/// <summary>
/// Gets security configurations for the field specified.
/// </summary>
/// <param name="securityContext">The security context.</param>
/// <param name="fieldDefinition">The field definition.</param>
/// <param name="identity">The user identity.</param>
/// <returns>The collection of AggregateSecurityConfig objects.</returns>
public static IList<SecurityConfig> GetSecurityConfigsForField(ISecurityContext securityContext, IBaseFieldDefinition fieldDefinition, IMQ1Identity identity)
{
var result = new HashSet<SecurityConfig>();
if (Utils.CurrentUserHasAdministratorRights)
return new List<SecurityConfig>();
if (securityContext == null || fieldDefinition == null || identity == null)
return new List<SecurityConfig>();
if (AlwaysVisible(fieldDefinition.SystemName))
return new List<SecurityConfig>();
var fieldConfigs = securityContext.GetConfigurationList(fieldDefinition.GetTableName(), fieldDefinition.SystemName);
if (fieldConfigs != null)
{
fieldConfigs = fieldConfigs.Where(x =>
(x.BusinessUnitId == Constants.AllBusinessUnitsId || x.BusinessUnitId == identity.BusinessUnitId) &&
(x.RoleId == Constants.AllRolesId || identity.RolesId.Contains(x.RoleId)) && x.CanView).ToList();
if (!fieldConfigs.Any(c =>
c.StateGuid == Constants.AllStatesGuid &&
c.PersonFieldName == Constants.AllPersonFieldsSystemName))
{
var personsForAllStates =
fieldConfigs.Where(x => x.StateGuid == Constants.AllStatesGuid)
.Select(x => x.PersonFieldName)
.Distinct()
.ToList();
var statesForAllPersons =
fieldConfigs.Where(x => x.PersonFieldName == Constants.AllPersonFieldsSystemName)
.Select(x => x.StateGuid)
.Distinct()
.ToList();
foreach (var config in fieldConfigs)
{
var secConf = new SecurityConfig(
personsForAllStates.Contains(config.PersonFieldName) ? null : config.StateGuid.ToString("D"),
statesForAllPersons.Contains(config.StateGuid) ? null : config.PersonFieldName);
secConf.SetPersonId(identity.PersonId.ToString(CultureInfo.InvariantCulture));
result.Add(secConf);
}
}
}
return result.ToList();
}
/// <summary>
/// Gets the value indicating whether user has chances to read value from the field specified.
/// </summary>
/// <param name="securityContext">The security context.</param>
/// <param name="fieldDefinition">The field definition.</param>
/// <param name="identity">The user identity.</param>
/// <returns><c>true</c> if can calculate aggregates, otherwise <c>false</c>.</returns>
public static bool CanAccessField(ISecurityContext securityContext, IBaseFieldDefinition fieldDefinition, IMQ1Identity identity)
{
if (securityContext == null || fieldDefinition == null || identity == null)
return false;
if (AlwaysVisible(fieldDefinition.SystemName))
return true;
if (Utils.CurrentUserHasAdministratorRights)
return true;
var fieldConfigs = securityContext.GetConfigurationList(fieldDefinition.GetTableName(), fieldDefinition.SystemName);
if (fieldConfigs != null)
{
var matches = fieldConfigs.Where(sc =>
(sc.BusinessUnitId == Constants.AllBusinessUnitsId || sc.BusinessUnitId == identity.BusinessUnitId) &&
(sc.RoleId == Constants.AllRolesId || identity.RolesId.Contains(sc.RoleId))).ToList();
if (matches.Any(x => x.CanView))
return true;
}
return false;
}
private static void UnAuthenticate(SysMenuViewModel vm, IMQ1Identity identityMock)
{
Mock.Arrange(() => identityMock.IsAuthenticated).Returns(false);
Mock.Arrange(() => identityMock.IsAdmin).Returns(false);
vm.IsAdminEnabled = false;
}
private static void SwitchToAdmin(SysMenuViewModel vm, IMQ1Identity identityMock)
{
Mock.Arrange(() => identityMock.IsAuthenticated).Returns(true);
Mock.Arrange(() => identityMock.IsAdmin).Returns(true);
vm.IsAdminEnabled = true;
}
/// <summary>
/// Determines whether the specified target has person.
/// </summary>
/// <param name="target">The target.</param>
/// <param name="personFieldName">Name of the person field.</param>
/// <param name="person">The person.</param>
/// <returns><c>true</c> if the specified target has person; otherwise, <c>false</c>.</returns>
public static bool HasPerson(object target, string personFieldName, IMQ1Identity person)
{
if (string.IsNullOrWhiteSpace(personFieldName) || personFieldName == Constants.AllPersonFieldsSystemName)
return false;
if (target == null)
return false;
var checkRules = target as ICheckRules;
try
{
if (checkRules != null) checkRules.SuppressRuleChecking();
var fieldInfo = GetProperty(personFieldName, ref target);
if (fieldInfo == null) return false;
var crossRefAttr =
(CrossRefFieldAttribute)
fieldInfo.GetCustomAttributes(typeof(CrossRefFieldAttribute), false).FirstOrDefault();
if (crossRefAttr == null) return false;
if (person != null && !person.PersonIds.Keys.Contains(crossRefAttr.ReferenceTableName)) return false;
if (person != null)
{
var personId = person.PersonIds[crossRefAttr.ReferenceTableName];
var dynamicTarget = target as IDynamicObject;
if (dynamicTarget == null)
return false;
if (crossRefAttr.AllowMultiple)
{
if (dynamicTarget is IInfoClass)
{
var ids = dynamicTarget.ReadValueByPropertyName(personFieldName + Constants.MultipleIdsCrossRefPropertyInfoClass) as string;
if (string.IsNullOrWhiteSpace(ids))
{
return false;
}
if (ids.Contains(", "))
{
var idsList = ids.Split(", ".ToCharArray(), StringSplitOptions.RemoveEmptyEntries);
return idsList.Select(SafeTypeConverter.Convert<int>).Any(x => x == personId);
}
int id;
return SafeTypeConverter.TryToConvert(ids, out id) && id == personId;
}
var multiCrossRef = dynamicTarget.ReadValueByPropertyName(personFieldName) as ICrossRefItemList;
if (multiCrossRef == null) return false;
if (multiCrossRef.OfType<ICrossRefItemInfo>().Any(reference => reference.Id == personId))
return true;
}
else
{
int? crossRef;
if (target is IInfoClass)
{
crossRef = dynamicTarget.ReadValueByPropertyName(personFieldName + "Id") as int?;
}
else
{
crossRef = dynamicTarget.ReadValueByPropertyName(personFieldName) as int?;
}
if (!crossRef.HasValue) return false;
return crossRef.Value == personId;
}
}
}
catch (Exception ex)
{
#if !SILVERLIGHT
Log4NetLogger.Instance.Log(LogSeverity.Error, string.Empty, ex);
#else
if (Debugger.IsAttached)
{
Debug.WriteLine(ex);
Debugger.Break();
}
#endif
}
finally
{
if (checkRules != null) checkRules.ResumeRuleChecking();
}
return false;
}
public static SecurityGroupCollection GetSecurityGroups(ISecurityContext securityContext, IMQ1Identity identity, ProcessDefinition processDefinition, IEnumerable<SecurityColumnDescriptor> fields = null)
{
var groups = new SecurityGroupCollection();
if (Utils.CurrentUserHasAdministratorRights)
return groups;
if (securityContext == null || processDefinition == null || identity == null)
return groups;
var fieldDefinitions = new List<IBaseFieldDefinition>();
var fieldList = fields != null ? fields.ToList() : null;
if (fields != null && fieldList.Any())
{
foreach (var fieldName in fieldList.Select(x => x.ColumnName))
{
try
{
var field = processDefinition.GetField(fieldName);
fieldDefinitions.Add(field);
}
catch (ArgumentException)
{
}
}
}
else
{
fieldDefinitions.AddRange(
processDefinition.GetAllFields());
}
foreach (var fieldDefinition in fieldDefinitions)
{
var canAccessData = CanAccessField(securityContext, fieldDefinition, identity);
var securityConfigs = canAccessData
? GetSecurityConfigsForField(securityContext, fieldDefinition, identity)
: new List<SecurityConfig>();
SecurityColumnDescriptor columnDescriptor = null;
if (fieldList != null)
columnDescriptor = fieldList.FirstOrDefault(x => x.ColumnName == fieldDefinition.SystemName);
if (columnDescriptor == null)
columnDescriptor = new SecurityColumnDescriptor(fieldDefinition.SystemName);
groups.AddColumnSecurityConfigs(columnDescriptor, securityConfigs, canAccessData);
}
return groups;
}
