/// <summary> /// Submit Decision Click - When the user clicks the Submit button, /// this submits the descision of the user, approve or reject, /// to the application data store. /// </summary> protected void SubmitDecision_Click(object sender, System.EventArgs e) { // // Check if the user has access to the administer // operation and then save application settings // // // Get the client context from the session variables // IAzClientContext3 AzClient = ExpenseCommon.GetAzClientContext(); // // Set BizRule Parameters // IAzBizRuleParameters BizRuleParams = AzClient.BizRuleParameters; BizRuleParams.AddParameter("Amount", ExpenseData["Amount"]); BizRuleParams.AddParameter("Date", ExpenseData["Date"]); BizRuleParams.AddParameter("SubmitterName", (object)ExpenseData["User"]); BizRuleParams.AddParameter("UserName", ExpenseCommon.GetClientSamName()); // // Run the access check on the submit operation // Passing the audit text, scope, operations and business rule parameters // uint result = AzClient.AccessCheck2("Approve Expense Report", "", ExpenseCommon.AzopApprove); // // Check for success of the access check // bool bAuthorized = false; if (result == ExpenseCommon.NoError) { bAuthorized = true; } else if (result == ExpenseCommon.AccessDenied) { string errorMessage = AzClient.GetBusinessRuleString(); if (errorMessage != "") { Message.Text = "<font color=\"FF0000\">Access Denied." + errorMessage + "</font>"; } else { Message.Text = "<font color=\"FF0000\">Access Denied. You do not have sufficient permissions to perform this operation.</font>"; } bAuthorized = false; } else { // // Check for other error // if (result != ExpenseCommon.NoError) { Win32Exception ex = new Win32Exception(); Message.Text = "<font color=\"FF0000\">There was an error performing the AccessCheck: " + ex.Message + "</font>"; } } if (bAuthorized) { // // Check for the user has added comments // if (Comment.Text.Length > 0) { // // Attach the comment to the transaction // ExpenseData["Comment"] = string.Concat(ExpenseData["Comment"], "<p><b>Approver Comment: </b></p>", Comment.Text); ExpenseCommon.SaveTransaction(transID, ExpenseData); } // // Check for the user approved or rejected the expense // if (Decision.SelectedValue == "approve") { // // Approve the expense // ExpenseCommon.ApproveTransaction(transID); } else { // // Reject the expense // ExpenseCommon.RejectTransaction(transID); } // // Redirect the user to pending expenses list // Response.Redirect("List.aspx", true); } else { // // If the access check failed, display an error message to the user // Message.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString(); return; } }
/// <summary> /// Submit Decision Click - When the user clicks the Submit button, /// this submits the descision of the user, approve or reject, /// to the application data store. /// </summary> protected void SubmitDecision_Click(object sender, System.EventArgs e) { // // // Get the client context from the session variables // IAzClientContext AzClient = ExpenseCommon.GetAzClientContext(); // // Check if the user has access to the administer // operation and then save application settings // // // Contains the scope of the access check request // which is set to the application level (null) // object[] scope = new Object[1]; scope[0] = (object)""; // // Contains all the operations associated with // changing the application settings // In this case the approve operation // object[] operations = new Object[1]; operations[0] = ExpenseCommon.AzopApprove; // // Contains all the parameter names associated with // approving an expense. These are organized as // name-value pairs and passed to the business rule // if one is defined // Object[] BRNames = new Object[3]; BRNames[0] = (object)ExpenseCommon.ParamAmount; BRNames[1] = (object)ExpenseCommon.ParamDate; BRNames[2] = (object)ExpenseCommon.ParamUserName; // // Contains all the paramenter values associted with // approving an expense. // Object[] BRValues = new Object[3]; BRValues[0] = (object)ExpenseData["Amount"]; BRValues[1] = (object)ExpenseData["Date"]; BRValues[2] = (object)ExpenseCommon.GetClientSamName(); // // Run the access check on the administer operation // Passing the audit text, scope, operations and business rule parameters // object[] results = (object[])AzClient.AccessCheck("Approve Expense Report", (object)scope, (object)operations, BRNames, BRValues, null, null, null); // // Check for success of the access check // bool bAuthorized = true; foreach (int iResCode in results) { if (iResCode != ExpenseCommon.NoError) { bAuthorized = false; break; } } if (bAuthorized) { // // Check for the user has added comments // if (Comment.Text.Length > 0) { // // Attach the comment to the transaction // ExpenseData["Comment"] = string.Concat(ExpenseData["Comment"], "<p><b>Approver Comment: </b></p>", Comment.Text); ExpenseCommon.SaveTransaction(transID, ExpenseData); } // // Check for the user approved or rejected the expense // if (Decision.SelectedValue == "approve") { // // Approve the expense // ExpenseCommon.ApproveTransaction(transID); } else { // // Reject the expense // ExpenseCommon.RejectTransaction(transID); } // // Redirect the user to pending expenses list // Response.Redirect("List.aspx", true); } else { // // If the access check failed, display an error message to the user // Message.Text = "Error Access Denied: " + AzClient.GetBusinessRuleString(); return; } }