public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { User user = HttpContext.Current.Request.RequestContext.HttpContext.CurrentUser(); e.Cancel = user.RoleID != (int)RolesEnum.Admin && Frozen && (e.Action == EntityJs.Client.Events.ActionsEnum.Edit || e.Action == EntityJs.Client.Events.ActionsEnum.Delete); e.Cancel = e.Cancel || e.Action != EntityJs.Client.Events.ActionsEnum.Select && this.ParentID.HasValue || (user.RoleID == (int)RolesEnum.Employee && e.Action != EntityJs.Client.Events.ActionsEnum.Insert && this.EmployeeID != user.EmployeeID); if (user.RoleID == (int)RolesEnum.Employee && e.Action != EntityJs.Client.Events.ActionsEnum.Select && e.Values.ContainsKey("EmployeeID")) { e.Values.Remove("EmployeeID"); } if (!e.Cancel && user.RoleID == (int)RolesEnum.Manager) { switch (e.Action) { case EntityJs.Client.Events.ActionsEnum.Insert: e.Cancel = false; break; case EntityJs.Client.Events.ActionsEnum.Select: e.Cancel = !(this.CreatorID == user.ID || this.EmployeeID == user.EmployeeID || (this.Project != null && this.Project.ResponsibleID == user.ID) /* || (this.Employee != null && this.Employee.User != null && this.Employee.User.RoleID == (int)RolesEnum.Employee)*/); break; default: e.Cancel = this.CreatorID != user.ID; break; } } //e.Cancel = e.Cancel || e.Action != EntityJs.Client.Events.ActionsEnum.Select && Project != null && Project.Archived; }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; if (user.RoleID <= (int)RolesEnum.Manager) { e.Cancel = false; } else if (user.RoleID == (int)RolesEnum.Employee) { string[] notAllowed = new[] { "DepartmentID", "PositionID", "Archived", "Deleted", "ArchiveDate", "UserID", "WalletID" }; e.Cancel = user.EmployeeID != this.ID && (e.Action != EntityJs.Client.Events.ActionsEnum.Select || e.EntityMode.StringAndTrim().ToLower() != "autocomplete"); foreach (string item in notAllowed) { e.Values.Remove(item); } } else { e.Cancel = e.Action != EntityJs.Client.Events.ActionsEnum.Select; } //int userID = e.Values.ContainsKey("UserID") ? e.Values["UserID"].StringAndTrim().ToInt() : 0; //if (!e.Cancel && db.Employees.Any(val => val.UserID == userID && val.ID != this.ID && !val.Deleted)) //{ // e.Cancel = true; // e.Errors.Add("{DuplicateUser:'******'}"); //} }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; //e.Action == EntityJs.Client.Events.ActionsEnum.Delete && !this.ParentID.HasValue || e.Cancel = StatusID == ProjectStatusesEnum.Hidden && user.RoleID != (int)RolesEnum.Admin; if (e.Cancel || this.Deleted) { return; } if (this.Archived && e.Action == EntityJs.Client.Events.ActionsEnum.Edit) { List <string> keys = e.Values.Keys.ToList(); keys.ForEach(val => { if (val != "Archived" && val != "Deleted") { e.Values.Remove(val); } }); } if (user.RoleID == (int)RolesEnum.Client) { e.Cancel = (e.Action == EntityJs.Client.Events.ActionsEnum.Delete && this.CreatorID != user.ID) || this.ContractorID != user.ContractorID; //e.Cancel = e.Action != EntityJs.Client.Events.ActionsEnum.Select || this.ContractorID != user.ContractorID; } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities )e.Context; User user = db.CurrentUser; e.Cancel = false; if (e.Action != EntityJs.Client.Events.ActionsEnum.Select) { e.Values.Remove("CreatorID"); if (user.RoleID != (int)RolesEnum.Admin && user.ID != this.CreatorID) { e.Cancel = e.Action == EntityJs.Client.Events.ActionsEnum.Delete; if (e.Action == EntityJs.Client.Events.ActionsEnum.Edit) { var keys = e.Values.Keys.ToList(); foreach (var key in keys) { if (key == "StatusID") { continue; } e.Values.Remove(key); } } } } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; e.Cancel = user.RoleID != (int)RolesEnum.Admin && Frozen && (e.Action == EntityJs.Client.Events.ActionsEnum.Edit || e.Action == EntityJs.Client.Events.ActionsEnum.Delete); }
public ActionResult Dispatches(string ID, int?DispatchID, int?OrderID) { ID = ID.StringAndTrim().ToLower(); if (ID.IsNotNullOrEmpty() && ID != "details" && ID != "create") { return(HttpNotFound()); } string settingsName = "/Products/Dispatches"; User user = HttpContext.CurrentUser(); int userID = user.ID; ProjectDispatch dispatch = DispatchID.HasValue ? db.ProjectDispatches.FirstOrDefault(val => val.ID == DispatchID) : null; ProjectDispatchOrder order = OrderID.HasValue ? db.ProjectDispatchOrders.FirstOrDefault(val => val.ID == OrderID) : null; if (dispatch != null) { var e = new EntityJs.Client.Events.CheckPermissionsEventArgs(db, "ProjectDispatches", "ProjectDispatch", dispatch, EntityJs.Client.Events.ActionsEnum.Select); dispatch.OnCheckPermissions(e); if (e.Cancel) { dispatch = null; } } var data = new { Action = ID, Dispatch = dispatch != null?dispatch.ToJson() : null, Order = order != null?order.ToJson() : null, UserSettings = db.UserSettings.Where(val => val.UserID == userID && val.Name.IndexOf(settingsName) == 0).ToList().Select(val => val.ToJson()).ToList() }; ViewBag.Page = "Products.Dispatches"; return(ViewWithData(data)); }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; e.Cancel = user.RoleID > (int)RolesEnum.Boss; }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = e.Action > EntityJs.Client.Events.ActionsEnum.Edit; if (e.Action == EntityJs.Client.Events.ActionsEnum.Edit) { e.Values.Remove("Count"); e.Values.Remove("OuterID"); } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = e.Action == EntityJs.Client.Events.ActionsEnum.Delete || e.Action != EntityJs.Client.Events.ActionsEnum.Select && this.TypeID == WalletTypesEnum.EmployeeWallet; BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; if (user.RoleID == (int)RolesEnum.Employee) { e.Cancel = e.Action != EntityJs.Client.Events.ActionsEnum.Select;// || this.EmployeeID != user.EmployeeID && !this.EmployeeWallets.Any(val => val.EmployeeID == user.EmployeeID && val.Available); } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; if (user.RoleID == (int)RolesEnum.Client) { e.Cancel = e.Action != EntityJs.Client.Events.ActionsEnum.Select || this.Project == null || this.Project.ContractorID != user.ContractorID; } else { e.Cancel = user.RoleID > (int)RolesEnum.Manager; } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = false; BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; Employee emp = db.CurrentEmployee; e.Cancel = user.RoleID != (int)RolesEnum.Admin && Frozen && (e.Action == EntityJs.Client.Events.ActionsEnum.Edit || e.Action == EntityJs.Client.Events.ActionsEnum.Delete); if (!e.Cancel && user.RoleID == (int)RolesEnum.Employee) { e.Cancel = this.WalletFromID != emp.WalletID && this.WalletToID != emp.WalletID || this.WalletFromID != emp.WalletID && e.Action != EntityJs.Client.Events.ActionsEnum.Select; } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = false; if (this.Archived && e.Action == EntityJs.Client.Events.ActionsEnum.Edit) { List <string> keys = e.Values.Keys.ToList(); keys.ForEach(val => { if (val != "Archived" && val != "Deleted") { e.Values.Remove(val); } }); } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; switch (e.Action) { case EntityJs.Client.Events.ActionsEnum.Insert: case EntityJs.Client.Events.ActionsEnum.Select: e.Cancel = !this.Custom; break; case EntityJs.Client.Events.ActionsEnum.Delete: e.Cancel = this.CreatorID != user.ID && user.RoleID > (int)RolesEnum.Boss; break; case EntityJs.Client.Events.ActionsEnum.Edit: e.Cancel = true; break; } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; e.Cancel = false; if (e.Action != EntityJs.Client.Events.ActionsEnum.Select) { e.Values.Remove("CreatorID"); if (user.RoleID != (int)RolesEnum.Admin && user.ID != this.CreatorID && e.Action != EntityJs.Client.Events.ActionsEnum.Insert) { e.Cancel = true; } } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; e.Cancel = false; if (e.Action != EntityJs.Client.Events.ActionsEnum.Select) { e.Values.Remove("CreatorID"); if (user.RoleID != (int)RolesEnum.Admin && this.DispatchID > 0) { ProjectDispatchOrder disp = this.ProjectDispatchOrder ?? db.ProjectDispatchOrders.Find(val => val.ID == this.DispatchID).FirstOrDefault(); e.Cancel = disp == null || user.ID != disp.CreatorID; } } }
public JsonResult PayManagerFee(int[] IDs) { DateTime date = DateTime.Now; int userID = db.CurrentUser.ID; ExpenseType type = db.ExpenseTypes.FirstOrDefault(val => val.ManagerFee); if (type == null) { return(Json(new { Success = false, Error = "Необходимо настроить тип расхода для выдачи % менеджера" })); } List <Project> projects = db.Projects.Where(val => IDs.Contains(val.ID)).ToList(); foreach (Project p in projects) { var e = new EntityJs.Client.Events.CheckPermissionsEventArgs(db, "Projects", "Project", p, EntityJs.Client.Events.ActionsEnum.Select); p.OnCheckPermissions(e); decimal sum = Math.Round(p.ManagerFeeAmount - p.ManagerFeePaid, 2); if (e.Cancel || sum <= 0) { continue; } Employee employee = p.UserResponsible.Employee; if (employee == null) { continue; } Expense ex = new Expense() { Date = date, ChangeDate = date, ChangerID = userID, CreateDate = date, CreatorID = userID, EmployeeID = employee.ID, ProjectID = p.ID, Sum = sum, PeriodSum = sum, TypeID = type.ID, WalletID = employee.WalletID.Value }; db.Expenses.AddObject(ex); } db.SaveChanges(); return(Json(new { Success = true })); }
public void OnDeleting(EntityJs.Client.Events.EntityEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; List <ProjectDispatch> dispatches = ProjectDispatches.ToList(); foreach (ProjectDispatch dispatch in dispatches) { EntityJs.Client.Events.CheckPermissionsEventArgs eargs = new EntityJs.Client.Events.CheckPermissionsEventArgs(db, "ProjectDispatches", "ProjectDispatch", dispatch, EntityJs.Client.Events.ActionsEnum.Delete); dispatch.OnDeleting(eargs); if (eargs.Result != OperationResultsEnum.Passed) { var cpe = ((EntityJs.Client.Events.CheckPermissionsEventArgs)e); cpe.Result = eargs.Result; cpe.Errors.AddRange(eargs.Errors); break; } db.ProjectDispatches.DeleteObject(dispatch); } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; e.Cancel = this.Deleted || e.Action != EntityJs.Client.Events.ActionsEnum.Select && Project != null && Project.Archived; if (!e.Cancel && user.RoleID == (int)RolesEnum.Client) { e.Cancel = this.Project.ContractorID != user.ContractorID || this.VisibilityID == TaskVisibilitiesEnum.Hidden; } else if (!e.Cancel && user.RoleID == (int)RolesEnum.Employee) { e.Cancel = this.EmployeeID != user.EmployeeID && this.ResponsibleID != user.ID || this.VisibilityID == TaskVisibilitiesEnum.Hidden; } if (user.RoleID > (int)RolesEnum.Manager) { e.Values.Remove("Price"); e.Values.Remove("InvoiceID"); e.Values.Remove("VisibilityID"); } }
public ActionResult Print(int ID) { Transfer row = db.Transfers.FirstOrDefault(val => val.ID == ID); if (row == null) { return(HttpNotFound()); } var e = new EntityJs.Client.Events.CheckPermissionsEventArgs(db, "Transfers", "Transfer", row, EntityJs.Client.Events.ActionsEnum.Select); row.OnCheckPermissions(e); if (e.Cancel) { return(HttpNotFound()); } ViewBag.Transfer = row; ViewBag.Page = "Transfers.Print"; ViewBag.Print = true; return(View()); }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; string login = e.Values.ContainsKey("Login") ? e.Values["Login"].StringAndTrim() : string.Empty; int employeeID = e.Values.ContainsKey("EmployeeID") ? e.Values["EmployeeID"].StringAndTrim().ToInt() : 0; switch (e.Action) { case EntityJs.Client.Events.ActionsEnum.Delete: e.Cancel = true; break; case EntityJs.Client.Events.ActionsEnum.Edit: e.Values.Remove("Login"); e.Cancel = user.RoleID >= (int)AdCrm.Models.RolesEnum.Manager && user.ID != this.ID; if (user.RoleID >= (int)RolesEnum.Manager) { e.Values.Remove("RoleID"); e.Values.Remove("EmployeeID"); } break; case EntityJs.Client.Events.ActionsEnum.Insert: e.Cancel = user.RoleID >= (int)RolesEnum.Manager; break; case EntityJs.Client.Events.ActionsEnum.Select: e.Cancel = false; break; } if (!e.Cancel && db.Users.Any(val => val.Login.ToLower() == login.ToLower() && !val.Deleted && val.ID != this.ID)) { e.Cancel = true; e.Errors.Add("{DuplicateLogin:'******'}"); } //if (!e.Cancel && db.Users.Any(val => val.EmployeeID == employeeID && !val.Deleted && val.ID != this.ID)) //{ // e.Cancel = true; // e.Errors.Add("{DuplicateEmployee:'" + employeeID + "'}"); //} }
public ActionResult PrintOrder(int ID) { ProjectDispatchOrder row = db.ProjectDispatchOrders.Include("ProjectProducts").FirstOrDefault(val => val.ID == ID); if (row == null) { return(HttpNotFound()); } var e = new EntityJs.Client.Events.CheckPermissionsEventArgs(db, "ProjectDispatchOrders", "ProjectDispatchOrder", row, EntityJs.Client.Events.ActionsEnum.Select); row.OnCheckPermissions(e); if (e.Cancel) { return(HttpNotFound()); } ViewBag.Dispatch = row; ViewBag.Products = row.ProjectProducts.ToList(); ViewBag.Page = "Products.PrintOrder"; ViewBag.Print = true; return(View()); }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { BuildingEntities db = (BuildingEntities)e.Context; User user = db.CurrentUser; switch (e.Action) { case EntityJs.Client.Events.ActionsEnum.Insert: case EntityJs.Client.Events.ActionsEnum.Select: e.Cancel = false; break; case EntityJs.Client.Events.ActionsEnum.Delete: e.Cancel = this.CreatorID != user.ID && user.RoleID > (int)RolesEnum.Boss; break; case EntityJs.Client.Events.ActionsEnum.Edit: e.Cancel = false; if (user.RoleID <= (int)RolesEnum.Boss) { break; } List <string> keys = e.Values.Keys.Where(val => val != "Read").ToList(); keys.ForEach(val => e.Values.Remove(val)); break; } }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { User user = HttpContext.Current.Request.RequestContext.HttpContext.CurrentUser(); e.Cancel = e.Action != EntityJs.Client.Events.ActionsEnum.Select && user.RoleID > (int)RolesEnum.Manager; }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = false; }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = e.Action == EntityJs.Client.Events.ActionsEnum.Delete; }
public void OnCheckPermissions(EntityJs.Client.Events.CheckPermissionsEventArgs e) { e.Cancel = e.Action != EntityJs.Client.Events.ActionsEnum.Select && Project != null && Project.Archived; }