public bool CanRead(FileEntry entry, Guid userId)
{
if (entry.FileEntryType == FileEntryType.Folder)
{
return(false);
}
if (!CRMSecurity.IsAvailableForUser(userId))
{
return(false);
}
using (var scope = DIHelper.Resolve())
{
var daoFactory = scope.Resolve <DaoFactory>();
var invoice = daoFactory.InvoiceDao.GetByFileId(Convert.ToInt32(entry.ID));
if (invoice != null)
{
return(CRMSecurity.CanAccessTo(invoice, userId));
}
var reportFile = daoFactory.ReportDao.GetFile(Convert.ToInt32(entry.ID), userId);
if (reportFile != null)
{
return(CRMSecurity.IsAdministrator(userId));
}
using (var tagDao = FilesIntegration.GetTagDao())
{
var eventIds = tagDao.GetTags(entry.ID, FileEntryType.File, TagType.System)
.Where(x => x.TagName.StartsWith("RelationshipEvent_"))
.Select(x => Convert.ToInt32(x.TagName.Split(new[] { '_' })[1]))
.ToList();
if (!eventIds.Any())
{
return(false);
}
var eventItem = daoFactory.RelationshipEventDao.GetByID(eventIds.First());
return(CRMSecurity.CanAccessTo(eventItem, userId));
}
}
}
public bool CanEdit(FileEntry entry, Guid userId)
{
return
(CanRead(entry, userId) &&
entry.CreateBy == userId || entry.ModifiedBy == userId || CRMSecurity.IsAdministrator(userId));
}
public bool CanEdit(FileEntry file, Guid userId)
{
return(file.CreateBy == userId || file.ModifiedBy == userId || CRMSecurity.IsAdministrator(userId));
}
