/// <summary>
/// Multiple steps. 1) gets PIPoints fo the Server
/// 2) Checks AFSecurity, for admin access and removes ability to import.
/// 3) Initializes Database and EventFrameFindCtrl.
/// </summary>
private void initializeAfServerPicker()
{
PISystem sys = afServerPicker.PISystem; //PI System != AF Server
_curServer = sys.Name;
PIServer serv = PIServer.FindPIServer(sys, sys.Name);
List <PIPoint> piPoints = control.getPIPoints(sys, serv);
avcPIPoints.AFSetObject(piPoints, afDatabasePicker1.AFDatabase, null, null);
// Decides if you can import or not. Hides the UI. //TODO: Check
AFSecurity security = sys.Security;
if (security.HasAdmin)
{
isAdministrator = true;
InformationDirectionPanel.Visible = true;
}
else
{
InformationDirectionPanel.Visible = false;
}
if (_curDatabase == null)
{
afDatabasePicker1.SetAFDatabase(sys.Databases[1], sys.Databases[1]);
afEventFrameFindCtrl.Database = afDatabasePicker1.AFDatabase;
}
}
public void CheckMinimumAFSecurity()
{
using (var fixture = new AFFixture())
{
var system = fixture.PISystem;
Assert.True(system.UOMDatabase.Security.CanWrite, "The current user must have Write permission on the UOMDatabase.");
foreach (var securityItem in Enum.GetValues(typeof(AFSecurityItem)))
{
var security = system.GetSecurity((AFSecurityItem)securityItem);
switch (securityItem)
{
case AFSecurityItem.AnalysisTemplate:
case AFSecurityItem.Category:
case AFSecurityItem.Database:
case AFSecurityItem.EnumerationSet:
case AFSecurityItem.NotificationContactTemplate:
case AFSecurityItem.NotificationRuleTemplate:
case AFSecurityItem.Table:
Assert.True(security.CanRead &&
security.CanWrite &&
security.CanDelete, "The current user must have Read, Write, and Delete permission to the following System collections:\n" +
"\tAnalysis Templates\n" +
"\tCategories\n" +
"\tDatabases\n" +
"\tEnumeration Sets\n" +
"\tNotification Contact Templates\n" +
"\tNotification Rule Templates\n" +
"\tTables");
break;
case AFSecurityItem.EventFrame:
case AFSecurityItem.Transfer:
Assert.True(security.CanReadData &&
security.CanWriteData &&
security.CanDelete &&
security.CanAnnotate, "The current user must have Read Data, Write Data, Annotate, and Delete permission to the following System collections:\n" +
"\tEvent Frames\n" +
"\tTransfers");
break;
case AFSecurityItem.Analysis:
Assert.True(security.CanRead &&
security.CanWrite &&
security.CanDelete &&
security.CanExecute, "The current user must have Read, Write, Execute, and Delete permission to the Analyses System collection.");
break;
case AFSecurityItem.Element:
case AFSecurityItem.ElementTemplate:
Assert.True(security.CanRead &&
security.CanReadData &&
security.CanWrite &&
security.CanWriteData &&
security.CanDelete, "The current user must have Read, Write, Read Data, Write Data, and Delete permission to the following System collections:\n" +
"\tElements\n" +
"\tElement Templates");
var identities = system.CurrentUserIdentities;
var instancedSystem = fixture.GetInstancedSystem();
if ((AFSecurityItem)securityItem == AFSecurityItem.Element)
{
Assert.True(security.CanAnnotate, "The current user must have Annotate permission to the Elements System collection.");
}
else
{
var elementTemplateToken = instancedSystem.GetSecurity(AFSecurityItem.ElementTemplate).Token;
elementTemplateToken.SecurityItem = AFSecurityItem.EventFrame;
var tokens = new List <AFSecurityRightsToken>()
{
elementTemplateToken
};
var dict = AFSecurity.CheckSecurity(instancedSystem, identities, tokens);
Assert.True(dict[elementTemplateToken.ObjectId].CanAnnotate(), "The current user must have Annotate permission to the Element Templates System collection.");
}
instancedSystem.Disconnect();
break;
case AFSecurityItem.NotificationRule:
Assert.True(security.CanRead &&
security.CanWrite &&
security.CanDelete &&
security.CanSubscribe, "The current user must have Read, Write, Subscribe, and Delete permission to the Notification Rules System collection.");
break;
}
}
}
}
