Exemplo n.º 1
0
        public bool HasAccessToMenu(ENTUserAccountEO userAccount, ENTRoleEOList roles)
        {
            if (IsAlwaysEnabled)
            {
                return(true);
            }
            //Loop through all the roles this user is in.  The first time the user has
            //access to the menu item then return true.  If you get through all the
            //roles then the user does not have access to this menu item.
            foreach (var role in roles)
            {
                //Check if this user is in this role
                if (role.RoleUserAccounts.IsUserInRole(userAccount.ID))
                {
                    //Try to find the capability with the menu item Id.
                    IEnumerable <ENTRoleCapabilityEO> capabilities = role.RoleCapabilities.GetByMenuItemId(ID);

                    if (capabilities.Any(capability => (capability != null) &&
                                         (capability.AccessFlag != ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum.None)))
                    {
                        return(true);
                    }
                }
            }

            //If it gets here then the user didn't have access to this menu item.  BUT they may have access
            //to one of its children, now check the children and if they have access to any of  them  then
            //return true.
            if (ChildMenuItems.Count > 0)
            {
                return(ChildMenuItems.Any(child => child.HasAccessToMenu(userAccount, roles)));
            }

            //If it never found a role with any capability then return false.
            return(false);
        }
        /// <summary>
        /// The capabilities are least restrictive.  If a user is in more then one role and one has edit and the other is read only
        /// then edit is returned.
        /// </summary>
        /// <param name="capabilityId"></param>
        /// <param name="rolesWithCapabilities"></param>
        /// <returns></returns>
        public ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum GetCapabilityAccess(int capabilityId, ENTRoleEOList rolesWithCapabilities)
        {
            var retVal = ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum.None;

            //The roles in the user object do not include the capabilities.
            foreach (var role in Roles)
            {
                var roleWithCapabilities = rolesWithCapabilities.GetByRoleId(role.ID);

                foreach (var capability in roleWithCapabilities.RoleCapabilities)
                {
                    if (capability.Capability.ID == capabilityId)
                    {
                        if (capability.AccessFlag == ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum.Edit)
                        {
                            return(ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum.Edit);
                        }
                        if (capability.AccessFlag == ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum.ReadOnly)
                        {
                            //Since this is least restrictive temporarirly set the return value to read only.
                            retVal = ENTRoleCapabilityEO.CapabiiltyAccessFlagEnum.ReadOnly;
                        }
                    }
                }
            }

            return(retVal);
        }
 public ENTUserAccountEO()
 {
     Roles = new ENTRoleEOList();
 }