/// <summary>
/// Gets the employee permission details.
/// </summary>
/// <param name="context">The request context.</param>
/// <param name="staffId">The staff identifier.</param>
/// <returns>
/// The employee permission request.
/// </returns>
/// <exception cref="UserAuthenticationException">When the employee does not exists.</exception>
public static EmployeePermissions GetEmployeePermissions(RequestContext context, string staffId)
{
ThrowIf.Null(context, "context");
GetEmployeeDataRequest dataRequest = new GetEmployeeDataRequest(staffId, QueryResultSettings.SingleRecord);
Employee employee = context.Execute <SingleEntityDataServiceResponse <Employee> >(dataRequest).Entity;
if (employee == null)
{
string message = string.Format(CultureInfo.InvariantCulture, "The specified employee ({0}) was not found.", staffId);
throw new UserAuthenticationException(SecurityErrors.Microsoft_Dynamics_Commerce_Runtime_AuthenticationFailed, message);
}
// Check if the requested Employee object is same as logged-on user.
// If not, check staff have manager permission.
if (!string.Equals(staffId, context.GetPrincipal().UserId))
{
var checkAccessRequest = new CheckAccessIsManagerServiceRequest();
context.Execute <NullResponse>(checkAccessRequest);
}
GetEmployeePermissionsDataRequest permissionsDataRequest = new GetEmployeePermissionsDataRequest(staffId, new ColumnSet());
employee.Permissions = context.Execute <SingleEntityDataServiceResponse <EmployeePermissions> >(permissionsDataRequest).Entity;
return(employee.Permissions);
}
private static void OnGetEmployeePermissionsExecuting(GetEmployeePermissionsDataRequest request)
{
// Check if the requested Employee object is same as logged-on user.
// If not, check staff have manager permission.
if (!string.Equals(request.StaffId, request.RequestContext.GetPrincipal().UserId))
{
var checkAccessRequest = new CheckAccessIsManagerServiceRequest();
request.RequestContext.Execute <Response>(checkAccessRequest);
}
}
