private static bool IsAllowForViewOwner(object obj)
{
if (SecurityHelper.IsInRole("Admin"))
{
return(false);
}
if (HttpContext.Current.User == null || HttpContext.Current.User.Identity == null || string.IsNullOrEmpty(HttpContext.Current.User.Identity.Name))
{
return(false);
}
if (obj is Page)
{
return(true);
}
string viewName = (obj is Field) ? ((Field)obj).View.Name : ((View)obj).Name;
string pk = HttpContext.Current.Request.QueryString["Pk"];
//Only can access View, Field, Category
//if (viewName != "View" && viewName != "Field" & viewName != "Category" && viewName != "Menu")
// throw new DuradosException( viewName + " is not allowed by view owner.");
if (string.IsNullOrEmpty(pk) && HttpContext.Current.Request.UrlReferrer == null)
{
return(false);
}
string dataViewName = null;
if (string.IsNullOrEmpty(pk) && HttpContext.Current.Request.UrlReferrer.Segments.Length == 4)
{
dataViewName = HttpContext.Current.Request.UrlReferrer.Segments[3];
}
else if (string.IsNullOrEmpty(pk) && viewName == "Field")
{
if (HttpContext.Current.Request.UrlReferrer != null && HttpUtility.ParseQueryString(HttpContext.Current.Request.UrlReferrer.Query)["url"] != null)
{
try
{
string[] s = HttpUtility.UrlDecode(HttpUtility.ParseQueryString(HttpUtility.ParseQueryString(HttpContext.Current.Request.UrlReferrer.Query)["url"]).ToString()).Split('?')[1].Split('&')[0].Split('=');
if (s[0] == "Fields")
{
pk = s[1];
}
viewName = "View";
}
catch { }
}
}
// only relevant in view properties for view owner
if ((!string.IsNullOrEmpty(pk) || !string.IsNullOrEmpty(dataViewName)) && (viewName == "View" || viewName == "Field"))
{
if (!string.IsNullOrEmpty(pk))
{
pk = pk.TrimEnd('#');
Durados.DataAccess.ConfigAccess configAccess = new Durados.DataAccess.ConfigAccess();
if (viewName == "Field")
{
string fieldName = configAccess.GetFieldNameByPK(pk, Map.GetConfigDatabase().ConnectionString);
pk = configAccess.GetViewPKByFieldPK(pk, Map.GetConfigDatabase().ConnectionString);
if (string.IsNullOrEmpty(fieldName))
{
throw new DuradosException("fieldName are null or empty.");
}
}
dataViewName = configAccess.GetViewNameByPK(pk, Map.GetConfigDatabase().ConnectionString);
}
if (string.IsNullOrEmpty(dataViewName))
{
throw new DuradosException("viewName are null or empty or not exists.");
}
if (Map.Database.Views.ContainsKey(dataViewName))
{
Durados.Web.Mvc.View viewDb = (Durados.Web.Mvc.View)Map.Database.Views[dataViewName];
if (viewDb != null && viewDb.IsViewOwner())
{
if ((obj is Field) && ((Field)obj).AllowEditRoles.Split(',').Contains(Durados.Web.Mvc.Config.Project.ViewOwenrRole))
{
return(true);
}
else if ((obj is View) && ((View)obj).ViewOwnerRoles.Split(',').Contains(Durados.Web.Mvc.Config.Project.ViewOwenrRole))
{
return(true);
}
else
{
return(false);
}
}
}
}
return(true);
}