, long sheetDefNum = 0)
{
if (!(new[] {
Permissions.AdjustmentCreate
, Permissions.AdjustmentEdit
, Permissions.PaymentCreate
, Permissions.PaymentEdit
, Permissions.ProcComplCreate
, Permissions.ProcComplEdit
, Permissions.ProcExistingEdit
//,Permissions.ProcComplEditLimited
//,Permissions.ImageDelete
, Permissions.InsPayCreate
, Permissions.InsPayEdit
//,Permissions.InsWriteOffEdit//per Nathan 7/5/2016 this should not be affected by the global date lock
, Permissions.SheetEdit
, Permissions.SheetDelete
, Permissions.CommlogEdit
//,Permissions.ClaimDelete //per Nathan 01/18/2018 this should not be affected by the global date lock
, Permissions.PayPlanEdit
//,Permissions.ClaimHistoryEdit //per Nathan & Mark 03/01/2018 this should not be affected by the global lock date, not financial data.
}).Contains(perm))
{
return(false); //permission being checked is not affected by global lock date.
}
if (date.Year == 1)
{
return(false); //Invalid or MinDate passed in.
}
if (!PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) && GroupPermissions.HasPermission(Security.CurUser, Permissions.SecurityAdmin, 0))
{
return(false); //admins are never affected by global date limitation when preference is false.
}
if (perm.In(Permissions.ProcComplCreate, Permissions.ProcComplEdit, Permissions.ProcExistingEdit) &&
ProcedureCodes.CanBypassLockDate(codeNum, procFee))
{
return(false);
}
if (perm.In(Permissions.SheetEdit, Permissions.SheetDelete) && sheetDefNum > 0 && SheetDefs.CanBypassLockDate(sheetDefNum))
{
return(false);
}
//If global lock is Date based.
if (date <= PrefC.GetDate(PrefName.SecurityLockDate))
{
if (!isSilent)
{
MessageBox.Show(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetDate(PrefName.SecurityLockDate).ToShortDateString());
}
return(true);
}
//If global lock is days based.
int lockDays = PrefC.GetInt(PrefName.SecurityLockDays);
if (lockDays > 0 && date <= DateTime.Today.AddDays(-lockDays))
{
if (!isSilent)
{
MessageBox.Show(Lans.g("Security", "Locked by Administrator before ") + lockDays.ToString() + " days.");
}
return(true);
}
return(false);
}
///<summary>Will throw an error if not authorized and message not suppressed.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, bool suppressLockDateMessage, Userod curUser,
long procCodeNum, double procFee, long sheetDefNum, long fKey)
{
//No need to check RemotingRole; no call to db.
date = date.Date; //Remove the time portion of date so we can compare strictly as a date later.
//Check eConnector permission first.
if (IsValidEServicePermission(perm))
{
return(true);
}
if (!GroupPermissions.HasPermission(curUser, perm, fKey))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized.") + "\r\n"
+ Lans.g("Security", "A user with the SecurityAdmin permission must grant you access for") + ":\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefC.GetDate(PrefName.AccountingLockDate))
{
if (!suppressMessage && !suppressLockDateMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator."));
}
return(false);
}
}
//Check the global security lock------------------------------------------------------------------------------------
if (IsGlobalDateLock(perm, date, suppressMessage || suppressLockDateMessage, procCodeNum, procFee, sheetDefNum))
{
return(false);
}
//Check date/days limits on individual permission----------------------------------------------------------------
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
//Include CEMT users, as a CEMT user could be logged in when this is checked.
DateTime dateLimit = GetDateLimit(perm, curUser.GetGroups(true).Select(x => x.UserGroupNum).ToList());
if (date > dateLimit) //authorized
{
return(true);
}
//Prevents certain bugs when 1/1/1 dates are passed in and compared----------------------------------------------
//Handling of min dates. There might be others, but we have to handle them individually to avoid introduction of bugs.
if (perm == Permissions.ClaimDelete || //older versions did not have SecDateEntry
perm == Permissions.ClaimSentEdit || //no date sent was entered before setting claim received
perm == Permissions.ProcComplEdit || //a completed procedure with a min date.
perm == Permissions.ProcComplEditLimited || //because ProcComplEdit was in this list
perm == Permissions.ProcExistingEdit || //a completed EO or EC procedure with a min date.
perm == Permissions.InsPayEdit || //a claim payment with no date.
perm == Permissions.InsWriteOffEdit || //older versions did not have SecDateEntry or DateEntryC
perm == Permissions.TreatPlanEdit ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.CommlogEdit || //usually from a conversion
perm == Permissions.ProcDelete || //because older versions did not set the DateEntryC.
perm == Permissions.ImageDelete || //In case an image has a creation date of DateTime.MinVal.
perm == Permissions.PerioEdit || //In case perio chart exam has a creation date of DateTime.MinValue.
perm == Permissions.PreAuthSentEdit) //older versions did not have SecDateEntry
{
if (date.Year < 1880 && dateLimit.Year < 1880)
{
return(true);
}
}
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lans.g("Security", "Date limitation"));
}
return(false);
}
///<summary>Checks to see if current user is authorized. It also checks any date restrictions. If not authorized, it gives a Message box saying so and returns false.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, bool suppressLockDateMessage, long procCodeNum,
double procCodeFee, long sheetDefNum, long fKey)
{
//No need to check RemotingRole; no call to db.
if (Security.CurUser == null)
{
if (!suppressMessage)
{
MessageBox.Show(Lans.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
try {
return(IsAuthorized(perm, date, suppressMessage, suppressLockDateMessage, curUser, procCodeNum, procCodeFee, sheetDefNum, fKey));
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return(false);
}
}
///<summary>Will throw an error if not authorized and message not suppressed.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, long userGroupNum)
{
//No need to check RemotingRole; no call to db.
if (!GroupPermissions.HasPermission(userGroupNum, perm))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefC.GetDate(PrefName.AccountingLockDate))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator."));
}
return(false);
}
}
//Check the global security lock------------------------------------------------------------------------------------
//the list below is NOT the list of permissions that take dates. See GroupPermissions.PermTakesDates().
if (perm == Permissions.AdjustmentCreate ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.PaymentCreate ||
perm == Permissions.PaymentEdit ||
perm == Permissions.ProcComplCreate ||
perm == Permissions.ProcComplEdit
//|| perm==Permissions.ImageDelete
|| perm == Permissions.InsPayCreate ||
perm == Permissions.InsPayEdit ||
perm == Permissions.SheetEdit ||
perm == Permissions.CommlogEdit
)
{
//If the global lock is date-based:
if (date.Year > 1 && //if a valid date was passed in
date <= PrefC.GetDate(PrefName.SecurityLockDate)) //and that date is earlier than the lock
{
if (PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) || //if admins are locked out too
!GroupPermissions.HasPermission(userGroupNum, Permissions.SecurityAdmin)) //or is not an admin
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetDate(PrefName.SecurityLockDate).ToShortDateString());
}
return(false);
}
}
//If the global lock is days-based:
if (date.Year > 1 && //if a valid date was passed in
PrefC.GetInt(PrefName.SecurityLockDays) > 0 &&
date <= DateTime.Today.AddDays(-PrefC.GetInt(PrefName.SecurityLockDays))) //and that date is earlier than the lock
{
if (PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) || //if admins are locked out too
!GroupPermissions.HasPermission(userGroupNum, Permissions.SecurityAdmin)) //or is not an admin
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetInt(PrefName.SecurityLockDays).ToString() + " days.");
}
return(false);
}
}
}
//Check date/days limits on individual permission----------------------------------------------------------------
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
DateTime dateLimit = GetDateLimit(perm, userGroupNum);
if (date > dateLimit) //authorized
{
return(true);
}
//Prevents certain bugs when 1/1/1 dates are passed in and compared----------------------------------------------
//Handling of min dates. There might be others, but we have to handle them individually to avoid introduction of bugs.
if (perm == Permissions.ClaimSentEdit || //no date sent was entered before setting claim received
perm == Permissions.ProcComplEdit || //a completed procedure with a min date.
perm == Permissions.InsPayEdit || //a claim payment with no date.
perm == Permissions.TreatPlanEdit ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.CommlogEdit || //usually from a conversion
perm == Permissions.ProcDelete) //because older versions did not set the DateEntryC.
{
if (date.Year < 1880 && dateLimit.Year < 1880)
{
return(true);
}
}
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lans.g("Security", "Date limitation"));
}
return(false);
}
///<summary>Returns the Date that the user is restricted to for the passed-in PermType.
///Returns MinVal if the user is not restricted or does not have the permission.</summary>
private static DateTime GetDateLimit(Permissions permType, List <long> listUserGroupNums)
{
//No need to check RemotingRole; no call to db.
return(GroupPermissions.GetDateRestrictedForPermission(permType, listUserGroupNums));
}
