public void SetApplicationInternalData(Guid applicationId, int?internalScore, string internalDescription)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
if (internalScore.HasValue && (internalScore.Value < 0 || internalScore.Value > 100))
{
throw new ChalkableException("Internal score out of range. Internal score should be in range [0,100]");
}
using (var uow = Update())
{
var da = new ApplicationDataAccess(uow);
var app = da.GetApplicationById(applicationId);
if (!app.IsLive)
{
throw new ChalkableException("Only live application can have internal data");
}
app.InternalScore = internalScore;
app.InternalDescription = internalDescription;
da.Update(app);
uow.Commit();
}
}
public Preference Set(string key, object value, bool isPublic)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException(ChlkResources.ERR_PREFERENCE_INVALID_RIGHTS);
}
using (var uow = Update())
{
var da = new PreferenceDataAccess(uow);
var preference = da.GetPreferenceOrNull(key);
if (preference == null)
{
preference = CreatePreference(isPublic, key, new PreferenceInfo
{
Category = cache[key].Category,
Type = cache[key].Type,
Value = value.ToString(),
Hint = cache[key].Hint
});
da.Insert(preference);
}
else
{
preference.Value = value.ToString();
preference.IsPublic = isPublic;
da.Update(preference);
}
cache[key] = preference;
uow.Commit();
return(preference);
}
}
public bool HasMessagingSettgingsAccess(UserContext context, Guid?districtId)
{
var hasPermission = Context.Claims.HasPermission(ClaimInfo.MAINTAIN_CHALKABLE_DISTRICT_SETTINGS);
return((!districtId.HasValue || districtId == Context.DistrictId) &&
(BaseSecurity.IsSysAdmin(context) || (BaseSecurity.IsDistrictAdmin(context) && hasPermission)));
}
public bool ApproveReject(Guid applicationId, bool isApprove)
{
if (!BaseSecurity.IsSysAdmin(Context) && !BaseSecurity.IsAppTester(Context) && !BaseSecurity.IsAssessmentAdmin(Context))
{
throw new ChalkableSecurityException();
}
Application application;
using (var uow = Read())
{
var da = new ApplicationDataAccess(uow);
application = da.GetApplicationById(applicationId);
}
if (application.State == ApplicationStateEnum.SubmitForApprove)
{
User person = application.Developer.User;
person.ConfirmationKey = Guid.NewGuid().ToString().Replace("-", "");
application.State = isApprove ? ApplicationStateEnum.Approved : ApplicationStateEnum.Rejected;
using (var uow = Update())
{
new UserDataAccess(uow).Update(person);
var da = new ApplicationDataAccess(uow);
da.Update(application);
uow.Commit();
}
ServiceLocator.EmailService.SendApplicationEmailToDeveloper(application);
return(true);
}
return(false);
}
private bool CanEditAnswer(AnnouncementQnAComplex announcementQnA)
{
return(BaseSecurity.IsSysAdmin(Context) || announcementQnA.AnswererRef == Context.PersonId ||
(Context.PersonId.HasValue && Context.Role == CoreRoles.TEACHER_ROLE &&
string.IsNullOrEmpty(announcementQnA.Answer) && announcementQnA.ClassRef.HasValue &&
((DemoClassService)ServiceLocator.ClassService).ClassTeacherExists(announcementQnA.ClassRef.Value, Context.SchoolLocalId.Value)));
}
public Application GetApplicationById(Guid id)
{
if (id == InternalGetAssessmentId())
{
return(GetAssessmentApplication());
}
if (id == GetMiniQuizAppicationId())
{
return(GetMiniQuizAppication());
}
var q = new ApplicationQuery
{
Id = id,
Role = Context.Role.Id
};
if (!BaseSecurity.IsSysAdmin(Context))
{
q.SchoolId = Context.SchoolId;
}
using (var uow = Read())
{
return(new ApplicationDataAccess(uow)
.GetApplication(q));
}
}
public IList <ClassStandard> AddClassStandards(IList <ClassStandard> classStandards)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
return(ClassStandardStorage.Add(classStandards));
}
public override void DeletePicture(Guid id)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
base.DeletePicture(id);
}
public override void UploadPicture(Guid id, byte[] content)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
base.UploadPicture(id, content);
}
private bool CanEditQuestion(AnnouncementQnAComplex announcementQnA, UnitOfWork uow)
{
var da = new ClassTeacherDataAccess(uow);
return(BaseSecurity.IsSysAdmin(Context) || announcementQnA.AskerRef == Context.PersonId ||
(Context.PersonId.HasValue && Context.Role == CoreRoles.TEACHER_ROLE &&
da.Exists(announcementQnA.ClassRef, Context.PersonId.Value)) ||
(BaseSecurity.IsDistrictAdmin(Context) && announcementQnA.AdminRef == Context.PersonId));
}
public void Delete(Guid id)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
ChalkableDepartmentStorage.Delete(id);
ServiceLocator.DepartmentIconService.DeletePicture(id);
}
public void Delete(Guid id)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
CategoryStorage.Delete(id);
}
public PaginatedList <Data.Master.Model.School> GetSchools(Guid districtId, int start, int count)
{
if (!BaseSecurity.IsSysAdmin(Context) && districtId != Context.DistrictId)
{
return(new PaginatedList <Data.Master.Model.School>(new List <Data.Master.Model.School>(), start, count, 0));
}
return(new PaginatedList <Data.Master.Model.School>(DoRead(u => new SchoolDataAccess(u).GetSchools(districtId, start, count)).OrderBy(x => x.Name), start, count, 0));
}
public Category Edit(Guid id, string name, string description)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
var res = CategoryStorage.GetById(id);
res.Description = description;
res.Name = name;
CategoryStorage.Update(res);
return(res);
}
public ChalkableDepartment Edit(Guid id, string name, IList <string> keywords, byte[] icon)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
var res = ChalkableDepartmentStorage.GetById(id);
res.Keywords = keywords.JoinString(",");
res.Name = name;
ChalkableDepartmentStorage.Update(res);
ServiceLocator.DepartmentIconService.UploadPicture(id, icon);
return(res);
}
public Category Add(string name, string description)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
var res = new Category
{
Id = Guid.NewGuid(),
Name = name,
Description = description
};
CategoryStorage.Add(res);
return(res);
}
private PaginatedList <Application> GetApplications(ApplicationQuery query)
{
using (var uow = Read())
{
query.Role = Context.Role.Id;
if (!BaseSecurity.IsSysAdmin(Context))
{
query.SchoolId = Context.SchoolId;
query.DeveloperId = Context.DeveloperId;
if (!ApplicationSecurity.HasAccessToBannedApps(Context))
{
query.Ban = false;
}
}
return(new ApplicationDataAccess(uow).GetPaginatedApplications(query));
}
}
public ChalkableDepartment Add(string name, IList <string> keywords, byte[] icon)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
var res = new ChalkableDepartment
{
Id = Guid.NewGuid(),
Keywords = keywords.JoinString(","),
Name = name
};
ChalkableDepartmentStorage.Add(res);
ServiceLocator.DepartmentIconService.UploadPicture(res.Id, icon);
return(res);
}
public void ChangePassword(string login, string newPassword)
{
if (BaseSecurity.IsSysAdmin(Context) || Context.Login == login)
{
using (var uow = Update())
{
var da = new UserDataAccess(uow);
var user = da.GetUser(login, null, null);
user.Password = PasswordMd5(newPassword);
da.Update(user);
UpdateUserLoginInfo(user, null, null, Context.NowSchoolTime, uow);
uow.Commit();
}
}
else
{
throw new ChalkableSecurityException();
}
}
public void ChangeApplicationType(Guid applicationId, bool isInternal)
{
if (!BaseSecurity.IsSysAdmin(Context))
{
throw new ChalkableSecurityException();
}
using (var uow = Update())
{
var da = new ApplicationDataAccess(uow);
var application = da.GetApplicationById(applicationId);
if (!application.IsLive)
{
throw new ChalkableException("Only live application can be internal");
}
application.IsInternal = isInternal;
da.Update(application);
uow.Commit();
}
}
private bool CanScheduleTask(BackgroundTaskTypeEnum type)
{
return(BaseSecurity.IsSysAdmin(Context) || type == BackgroundTaskTypeEnum.GenerateReport);
}
private bool CanEditQuestion(AnnouncementQnAComplex announcementQnA)
{
return(BaseSecurity.IsSysAdmin(Context) || announcementQnA.AskerRef == Context.PersonId ||
(Context.PersonId.HasValue && Context.Role == CoreRoles.TEACHER_ROLE && announcementQnA.ClassRef.HasValue &&
((DemoClassService)ServiceLocator.ClassService).ClassTeacherExists(announcementQnA.ClassRef.Value, Context.PersonId.Value)));
}
