///<summary>Will throw an error if not authorized and message not suppressed.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, bool suppressLockDateMessage, Userod curUser,
long procCodeNum, double procFee, long sheetDefNum, long fKey)
{
//No need to check RemotingRole; no call to db.
date = date.Date; //Remove the time portion of date so we can compare strictly as a date later.
//Check eConnector permission first.
if (IsValidEServicePermission(perm))
{
return(true);
}
if (!GroupPermissions.HasPermission(curUser, perm, fKey))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized.") + "\r\n"
+ Lans.g("Security", "A user with the SecurityAdmin permission must grant you access for") + ":\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefC.GetDate(PrefName.AccountingLockDate))
{
if (!suppressMessage && !suppressLockDateMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator."));
}
return(false);
}
}
//Check the global security lock------------------------------------------------------------------------------------
if (IsGlobalDateLock(perm, date, suppressMessage || suppressLockDateMessage, procCodeNum, procFee, sheetDefNum))
{
return(false);
}
//Check date/days limits on individual permission----------------------------------------------------------------
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
//Include CEMT users, as a CEMT user could be logged in when this is checked.
DateTime dateLimit = GetDateLimit(perm, curUser.GetGroups(true).Select(x => x.UserGroupNum).ToList());
if (date > dateLimit) //authorized
{
return(true);
}
//Prevents certain bugs when 1/1/1 dates are passed in and compared----------------------------------------------
//Handling of min dates. There might be others, but we have to handle them individually to avoid introduction of bugs.
if (perm == Permissions.ClaimDelete || //older versions did not have SecDateEntry
perm == Permissions.ClaimSentEdit || //no date sent was entered before setting claim received
perm == Permissions.ProcComplEdit || //a completed procedure with a min date.
perm == Permissions.ProcComplEditLimited || //because ProcComplEdit was in this list
perm == Permissions.ProcExistingEdit || //a completed EO or EC procedure with a min date.
perm == Permissions.InsPayEdit || //a claim payment with no date.
perm == Permissions.InsWriteOffEdit || //older versions did not have SecDateEntry or DateEntryC
perm == Permissions.TreatPlanEdit ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.CommlogEdit || //usually from a conversion
perm == Permissions.ProcDelete || //because older versions did not set the DateEntryC.
perm == Permissions.ImageDelete || //In case an image has a creation date of DateTime.MinVal.
perm == Permissions.PerioEdit || //In case perio chart exam has a creation date of DateTime.MinValue.
perm == Permissions.PreAuthSentEdit) //older versions did not have SecDateEntry
{
if (date.Year < 1880 && dateLimit.Year < 1880)
{
return(true);
}
}
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lans.g("Security", "Date limitation"));
}
return(false);
}
///<summary>Surrond with Try/Catch. Error messages will be thrown to caller.</summary>
public static bool IsGlobalDateLock(Permissions perm, DateTime date, bool isSilent = false, long codeNum = 0, double procFee = -1, long sheetDefNum = 0)
{
if (!(new[] {
Permissions.AdjustmentCreate
, Permissions.AdjustmentEdit
, Permissions.PaymentCreate
, Permissions.PaymentEdit
, Permissions.ProcComplCreate
, Permissions.ProcComplEdit
, Permissions.ProcExistingEdit
//,Permissions.ProcComplEditLimited
//,Permissions.ImageDelete
, Permissions.InsPayCreate
, Permissions.InsPayEdit
//,Permissions.InsWriteOffEdit//per Nathan 7/5/2016 this should not be affected by the global date lock
, Permissions.SheetEdit
, Permissions.SheetDelete
, Permissions.CommlogEdit
//,Permissions.ClaimDelete //per Nathan 01/18/2018 this should not be affected by the global date lock
, Permissions.PayPlanEdit
//,Permissions.ClaimHistoryEdit //per Nathan & Mark 03/01/2018 this should not be affected by the global lock date, not financial data.
}).Contains(perm))
{
return(false); //permission being checked is not affected by global lock date.
}
if (date.Year == 1)
{
return(false); //Invalid or MinDate passed in.
}
if (!PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) && GroupPermissions.HasPermission(Security.CurUser, Permissions.SecurityAdmin, 0))
{
return(false); //admins are never affected by global date limitation when preference is false.
}
if (perm.In(Permissions.ProcComplCreate, Permissions.ProcComplEdit, Permissions.ProcExistingEdit) &&
ProcedureCodes.CanBypassLockDate(codeNum, procFee))
{
return(false);
}
if (perm.In(Permissions.SheetEdit, Permissions.SheetDelete) && sheetDefNum > 0 && SheetDefs.CanBypassLockDate(sheetDefNum))
{
return(false);
}
//If global lock is Date based.
if (date <= PrefC.GetDate(PrefName.SecurityLockDate))
{
if (!isSilent)
{
MessageBox.Show(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetDate(PrefName.SecurityLockDate).ToShortDateString());
}
return(true);
}
//If global lock is days based.
int lockDays = PrefC.GetInt(PrefName.SecurityLockDays);
if (lockDays > 0 && date <= DateTime.Today.AddDays(-lockDays))
{
if (!isSilent)
{
MessageBox.Show(Lans.g("Security", "Locked by Administrator before ") + lockDays.ToString() + " days.");
}
return(true);
}
return(false);
}
///<summary>Will throw an error if not authorized and message not suppressed.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage, long userGroupNum)
{
//No need to check RemotingRole; no call to db.
if (!GroupPermissions.HasPermission(userGroupNum, perm))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefC.GetDate(PrefName.AccountingLockDate))
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator."));
}
return(false);
}
}
//Check the global security lock------------------------------------------------------------------------------------
//the list below is NOT the list of permissions that take dates. See GroupPermissions.PermTakesDates().
if (perm == Permissions.AdjustmentCreate ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.PaymentCreate ||
perm == Permissions.PaymentEdit ||
perm == Permissions.ProcComplCreate ||
perm == Permissions.ProcComplEdit
//|| perm==Permissions.ImageDelete
|| perm == Permissions.InsPayCreate ||
perm == Permissions.InsPayEdit ||
perm == Permissions.SheetEdit ||
perm == Permissions.CommlogEdit
)
{
//If the global lock is date-based:
if (date.Year > 1 && //if a valid date was passed in
date <= PrefC.GetDate(PrefName.SecurityLockDate)) //and that date is earlier than the lock
{
if (PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) || //if admins are locked out too
!GroupPermissions.HasPermission(userGroupNum, Permissions.SecurityAdmin)) //or is not an admin
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetDate(PrefName.SecurityLockDate).ToShortDateString());
}
return(false);
}
}
//If the global lock is days-based:
if (date.Year > 1 && //if a valid date was passed in
PrefC.GetInt(PrefName.SecurityLockDays) > 0 &&
date <= DateTime.Today.AddDays(-PrefC.GetInt(PrefName.SecurityLockDays))) //and that date is earlier than the lock
{
if (PrefC.GetBool(PrefName.SecurityLockIncludesAdmin) || //if admins are locked out too
!GroupPermissions.HasPermission(userGroupNum, Permissions.SecurityAdmin)) //or is not an admin
{
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Locked by Administrator before ") + PrefC.GetInt(PrefName.SecurityLockDays).ToString() + " days.");
}
return(false);
}
}
}
//Check date/days limits on individual permission----------------------------------------------------------------
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
DateTime dateLimit = GetDateLimit(perm, userGroupNum);
if (date > dateLimit) //authorized
{
return(true);
}
//Prevents certain bugs when 1/1/1 dates are passed in and compared----------------------------------------------
//Handling of min dates. There might be others, but we have to handle them individually to avoid introduction of bugs.
if (perm == Permissions.ClaimSentEdit || //no date sent was entered before setting claim received
perm == Permissions.ProcComplEdit || //a completed procedure with a min date.
perm == Permissions.InsPayEdit || //a claim payment with no date.
perm == Permissions.TreatPlanEdit ||
perm == Permissions.AdjustmentEdit ||
perm == Permissions.CommlogEdit || //usually from a conversion
perm == Permissions.ProcDelete) //because older versions did not set the DateEntryC.
{
if (date.Year < 1880 && dateLimit.Year < 1880)
{
return(true);
}
}
if (!suppressMessage)
{
throw new Exception(Lans.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lans.g("Security", "Date limitation"));
}
return(false);
}