} // set( CswNbtActionName ActionName, ICswNbtUser User, bool value )
#endregion Actions
#region Specialty
/// <summary>
/// Determines if the user has permission to View or Edit a node belonging to the Permission Group defined by the given GroupId
/// </summary>
/// <param name="Permission">Permission Type (either View or Edit)</param>
/// <param name="PermissionGroupId">The nodeid of the PermissionGroup with which to check permissions</param>
/// <param name="User">User for which to check permissions</param>
public bool canNode(CswEnumNbtNodeTypePermission Permission, CswPrimaryKey PermissionGroupId, ICswNbtUser User = null, CswNbtMetaDataNodeType NodeType = null)
{
bool hasPermission = true;
if (null == User)
{
User = _CswNbtResources.CurrentNbtUser;
}
if (false == (User is CswNbtSystemUser || User.Username == CswNbtObjClassUser.ChemSWAdminUsername))
{
if (null != User && CswTools.IsPrimaryKey(PermissionGroupId))
{
CswNbtPropertySetPermission PermNode = User.getPermissionForGroup(PermissionGroupId);
if (null != PermNode)
{
//Case 30480: Only use InventoryGroupPermission if checking against Containers
if (null == NodeType ||
PermNode.ObjectClass.ObjectClass != CswEnumNbtObjectClass.InventoryGroupPermissionClass ||
NodeType.getObjectClass().ObjectClass == CswEnumNbtObjectClass.ContainerClass)
{
hasPermission = ((Permission == CswEnumNbtNodeTypePermission.View && PermNode.View.Checked == CswEnumTristate.True) ||
PermNode.Edit.Checked == CswEnumTristate.True); //edit implies edit, create, and delete
}
}
else if (null != _CswNbtResources.Nodes[PermissionGroupId])
{
// case 30477 - Only revoke permissions if the group's nodetype is enabled and the node is valid
hasPermission = false;
}
}
}
return(hasPermission);
}
public override void update()
{
// CISPro Report Group (created in CswUpdateSchema_02H_28562C) should only be accessible to CISPro roles
CswNbtMetaDataObjectClass ReportGroupOC = _CswNbtSchemaModTrnsctn.MetaData.getObjectClass( CswEnumNbtObjectClass.ReportGroupClass );
CswNbtMetaDataObjectClass PermissionOC = _CswNbtSchemaModTrnsctn.MetaData.getObjectClass( CswEnumNbtObjectClass.ReportGroupPermissionClass );
CswNbtMetaDataObjectClass RoleOC = _CswNbtSchemaModTrnsctn.MetaData.getObjectClass( CswEnumNbtObjectClass.RoleClass );
CswNbtMetaDataObjectClassProp GroupNameOCP = ReportGroupOC.getObjectClassProp( CswNbtObjClassReportGroup.PropertyName.Name );
CswNbtMetaDataObjectClassProp PermissionGroupOCP = PermissionOC.getObjectClassProp( CswNbtObjClassReportGroupPermission.PropertyName.PermissionGroup );
CswNbtMetaDataObjectClassProp RoleNameOCP = RoleOC.getObjectClassProp( CswNbtObjClassRole.PropertyName.Name );
// Delete existing (default) permissions
CswNbtView View = _CswNbtSchemaModTrnsctn.makeView();
CswNbtViewRelationship Rel1 = View.AddViewRelationship( ReportGroupOC, false );
View.AddViewPropertyAndFilter( Rel1, GroupNameOCP, Value: "CISPro Report Group", FilterMode: CswEnumNbtFilterMode.Equals );
CswNbtViewRelationship Rel2 = View.AddViewRelationship( Rel1, CswEnumNbtViewPropOwnerType.Second, PermissionGroupOCP, false );
ICswNbtTree results = _CswNbtSchemaModTrnsctn.getTreeFromView( View, true );
CswNbtObjClassReportGroup CISProGroup = null;
for( Int32 g = 0; g < results.getChildNodeCount(); g++ )
{
results.goToNthChild( g );
CISProGroup = results.getNodeForCurrentPosition();
for( Int32 p = 0; p < results.getChildNodeCount(); p++ )
{
results.goToNthChild( p );
CswNbtNode PermNode = results.getNodeForCurrentPosition();
PermNode.delete( false, true );
results.goToParentNode();
}
results.goToParentNode();
} // for( Int32 g = 0; g < results.getChildNodeCount(); g++ )
if( null != CISProGroup )
{
// Get all cispro roles
CswNbtView rolesView = _CswNbtSchemaModTrnsctn.makeView();
CswNbtViewRelationship parent = rolesView.AddViewRelationship( RoleOC, false );
rolesView.AddViewPropertyAndFilter( parent,
MetaDataProp: RoleNameOCP,
SubFieldName: CswEnumNbtSubFieldName.Text,
FilterMode: CswEnumNbtFilterMode.Contains,
Value: "cispro" );
rolesView.AddViewPropertyAndFilter( parent,
Conjunction: CswEnumNbtFilterConjunction.Or,
MetaDataProp: RoleNameOCP,
SubFieldName: CswEnumNbtSubFieldName.Text,
FilterMode: CswEnumNbtFilterMode.Equals,
Value: "Administrator" );
rolesView.AddViewPropertyAndFilter( parent,
Conjunction: CswEnumNbtFilterConjunction.Or,
MetaDataProp: RoleNameOCP,
SubFieldName: CswEnumNbtSubFieldName.Text,
FilterMode: CswEnumNbtFilterMode.Equals,
Value: CswNbtObjClassRole.ChemSWAdminRoleName );
ICswNbtTree rolesTree = _CswNbtSchemaModTrnsctn.getTreeFromView( rolesView, true );
Collection<CswPrimaryKey> CISProRoleIds = new Collection<CswPrimaryKey>();
for( int i = 0; i < rolesTree.getChildNodeCount(); i++ )
{
rolesTree.goToNthChild( i );
CISProRoleIds.Add( rolesTree.getNodeIdForCurrentPosition() );
rolesTree.goToParentNode();
}
// Grant permission to all cispro roles
CswNbtMetaDataNodeType PermissionNT = PermissionOC.FirstNodeType;
if( null != PermissionNT )
{
foreach( CswPrimaryKey RoleId in CISProRoleIds )
{
_CswNbtSchemaModTrnsctn.Nodes.makeNodeFromNodeTypeId( PermissionNT.NodeTypeId, delegate( CswNbtNode NewNode )
{
CswNbtPropertySetPermission NewPermission = NewNode;
NewPermission.ApplyToAllRoles.Checked = CswEnumTristate.False;
NewPermission.ApplyToAllWorkUnits.Checked = CswEnumTristate.True;
NewPermission.PermissionGroup.RelatedNodeId = CISProGroup.NodeId;
NewPermission.View.Checked = CswEnumTristate.True;
NewPermission.Edit.Checked = CswEnumTristate.True;
NewPermission.Role.RelatedNodeId = RoleId;
} );
}
}
} // if( null != CISProGroup )
} // update()
