Exemplo n.º 1
0
        /// <summary>
        /// Fixed:
        /// </summary>
        public static Error.Types OnAddingMailAddress(
            SiteSettings ss,
            UserModel userModel,
            string mailAddress,
            out string data)
        {
            var error = MailAddressValidators.BadMailAddress(mailAddress, out data);

            if (!DefinitionAccessor.Parameters.Service.ShowProfiles)
            {
                return(Error.Types.InvalidRequest);
            }
            if (error.Has())
            {
                return(error);
            }
            if (mailAddress.Trim() == string.Empty)
            {
                return(Error.Types.InputMailAddress);
            }
            if (!Permissions.CanManageTenant() && !userModel.Self())
            {
                return(Error.Types.HasNotPermission);
            }
            return(Error.Types.None);
        }
Exemplo n.º 2
0
        /// <summary>
        /// Fixed:
        /// </summary>
        public static ErrorData OnAddingMailAddress(
            Context context,
            UserModel userModel,
            string mailAddress,
            out string data)
        {
            var errorData = MailAddressValidators.BadMailAddress(
                context: context,
                addresses: mailAddress,
                data: out data);

            if (!Parameters.Service.ShowProfiles)
            {
                return(new ErrorData(type: Error.Types.InvalidRequest));
            }
            if (errorData.Type.Has())
            {
                return(errorData);
            }
            if (mailAddress.Trim() == string.Empty)
            {
                return(new ErrorData(type: Error.Types.InputMailAddress));
            }
            if (!Permissions.CanManageTenant(context: context) &&
                !userModel.Self(context: context))
            {
                return(new ErrorData(type: Error.Types.HasNotPermission));
            }
            return(new ErrorData(type: Error.Types.None));
        }
Exemplo n.º 3
0
        public static Error.Types OnUpdating(SiteSettings ss, UserModel userModel)
        {
            if (Forms.Exists("Users_TenantManager") && userModel.Self())
            {
                return(Error.Types.PermissionNotSelfChange);
            }
            if (!ss.CanUpdate())
            {
                return(Error.Types.HasNotPermission);
            }
            ss.SetColumnAccessControls(userModel.Mine());
            foreach (var controlId in Forms.Keys())
            {
                switch (controlId)
                {
                case "Users_LoginId":
                    if (userModel.LoginId_Updated &&
                        !ss.GetColumn("LoginId").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_GlobalId":
                    if (userModel.GlobalId_Updated &&
                        !ss.GetColumn("GlobalId").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Name":
                    if (userModel.Name_Updated &&
                        !ss.GetColumn("Name").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_UserCode":
                    if (userModel.UserCode_Updated &&
                        !ss.GetColumn("UserCode").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Password":
                    if (userModel.Password_Updated &&
                        !ss.GetColumn("Password").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_LastName":
                    if (userModel.LastName_Updated &&
                        !ss.GetColumn("LastName").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_FirstName":
                    if (userModel.FirstName_Updated &&
                        !ss.GetColumn("FirstName").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Birthday":
                    if (userModel.Birthday_Updated &&
                        !ss.GetColumn("Birthday").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Gender":
                    if (userModel.Gender_Updated &&
                        !ss.GetColumn("Gender").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Language":
                    if (userModel.Language_Updated &&
                        !ss.GetColumn("Language").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_TimeZone":
                    if (userModel.TimeZone_Updated &&
                        !ss.GetColumn("TimeZone").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_DeptId":
                    if (userModel.DeptId_Updated &&
                        !ss.GetColumn("DeptId").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_FirstAndLastNameOrder":
                    if (userModel.FirstAndLastNameOrder_Updated &&
                        !ss.GetColumn("FirstAndLastNameOrder").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Body":
                    if (userModel.Body_Updated &&
                        !ss.GetColumn("Body").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_LastLoginTime":
                    if (userModel.LastLoginTime_Updated &&
                        !ss.GetColumn("LastLoginTime").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_PasswordExpirationTime":
                    if (userModel.PasswordExpirationTime_Updated &&
                        !ss.GetColumn("PasswordExpirationTime").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_PasswordChangeTime":
                    if (userModel.PasswordChangeTime_Updated &&
                        !ss.GetColumn("PasswordChangeTime").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_NumberOfLogins":
                    if (userModel.NumberOfLogins_Updated &&
                        !ss.GetColumn("NumberOfLogins").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_NumberOfDenial":
                    if (userModel.NumberOfDenial_Updated &&
                        !ss.GetColumn("NumberOfDenial").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_TenantManager":
                    if (userModel.TenantManager_Updated &&
                        !ss.GetColumn("TenantManager").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_Disabled":
                    if (userModel.Disabled_Updated &&
                        !ss.GetColumn("Disabled").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Users_ApiKey":
                    if (userModel.ApiKey_Updated &&
                        !ss.GetColumn("ApiKey").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;

                case "Comments":
                    if (!ss.GetColumn("Comments").CanUpdate)
                    {
                        return(Error.Types.HasNotPermission);
                    }
                    break;
                }
            }
            return(Error.Types.None);
        }
Exemplo n.º 4
0
        public static ErrorData OnUpdating(
            Context context, SiteSettings ss, UserModel userModel, bool api = false)
        {
            if (api && (context.ContractSettings.Api == false || !Parameters.Api.Enabled))
            {
                return(new ErrorData(type: Error.Types.InvalidRequest));
            }
            if (context.Forms.Exists("Users_TenantManager") &&
                userModel.Self(context: context))
            {
                return(new ErrorData(type: Error.Types.PermissionNotSelfChange));
            }
            if (!context.CanUpdate(ss: ss))
            {
                return(new ErrorData(type: Error.Types.HasNotPermission));
            }
            ss.SetColumnAccessControls(context: context, mine: userModel.Mine(context: context));
            foreach (var column in ss.Columns
                     .Where(o => !o.CanUpdate)
                     .Where(o => !ss.FormulaTarget(o.ColumnName)))
            {
                switch (column.ColumnName)
                {
                case "LoginId":
                    if (userModel.LoginId_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "GlobalId":
                    if (userModel.GlobalId_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Name":
                    if (userModel.Name_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "UserCode":
                    if (userModel.UserCode_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Password":
                    if (userModel.Password_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LastName":
                    if (userModel.LastName_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "FirstName":
                    if (userModel.FirstName_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Birthday":
                    if (userModel.Birthday_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Gender":
                    if (userModel.Gender_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Language":
                    if (userModel.Language_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "TimeZone":
                    if (userModel.TimeZone_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "DeptId":
                    if (userModel.DeptId_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "FirstAndLastNameOrder":
                    if (userModel.FirstAndLastNameOrder_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Body":
                    if (userModel.Body_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LastLoginTime":
                    if (userModel.LastLoginTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "PasswordExpirationTime":
                    if (userModel.PasswordExpirationTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "PasswordChangeTime":
                    if (userModel.PasswordChangeTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "NumberOfLogins":
                    if (userModel.NumberOfLogins_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "NumberOfDenial":
                    if (userModel.NumberOfDenial_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "TenantManager":
                    if (userModel.TenantManager_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Disabled":
                    if (userModel.Disabled_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Lockout":
                    if (userModel.Lockout_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LockoutCounter":
                    if (userModel.LockoutCounter_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "ApiKey":
                    if (userModel.ApiKey_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LdapSearchRoot":
                    if (userModel.LdapSearchRoot_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "SynchronizedTime":
                    if (userModel.SynchronizedTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Comments":
                    if (!ss.GetColumn(context: context, columnName: "Comments").CanUpdate)
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                default:
                    switch (Def.ExtendedColumnTypes.Get(column.Name))
                    {
                    case "Class":
                        if (userModel.Class_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Num":
                        if (userModel.Num_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Date":
                        if (userModel.Date_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Description":
                        if (userModel.Description_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Check":
                        if (userModel.Check_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Attachments":
                        if (userModel.Attachments_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;
                    }
                    break;
                }
            }
            return(new ErrorData(type: Error.Types.None));
        }
        public static ErrorData OnUpdating(
            Context context, SiteSettings ss, UserModel userModel, bool api = false)
        {
            if (api)
            {
                if ((!Parameters.Api.Enabled ||
                     context.ContractSettings.Api == false ||
                     context.UserSettings?.AllowApi(context: context) == false))
                {
                    return(new ErrorData(type: Error.Types.InvalidRequest));
                }
                if (context.InvalidJsonData)
                {
                    return(new ErrorData(type: Error.Types.InvalidJsonData));
                }
            }
            if (!Parameters.Service.ShowProfiles && !context.HasPrivilege)
            {
                return(new ErrorData(type: Error.Types.InvalidRequest));
            }
            if (context.Forms.Exists("Users_TenantManager") &&
                userModel.Self(context: context))
            {
                return(new ErrorData(type: Error.Types.PermissionNotSelfChange));
            }
            if (!context.CanUpdate(ss: ss) || userModel.ReadOnly)
            {
                return(!context.CanRead(ss: ss)
                    ? new ErrorData(type: Error.Types.NotFound)
                    : new ErrorData(type: Error.Types.HasNotPermission));
            }
            foreach (var column in ss.Columns
                     .Where(o => !o.CanUpdate(
                                context: context,
                                ss: ss,
                                mine: userModel.Mine(context: context)))
                     .Where(o => !ss.FormulaTarget(o.ColumnName)))
            {
                switch (column.ColumnName)
                {
                case "LoginId":
                    if (userModel.LoginId_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "GlobalId":
                    if (userModel.GlobalId_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Name":
                    if (userModel.Name_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "UserCode":
                    if (userModel.UserCode_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Password":
                    if (userModel.Password_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LastName":
                    if (userModel.LastName_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "FirstName":
                    if (userModel.FirstName_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Birthday":
                    if (userModel.Birthday_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Gender":
                    if (userModel.Gender_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Language":
                    if (userModel.Language_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "TimeZone":
                    if (userModel.TimeZone_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "DeptId":
                    if (userModel.DeptId_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Theme":
                    if (userModel.Theme_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "FirstAndLastNameOrder":
                    if (userModel.FirstAndLastNameOrder_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Body":
                    if (userModel.Body_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LastLoginTime":
                    if (userModel.LastLoginTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "PasswordExpirationTime":
                    if (userModel.PasswordExpirationTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "PasswordChangeTime":
                    if (userModel.PasswordChangeTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "NumberOfLogins":
                    if (userModel.NumberOfLogins_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "NumberOfDenial":
                    if (userModel.NumberOfDenial_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "TenantManager":
                    if (userModel.TenantManager_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "AllowCreationAtTopSite":
                    if (userModel.AllowCreationAtTopSite_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "AllowGroupAdministration":
                    if (userModel.AllowGroupAdministration_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "AllowGroupCreation":
                    if (userModel.AllowGroupCreation_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "AllowApi":
                    if (userModel.AllowApi_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Disabled":
                    if (userModel.Disabled_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Lockout":
                    if (userModel.Lockout_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LockoutCounter":
                    if (userModel.LockoutCounter_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "ApiKey":
                    if (userModel.ApiKey_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "SecondaryAuthenticationCode":
                    if (userModel.SecondaryAuthenticationCode_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "SecondaryAuthenticationCodeExpirationTime":
                    if (userModel.SecondaryAuthenticationCodeExpirationTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "LdapSearchRoot":
                    if (userModel.LdapSearchRoot_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "SynchronizedTime":
                    if (userModel.SynchronizedTime_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                case "Comments":
                    if (userModel.Comments_Updated(context: context))
                    {
                        return(new ErrorData(type: Error.Types.HasNotPermission));
                    }
                    break;

                default:
                    switch (Def.ExtendedColumnTypes.Get(column.Name))
                    {
                    case "Class":
                        if (userModel.Class_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Num":
                        if (userModel.Num_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Date":
                        if (userModel.Date_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Description":
                        if (userModel.Description_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Check":
                        if (userModel.Check_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;

                    case "Attachments":
                        if (userModel.Attachments_Updated(
                                columnName: column.Name,
                                context: context,
                                column: column))
                        {
                            return(new ErrorData(type: Error.Types.HasNotPermission));
                        }
                        break;
                    }
                    break;
                }
            }
            return(new ErrorData(type: Error.Types.None));
        }