protected override void beforeWriteNodeLogic(bool Creating, bool OverrideUniqueValidation)
{
if (_CswNbtResources.Modules.IsModuleEnabled(CswEnumNbtModuleName.CISPro) &&
Location.wasAnySubFieldModified() &&
_CswNbtResources.EditMode != CswEnumNbtNodeEditMode.Add)
{
CswNbtNodePropWrapper LocationWrapper = Node.Properties[PropertyName.Location];
string PrevLocationId = LocationWrapper.GetOriginalPropRowValue(((CswNbtFieldTypeRuleLocation)_CswNbtResources.MetaData.getFieldTypeRule(LocationWrapper.getFieldTypeValue())).NodeIdSubField.Column);
CswPrimaryKey PrevLocationPk = null;
CswPrimaryKey CurrLocationPk = null;
if (false == String.IsNullOrEmpty(PrevLocationId))
{
PrevLocationPk = new CswPrimaryKey("nodes", CswConvert.ToInt32(PrevLocationId));
}
if (null != Location.SelectedNodeId)
{
CurrLocationPk = Location.SelectedNodeId;
}
if (PrevLocationPk != null && PrevLocationPk != CurrLocationPk)
{
//Case 26849 - Executing even if one of the locations is Top or null so that the other location can still be updated
CswNbtBatchOpInventoryLevels BatchOp = new CswNbtBatchOpInventoryLevels(_CswNbtResources);
BatchOp.makeBatchOp(PrevLocationPk, CurrLocationPk);
}
}
//Case 27495 - Sites can only be at "Top"
if (NodeType.NodeTypeName == "Site")
{
Location.SelectedNodeId = null;
Location.RefreshNodeName();
Location.SyncGestalt();
}
}//beforeWriteNode()
//afterWriteNode()
protected override void beforeDeleteNodeLogic()
{
//prevent user from deleting their own user
if (_CswNbtNode.NodeId == _CswNbtResources.CurrentUser.UserId)
{
throw (new CswDniException(CswEnumErrorType.Warning, "You can not delete your own user account.",
"Current user (" + _CswNbtResources.CurrentUser.Username +
") can not delete own UserClass node."));
}
// case 22635 - prevent deleting chemsw admin user
CswNbtNodePropWrapper UsernamePropWrapper = Node.Properties[PropertyName.Username];
if (
UsernamePropWrapper.GetOriginalPropRowValue(
UsernamePropWrapper.NodeTypeProp.getFieldTypeRule().SubFields.Default.Column) == ChemSWAdminUsername &&
false == (_CswNbtResources.CurrentNbtUser is CswNbtSystemUser))
{
throw new CswDniException(CswEnumErrorType.Warning, "The '" + ChemSWAdminUsername + "' user cannot be deleted",
"Current user (" + _CswNbtResources.CurrentUser.Username +
") attempted to delete the '" + ChemSWAdminUsername + "' user.");
}
CswPrimaryKey RoleId = Role.RelatedNodeId;
if (RoleId != null)
{
CswNbtNode RoleNode = _CswNbtResources.Nodes[RoleId];
//prevent user from deleting admin if they are not an admin
if (_RoleNodeObjClass.Administrator.Checked == CswEnumTristate.True &&
_CswNbtResources.CurrentNbtUser.IsAdministrator() != true)
{
throw (new CswDniException(CswEnumErrorType.Warning,
"You can not delete administrator accounts because you are not an administrator.",
"Block user account delete because login user (" +
_CswNbtResources.CurrentUser.Username + ") is not an administrator."));
}
}
//case 28010 - delete all view assigned to this user
_CswNbtResources.ViewSelect.deleteViewsByUserId(NodeId);
}
}//afterWriteNode()
protected override void beforeDeleteNodeLogic()
{
// Prevent deleting your own role
if( _CswNbtNode.NodeId == _CswNbtResources.CurrentUser.RoleId )
{
throw ( new CswDniException( CswEnumErrorType.Warning, "You can not delete your own role account.", "Current user (" + _CswNbtResources.CurrentUser.Username + ") can not delete own RoleClass node." ) );
}
// case 22635 - prevent deleting the chemsw admin role
CswNbtNodePropWrapper NamePropWrapper = Node.Properties[PropertyName.Name];
if( NamePropWrapper.GetOriginalPropRowValue( _CswNbtResources.MetaData.getFieldTypeRule( NamePropWrapper.getFieldTypeValue() ).SubFields.Default.Column ) == ChemSWAdminRoleName &&
false == ( _CswNbtResources.CurrentNbtUser is CswNbtSystemUser ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "The '" + ChemSWAdminRoleName + "' role cannot be deleted", "Current user (" + _CswNbtResources.CurrentUser.Username + ") attempted to delete the '" + ChemSWAdminRoleName + "' role." );
}
//case 28010 - delete all view assigned to this role
_CswNbtResources.ViewSelect.deleteViewsByRoleId( NodeId );
//Case 30628 - Delete all PermissionSet nodes assigned to this Role
_deleteRelatedPermissionNodes();
}//beforeDeleteNode()
protected override void beforeWriteNodeLogic( bool Creating, bool OverrideUniqueValidation )
{
// The user cannot change his or her own Administrator privileges.
if( Administrator.wasAnySubFieldModified() &&
Administrator.Checked != CswConvert.ToTristate( Administrator.GetOriginalPropRowValue() ) &&
_CswNbtResources.CurrentUser.RoleId == _CswNbtNode.NodeId )
{
_CswNbtNode.Properties.clearModifiedFlag(); // prevents multiple error messages from appearing if we attempt to write() again
throw new CswDniException( CswEnumErrorType.Warning, "You may not change your own administrator status", "User (" + _CswNbtResources.CurrentUser.Username + ") attempted to edit the Administrator property of their own Role" );
}
// case 22512
// also case 22557 - use the original name, not the new one
CswNbtNodePropWrapper NamePropWrapper = Node.Properties[PropertyName.Name];
if( NamePropWrapper.GetOriginalPropRowValue( _CswNbtResources.MetaData.getFieldTypeRule( NamePropWrapper.getFieldTypeValue() ).SubFields.Default.Column ) == ChemSWAdminRoleName &&
_CswNbtResources.CurrentNbtUser.Username != CswNbtObjClassUser.ChemSWAdminUsername &&
false == ( _CswNbtResources.CurrentNbtUser is CswNbtSystemUser ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "The " + ChemSWAdminRoleName + " role cannot be edited", "Current user (" + _CswNbtResources.CurrentUser.Username + ") attempted to edit the '" + ChemSWAdminRoleName + "' role." );
}
if( NodeTypePermissions.wasAnySubFieldModified( false ) )
{
// case 25444 - was it *really* modified?
CswNbtNodePropWrapper NodeTypePermissionsPropWrapper = Node.Properties[PropertyName.NodeTypePermissions];
string NodeTypePermissionsOriginalValueStr = NodeTypePermissionsPropWrapper.GetOriginalPropRowValue( CswEnumNbtPropColumn.ClobData );
CswCommaDelimitedString NodeTypePermissionsOriginalValue = new CswCommaDelimitedString();
NodeTypePermissionsOriginalValue.FromString( NodeTypePermissionsOriginalValueStr );
if( NodeTypePermissions.Value != NodeTypePermissionsOriginalValue )
{
// Prevent granting permission to Design nodetypes without Design Action permission
if( NodeTypePermissions.Gestalt.Contains( "Design" ) && // shortcut
false == _CswNbtResources.Permit.can( CswEnumNbtActionName.Design, this ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to Design NodeTypes without the Design Action Permission",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to grant access to Design NodeTypes on role: " + _CswNbtNode.NodeName );
}
}
}
// case 22437
if( ActionPermissions.wasAnySubFieldModified() )
{
// case 25444 - was it *really* modified?
CswNbtNodePropWrapper ActionPermissionsPropWrapper = Node.Properties[PropertyName.ActionPermissions];
string ActionPermissionsOriginalValueStr = ActionPermissionsPropWrapper.GetOriginalPropRowValue( ( (CswNbtFieldTypeRuleMultiList) _CswNbtResources.MetaData.getFieldTypeRule( ActionPermissionsPropWrapper.getFieldTypeValue() ) ).ValueSubField.Column );
CswCommaDelimitedString ActionPermissionsOriginalValue = new CswCommaDelimitedString();
ActionPermissionsOriginalValue.FromString( ActionPermissionsOriginalValueStr );
if( ActionPermissions.Value != ActionPermissionsOriginalValue )
{
// You can never grant your own action permissions
if( _CswNbtResources.CurrentUser.RoleId == _CswNbtNode.NodeId && this.Name.Text != ChemSWAdminRoleName )
{
// case 26346 - we might be trimming invalid actions out automatically,
// so just throw if an action permissions is being ADDED, not removed
bool ActionAdded = false;
foreach( string ActionStr in ActionPermissions.Value )
{
if( false == ActionPermissionsOriginalValue.Contains( ActionStr ) )
{
ActionAdded = true;
}
}
if( ActionAdded )
{
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to actions for which you have no permissions",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to edit their own action permissions on role: " + _CswNbtNode.NodeName );
}
}
// You can only grant action permissions on other roles to which you have access
foreach( CswNbtAction Action in _CswNbtResources.Actions )
{
if( true == _CswNbtResources.Permit.can( Action, this ) ) // permission is being granted
{
if( ( Action.Name == CswEnumNbtActionName.Design ||
Action.Name == CswEnumNbtActionName.Create_Inspection || //Case 24288
Action.Name == CswEnumNbtActionName.View_Scheduled_Rules ) && //Case 28564
_CswNbtResources.CurrentNbtUser.Rolename != ChemSWAdminRoleName && //Case 28433: chemsw_admin can grant Design to anyone.
false == _CswNbtResources.IsSystemUser )
{
// case 23677
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to " + Action.DisplayName + " to this role",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to grant access to action " + Action.DisplayName + " to role " + _CswNbtNode.NodeName );
}
//Case 29338 - If the Role has no Material NT create permissions, remove the Create Material action permission
if( Action.Name == CswEnumNbtActionName.Create_Material )
{
CswNbtMetaDataPropertySet MaterialPS = _CswNbtResources.MetaData.getPropertySet( CswEnumNbtPropertySetName.MaterialSet );
bool HasOneMaterialCreate = false;
foreach( CswNbtMetaDataObjectClass MaterialOc in MaterialPS.getObjectClasses() )
{
foreach( CswNbtMetaDataNodeType MaterialNt in MaterialOc.getNodeTypes() )
{
string NodeTypePermission = MakeNodeTypePermissionValue(
MaterialNt.FirstVersionNodeTypeId,
CswEnumNbtNodeTypePermission.Create );
HasOneMaterialCreate = HasOneMaterialCreate ||
NodeTypePermissions.CheckValue( NodeTypePermission );
}
}
if( false == HasOneMaterialCreate )
{
ActionPermissions.RemoveValue( MakeActionPermissionValue( Action ) );
}
}
if( false == _CswNbtResources.Permit.can( Action, _CswNbtResources.CurrentNbtUser ) )
{
throw new CswDniException( CswEnumErrorType.Warning, "You may not grant access to actions for which you have no permissions",
"User (" + _CswNbtResources.CurrentUser.Username + ") attempted to grant access to action " + Action.DisplayName + " to role " + _CswNbtNode.NodeName );
}
} // if( true == _CswNbtResources.Permit.can( Action, this ) )
} // foreach( string ActionNameString in ActionPermissions.YValues )
} // if( ActionPermissions.Value != ActionPermissionsOriginalValue )
} // if( ActionPermissions.getAnySubFieldModified() )
}//beforeWriteNode()