public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, BiblRefModule.Id, Permissions.Use))
{
return(InspectionResult.Allow);
}
if (query.IsForEntity(EntityConsts.BibliographicDocument) ||
query.IsForEntity(EntityConsts.BibliographicQuery) ||
query.IsForEntity(EntityConsts.Bibliography) ||
query.IsForEntity(EntityConsts.Language))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, BiblRefModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
else if (_securityService.CurrentUser.UserType == UserTypes.Customer && query.IsForEntity(EntityConsts.BibliographicQuery))
{
var relToMe = query.GetRelatedQuery(User.ENTITY, Roles.Customer);
if (relToMe != null && relToMe.GetSingleId().HasValue&& relToMe.GetSingleId().Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(User.ENTITY, Roles.Customer))
{
query.Include(User.ENTITY, Roles.Customer);
}
}
else
{
return(InspectionResult.Allow);
}
}
}
else if (query.IsForEntity(Payment.ENTITY) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, BiblRefModule.Id, Permissions.Use))
{
if (query.GetRelatedQuery(EntityConsts.BibliographicQuery, Roles.Payment) != null)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(EntityConsts.BibliographicQuery, Roles.Payment))
{
query.Include(EntityConsts.BibliographicQuery, Roles.Payment);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable <Entity> entities)
{
if (query.IsForEntity(EntityConsts.BibliographicListQuery) &&
_securityService.CurrentUser.UserType == UserTypes.Customer &&
_securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use) &&
query.HasInclude(User.ENTITY, Roles.Customer))
{
bool isMe = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(User.ENTITY, Roles.Customer);
if (rel == null || rel.Entity.Id != _securityService.CurrentUser.Id)
{
isMe = false;
break;
}
}
if (isMe)
{
return(InspectionResult.Allow);
}
}
else if (query.IsForEntity(Payment.ENTITY) && query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
{
bool ok = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(EntityConsts.BibliographicListQuery, Roles.Payment);
if (rel == null)
{
ok = false;
break;
}
}
if (ok)
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
{
return(InspectionResult.Allow);
}
else if (query.GetRuleByProperty("Id") != null && Convert.ToInt32(query.GetRuleByProperty("Id").Values[0]) == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
if (query.HasProperty("RecoveryCode"))
{
return(InspectionResult.Deny); //Only users with UserManagement permission can access this property
}
bool hasUserActivationPermission = _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation);
var isActiveRule = query.Rules.Find(r => r.IsForProperty("IsActive"));
if (isActiveRule != null &&
isActiveRule.Values.Count() == 1 &&
Convert.ToBoolean(isActiveRule.Values.Single()) == false &&
hasUserActivationPermission)
{
return(InspectionResult.Allow);
}
if (hasUserActivationPermission && !query.HasProperty("IsActive"))
{
query.AddProperty("IsActive");
}
}
else if (query.IsForEntity(UserGroup.ENTITY))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian ||
_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement) ||
_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
{
return(InspectionResult.Allow);
}
else if (query.GetRuleByProperty("UserType") != null &&
(UserTypes)Convert.ToInt32(query.GetRuleByProperty("UserType").Values[0]) == _securityService.CurrentUser.UserType &&
!query.HasInclude("User", "UserGroup"))
{
return(InspectionResult.Allow);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(Payment.ENTITY))
{
var cust = query.GetRelatedQuery(User.ENTITY, Payment.ROLE_CUSTOMER);
if (cust != null && cust.GetSingleId().HasValue&& cust.GetSingleId().Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(User.ENTITY, Payment.ROLE_CUSTOMER))
{
query.Include(User.ENTITY, Payment.ROLE_CUSTOMER);
}
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
return(InspectionResult.Allow);
}
else if (query.IsForEntity(Inquery.EntityType))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
else if (_securityService.CurrentUser.UserType == UserTypes.Customer)
{
var relTo = query.GetRelatedQuery(User.ENTITY, RelationConsts.Customer);
if (relTo != null && relTo.GetSingleId().HasValue&& relTo.GetSingleId().Value == _securityService.CurrentUser.Id)
{
return(InspectionResult.Allow);
}
else if (!query.HasInclude(User.ENTITY, RelationConsts.Customer))
{
query.Include(User.ENTITY, RelationConsts.Customer);
}
}
}
}
else if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return(InspectionResult.Allow);
}
}
else if (query.IsForEntity(Notification.ENTITY) &&
_securityService.CurrentUser.UserType == UserTypes.Librarian &&
_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use) &&
query.GetRelatedQuery(Inquery.EntityType, RelationConsts.Inquery) != null)
{
return(InspectionResult.Allow);
}
return(InspectionResult.None);
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
return InspectionResult.Allow;
else if (query.IsForEntity(Inquery.EntityType))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
return InspectionResult.Allow;
else if (_securityService.CurrentUser.UserType == UserTypes.Customer)
{
var relTo = query.GetRelatedQuery(User.ENTITY, RelationConsts.Customer);
if (relTo != null && relTo.GetSingleId().HasValue && relTo.GetSingleId().Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
else if (!query.HasInclude(User.ENTITY, RelationConsts.Customer))
query.Include(User.ENTITY, RelationConsts.Customer);
}
}
}
else if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian)
{
return InspectionResult.Allow;
}
}
else if (query.IsForEntity(Notification.ENTITY)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian
&& _securityService.HasModulePermission(_securityService.CurrentUser, AskTheLibModule.Id, Permissions.Use)
&& query.GetRelatedQuery(Inquery.EntityType, RelationConsts.Inquery) != null)
{
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(User.ENTITY))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserManagement))
return InspectionResult.Allow;
else if (query.GetRuleByProperty("Id") != null && Convert.ToInt32(query.GetRuleByProperty("Id").Values[0]) == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
if (query.HasProperty("RecoveryCode"))
return InspectionResult.Deny; //Only users with UserManagement permission can access this property
bool hasUserActivationPermission = _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation);
var isActiveRule = query.Rules.Find(r => r.IsForProperty("IsActive"));
if (isActiveRule != null
&& isActiveRule.Values.Count() == 1
&& Convert.ToBoolean(isActiveRule.Values.Single()) == false
&& hasUserActivationPermission)
return InspectionResult.Allow;
if (hasUserActivationPermission && !query.HasProperty("IsActive"))
query.AddProperty("IsActive");
}
else if (query.IsForEntity(UserGroup.ENTITY))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian
|| _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserGroupManagement)
|| _securityService.HasModulePermission(_securityService.CurrentUser, AccountModule.Id, Permissions.UserActivation))
return InspectionResult.Allow;
else if (query.GetRuleByProperty("UserType") != null
&& (UserTypes)Convert.ToInt32(query.GetRuleByProperty("UserType").Values[0]) == _securityService.CurrentUser.UserType
&& !query.HasInclude("User", "UserGroup"))
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectResult(EntityQuery2 query, IEnumerable<Entity> entities)
{
if (query.IsForEntity(EntityConsts.BibliographicListQuery)
&& _securityService.CurrentUser.UserType == UserTypes.Customer
&& _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use)
&& query.HasInclude(User.ENTITY, Roles.Customer))
{
bool isMe = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(User.ENTITY, Roles.Customer);
if (rel == null || rel.Entity.Id != _securityService.CurrentUser.Id)
{
isMe = false;
break;
}
}
if (isMe)
return InspectionResult.Allow;
}
else if (query.IsForEntity(Payment.ENTITY) && query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
{
bool ok = true;
foreach (var e in entities)
{
var rel = e.GetSingleRelation(EntityConsts.BibliographicListQuery, Roles.Payment);
if (rel == null)
{
ok = false;
break;
}
}
if (ok)
return InspectionResult.Allow;
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity("Arguments") && _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
return InspectionResult.Allow;
if (query.IsForEntity(EntityConsts.BibliographicListQuery)
|| query.IsForEntity(EntityConsts.BibliographicListStandart))
{
if (_securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
return InspectionResult.Allow;
else if (_securityService.CurrentUser.UserType == UserTypes.Customer && query.IsForEntity(EntityConsts.BibliographicListQuery))
{
var relToMe = query.GetRelatedQuery(User.ENTITY, Roles.Customer);
if (relToMe != null && relToMe.GetSingleId().HasValue && relToMe.GetSingleId().Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
else if (!query.HasInclude(User.ENTITY, Roles.Customer))
query.Include(User.ENTITY, Roles.Customer);
}
else
return InspectionResult.Allow;
}
}
else if (query.IsForEntity(Payment.ENTITY)
&& _securityService.CurrentUser.UserType == UserTypes.Librarian
&& _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
{
if (query.GetRelatedQuery(EntityConsts.BibliographicListQuery, Roles.Payment) != null)
return InspectionResult.Allow;
else if (!query.HasInclude(EntityConsts.BibliographicListQuery, Roles.Payment))
query.Include(EntityConsts.BibliographicListQuery, Roles.Payment);
}
return InspectionResult.None;
}
public InspectionResult InspectQuery(EntityQuery2 query)
{
if (query.IsForEntity(Payment.ENTITY))
{
var cust = query.GetRelatedQuery(User.ENTITY, Payment.ROLE_CUSTOMER);
if (cust != null && cust.GetSingleId().HasValue && cust.GetSingleId().Value == _securityService.CurrentUser.Id)
return InspectionResult.Allow;
else if (!query.HasInclude(User.ENTITY, Payment.ROLE_CUSTOMER))
query.Include(User.ENTITY, Payment.ROLE_CUSTOMER);
}
return InspectionResult.None;
}
