private PermissionPolicyRole GetUserRole()
{
PermissionPolicyRole userRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(u => u.Name == DefaultUserRoleName);
if (userRole == null)
{
userRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
userRole.Name = DefaultUserRoleName;
// Allow users to read departments only if their title contains 'Development'.
const string protectedDepartment = "Development";
CriteriaOperator departmentCriteria = new FunctionOperator(FunctionOperatorType.Contains,
new OperandProperty(nameof(Department)), new OperandValue(protectedDepartment)
);
userRole.AddObjectPermission <Department>(SecurityOperations.Read, (!departmentCriteria).ToString() /*"!Contains(Title, 'Development')"*/, SecurityPermissionState.Deny);
// Allow users to read and modify employee records and their fields by criteria.
userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
CriteriaOperator employeeCriteria = new FunctionOperator(FunctionOperatorType.Contains,
new OperandProperty(nameof(Employee.Department) + "." + nameof(Department.Title)), new OperandValue(protectedDepartment)
);
userRole.AddObjectPermission <Employee>(SecurityOperations.Delete, employeeCriteria.ToString() /*"Contains(Department.Title, 'Development')"*/, SecurityPermissionState.Allow);
userRole.AddMemberPermission <Employee>(SecurityOperations.Write, nameof(Employee.LastName), (!employeeCriteria).ToString() /*"!Contains(Department.Title, 'Development')"*/, SecurityPermissionState.Deny);
// For more information on criteria language syntax (both string and strongly-typed formats), see https://docs.devexpress.com/CoreLibraries/4928/.
}
return(userRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddObjectPermission <PhoneBook>(SecurityOperations.Read, "[Oid] != ''", SecurityPermissionState.Allow);
defaultRole.AddObjectPermission <PhoneBook>(SecurityOperations.Write, "[Oid] != ''", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/PhoneBook_ListView", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "Employee", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "Phone", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "Oid", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
}
return(defaultRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(r => r.Name == DefaultUserRoleName);
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = DefaultUserRoleName;
defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Department_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Employee_ListView", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
//defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
//defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
//defaultRole.AddTypePermissionsRecursively<ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
//defaultRole.AddTypePermissionsRecursively<ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Department>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddObjectPermission <Department>(SecurityOperations.Read, "Contains([Title], 'Development')", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
defaultRole.AddObjectPermission <Employee>(SecurityOperations.Delete, "Contains([Department.Title], 'Development')", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <Employee>(SecurityOperations.Write, "LastName", "Not Contains([Department.Title], 'Development')", SecurityPermissionState.Deny);
}
return(defaultRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(role => role.Name == "Default");
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermissionFromLambda <ApplicationUser>(SecurityOperations.Read, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "StoredPassword", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermission(ObjectSpace.TypesInfo.FindTypeInfo("ClassLibrary1.PersistentClass1").Type, "Create;Read;Write", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/PersistentClass1_ListView", SecurityPermissionState.Allow);
defaultRole.AddTypePermission(ObjectSpace.TypesInfo.FindTypeInfo("ClassLibrary2.PersistentClass2").Type, SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/PersistentClass2_ListView", SecurityPermissionState.Allow);
}
return(defaultRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddObjectPermission <Employee>(SecurityOperations.ReadWriteAccess, "[SystemUser.Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddObjectPermission <SystemUsers>(SecurityOperations.ReadWriteAccess, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Company>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Departments>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Divisions>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Positions>(SecurityOperations.Read, SecurityPermissionState.Allow);
}
return(defaultRole);
}
private static PermissionPolicyRole CreateDefaultRole2(UnitOfWork uow)
{
PermissionPolicyRole defaultRole = new XPQuery <PermissionPolicyRole>(uow).FirstOrDefault(x => x.Name == "Default2");
if (defaultRole != null)
{
defaultRole.Delete();
}
defaultRole = new PermissionPolicyRole(uow);
defaultRole.Name = "Default2";
defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
//defaultRole.AddTypePermissionsRecursively<Order>(SecurityOperations.Read, SecurityPermissionState.Allow);
//defaultRole.AddTypePermissionsRecursively<Customer>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.IsAdministrative = false;
return(defaultRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(role => role.Name == "Default");
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermissionFromLambda <ApplicationUser>(SecurityOperations.Read, cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Department_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/Employee_ListView", SecurityPermissionState.Allow);
defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
defaultRole.AddMemberPermissionFromLambda <ApplicationUser>(SecurityOperations.Write, "StoredPassword", cm => cm.Oid == (Guid)CurrentUserIdOperator.CurrentUserId(), SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Department>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddObjectPermissionFromLambda <Department>(SecurityOperations.Read, d => d.Title.Contains("Development"), SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddObjectPermissionFromLambda <Employee>(SecurityOperations.Delete, e => e.Department.Title.Contains("Development"), SecurityPermissionState.Allow);
defaultRole.AddMemberPermissionFromLambda <Employee>(SecurityOperations.Write, "LastName", e => !e.Department.Title.Contains("Development"), SecurityPermissionState.Deny);
defaultRole.AddActionPermission("RoleGeneratorAction");
}
return(defaultRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.ReadOnlyAccess, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
}
return(defaultRole);
}
private PermissionPolicyRole GetUserRole()
{
PermissionPolicyRole userRole = ObjectSpace.FirstOrDefault <PermissionPolicyRole>(u => u.Name == DefaultUserRoleName);
if (userRole == null)
{
userRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
userRole.Name = DefaultUserRoleName;
// Allow users to read departments only if their title contains 'Development'.
const string protectedDepartment = "Development";
userRole.AddObjectPermissionFromLambda <Department>(SecurityOperations.Read, t => !t.Title.Contains(protectedDepartment), SecurityPermissionState.Deny);
// Allow users to read and modify employee records and their fields by criteria.
userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
userRole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Write, SecurityPermissionState.Allow);
userRole.AddObjectPermissionFromLambda <Employee>(SecurityOperations.Delete, t => t.Department.Title.Contains(protectedDepartment), SecurityPermissionState.Allow);
userRole.AddMemberPermissionFromLambda <Employee>(SecurityOperations.Write, nameof(Employee.LastName), t => !t.Department.Title.Contains(protectedDepartment), SecurityPermissionState.Deny);
// For more information on criteria language syntax (both string and strongly-typed formats), see https://docs.devexpress.com/CoreLibraries/4928/.
}
return(userRole);
}
private PermissionPolicyRole CreateDefaultRole()
{
PermissionPolicyRole defaultRole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", "Default"));
if (defaultRole == null)
{
defaultRole = ObjectSpace.CreateObject <PermissionPolicyRole>();
defaultRole.Name = "Default";
defaultRole.AddObjectPermission <PermissionPolicyUser>(SecurityOperations.Read, "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Default/Items/MyDetails", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "ChangePasswordOnFirstLogon", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddMemberPermission <PermissionPolicyUser>(SecurityOperations.Write, "StoredPassword", "[Oid] = CurrentUserId()", SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Deny);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.ReadWriteAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifference>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <ModelDifferenceAspect>(SecurityOperations.Create, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Catalogo>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Config>(SecurityOperations.FullObjectAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Cliente>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Clasificacion>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Servicio>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Poliza>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
defaultRole.AddTypePermissionsRecursively <Incidencia>(SecurityOperations.FullAccess, SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Configuración/Items/Config_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Configuración/Items/Catalogo_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Clientes/Items/Cliente_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Clientes/Items/Clasificacion_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/Servicio_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/Poliza_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/Incidencia_ListView", SecurityPermissionState.Allow);
defaultRole.AddNavigationPermission(@"Application/NavigationItems/Items/Servicios/Items/NewIncidencia", SecurityPermissionState.Allow);
}
return(defaultRole);
}
private void createportalroles()
{
PermissionPolicyRole newrole = null;
string rolename = "";
string viewpricerole = GeneralValues.viewpricestring;
rolename = GeneralValues.RejectRole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
rolename = GeneralValues.CloseRole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
rolename = GeneralValues.PostRole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
rolename = GeneralValues.ApprovalRole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
rolename = GeneralValues.ChangeApprovalRole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#region PurchaseQuotation
rolename = DocTypeCodes.PurchaseQuotation;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchasing/Items/PurchaseQuotation_ListView", SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotation>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseQuotationUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
}
createGeneralPermission(newrole);
rolename = rolename + viewpricerole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#endregion
#region PurchaseReturn
rolename = DocTypeCodes.PurchaseReturn;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchase Return/Items/PurchaseReturn_ListView", SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturn>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseReturnUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
}
createGeneralPermission(newrole);
rolename = rolename + viewpricerole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#endregion
#region PurchaseDelivery
rolename = DocTypeCodes.PurchaseDelivery;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchase GRN/Items/PurchaseDelivery_ListView", SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDelivery>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseDeliveryUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
}
createGeneralPermission(newrole);
rolename = rolename + viewpricerole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#endregion
#region PurchaseOrder
rolename = DocTypeCodes.PurchaseOrder;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchasing/Items/PurchaseOrder_ListView", SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrder>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseOrderUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
}
createGeneralPermission(newrole);
rolename = rolename + viewpricerole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#endregion
#region PurchaseRequest
rolename = DocTypeCodes.PurchaseRequest;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Purchasing/Items/PurchaseRequest_ListView", SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequest>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestAttachment>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PurchaseRequestUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
}
createGeneralPermission(newrole);
rolename = rolename + viewpricerole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#endregion
#region StockTransferRequest
rolename = DocTypeCodes.StockTransferRequest;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Inventory/Items/StockTransferRequest_ListView", SecurityPermissionState.Allow);
newrole.AddNavigationPermission(@"Application/NavigationItems/Items/Inventory/Items/vwSAP_ITEM_AVAILABILITY_ListView", SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequest>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestApp>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestAppStage>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestAppStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestDetail>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestDetailUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestDocStatus>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <StockTransferRequestUDF>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
}
createGeneralPermission(newrole);
rolename = rolename + viewpricerole;
newrole = ObjectSpace.FindObject <PermissionPolicyRole>(new BinaryOperator("Name", rolename));
if (newrole == null)
{
newrole = ObjectSpace.CreateObject <PermissionPolicyRole>();
newrole.Name = rolename;
}
#endregion
}
private void createGeneralPermission(PermissionPolicyRole newrole)
{
newrole.AddTypePermissionsRecursively <Approval>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Budget>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <BudgetMaster>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Company>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <CrReport>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <CrReportParam>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Departments>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Divisions>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <DocType>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <DocTypeSeries>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <DocTypeSeriesDoc>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <FilteringCriterion>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <FilteringCriterionRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <FTCrystalReportConn>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <FTModule>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <FTSAPConn>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <MyNotification>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <MyTask>(SecurityOperations.CRUDAccess, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Positions>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Vehicle>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwAccounts>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwBillToAddress>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwBusinessPartners>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwContactPersons>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwCurrency>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwDimension1>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwDimension2>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwDimension3>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwDimension4>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwDimension5>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwItemMasters>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwPriceList>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwProjects>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwSalesPersons>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwSAP_ITEM_AVAILABILITY>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwShipToAddress>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwTaxes>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <vwWarehouses>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <Employee>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <SystemUsers>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PermissionPolicyUser>(SecurityOperations.Read, SecurityPermissionState.Allow);
newrole.AddTypePermissionsRecursively <PermissionPolicyRole>(SecurityOperations.Read, SecurityPermissionState.Allow);
}