private List <DataTableStoredFilter> GetStoredFilters(DataTableConfig config) { var filters = new List <DataTableStoredFilter>(); var roleRepo = IocManager.Resolve <IRepository <ShaRole, Guid> >(); var rolePersonRepo = IocManager.Resolve <IRepository <ShaRoleAppointedPerson, Guid> >(); var containerRepo = IocManager.Resolve <IRepository <StoredFilterContainer, Guid> >(); var mapper = IocManager.Resolve <IMapper>(); var existingFilters = containerRepo.GetAll() .Where(f => f.OwnerType == "" && f.OwnerId == config.Id && !f.Filter.IsDeleted).Select(f => f.Filter) .OrderBy(f => f.OrderIndex).ToList(); foreach (var filter in existingFilters) { // Security: when visibility conditions are provided, restrict the filter var hasAccess = true; if (filter.VisibleBy.Any()) { var shaRoleType = _entityConfigurationStore.Get(typeof(ShaRole))?.TypeShortAlias; var visibleByRoles = filter.VisibleBy.Where(v => v.OwnerType == shaRoleType) .Select(v => roleRepo.Get(v.OwnerId.ToGuid())).ToList(); hasAccess = false; var currentUser = GetCurrentUser(); foreach (var role in visibleByRoles) { if (rolePersonRepo.GetAll().Any(c => c.Role == role && c.Person == currentUser)) { hasAccess = true; break; } } } if (hasAccess) { filters.Add(mapper.Map <DataTableStoredFilter>(filter)); } } return(filters); }
public void AppendQuickSearchCriteria(DataTableConfig tableConfig, QuickSearchMode searchMode, string sSearch, FilterCriteria filterCriteria) { AppendQuickSearchCriteria(tableConfig.RowType, tableConfig.Columns, searchMode, sSearch, filterCriteria, tableConfig.OnRequestToQuickSearch, tableConfig.Id); }