private async Task <bool> CanAccessEntity(string entityName, string entityId)
{
var result = false;
var id = Guid.Parse(entityId);
switch (entityName.ToLower())
{
case "account":
var account = await _dynamicsClient.GetAccountById(id);
result = account != null && CurrentUserHasAccessToApplicationOwnedBy(account.Accountid);
break;
case "application":
var application = await _dynamicsClient.GetApplicationById(id);
result = application != null && CurrentUserHasAccessToApplicationOwnedBy(application._adoxioApplicantValue);
break;
case "contact":
var contact = await _dynamicsClient.GetContactById(id);
result = contact != null && CurrentUserHasAccessToContactOwnedBy(contact.Contactid);
break;
case "worker":
var worker = await _dynamicsClient.GetWorkerById(id);
result = worker != null && CurrentUserHasAccessToContactOwnedBy(worker._adoxioContactidValue);
break;
default:
break;
}
return(result);
}
public async Task <JsonResult> CreateApplicationForAction(string licenceId, string applicationTypeName)
{
// for association with current user
string userJson = _httpContextAccessor.HttpContext.Session.GetString("UserSettings");
UserSettings userSettings = JsonConvert.DeserializeObject <UserSettings>(userJson);
var expand = new List <string> {
"adoxio_Licencee",
"adoxio_LicenceType",
"adoxio_adoxio_licences_adoxio_applicationtermsconditionslimitation_Licence",
"adoxio_adoxio_licences_adoxio_application_AssignedLicence",
"adoxio_establishment"
};
MicrosoftDynamicsCRMadoxioLicences adoxioLicense = _dynamicsClient.Licenceses.GetByKey(licenceId, expand: expand);
if (adoxioLicense == null)
{
throw new Exception("Error getting license.");
}
else
{
var adoxioLicencetype = _dynamicsClient.GetAdoxioLicencetypeByName(applicationTypeName);
MicrosoftDynamicsCRMadoxioApplication application = new MicrosoftDynamicsCRMadoxioApplication()
{
// START WITH BLANK FIELDS.
};
application.CopyValuesForChangeOfLocation(adoxioLicense, applicationTypeName != "CRS Location Change");
// get the previous application for the licence.
application.AdoxioApplicanttype = adoxioLicense.AdoxioLicencee.AdoxioBusinesstype;
// set applicaiton type relationship
var applicationType = _dynamicsClient.GetApplicationTypeByName(applicationTypeName);
application.AdoxioApplicationTypeIdODataBind = _dynamicsClient.GetEntityURI("adoxio_applicationtypes", applicationType.AdoxioApplicationtypeid);
// set license type relationship
application.AdoxioLicenceTypeODataBind = _dynamicsClient.GetEntityURI("adoxio_licencetypes", adoxioLicense.AdoxioLicenceType.AdoxioLicencetypeid);
application.AdoxioApplicantODataBind = _dynamicsClient.GetEntityURI("accounts", userSettings.AccountId);
application.AdoxioLicenceEstablishmentODataBind = _dynamicsClient.GetEntityURI("adoxio_establishments", adoxioLicense.AdoxioEstablishment.AdoxioEstablishmentid);
try
{
application = _dynamicsClient.Applications.Create(application);
}
catch (HttpOperationException httpOperationException)
{
string applicationId = _dynamicsClient.GetCreatedRecord(httpOperationException, null);
if (!string.IsNullOrEmpty(applicationId) && Guid.TryParse(applicationId, out Guid applicationGuid))
{
application = await _dynamicsClient.GetApplicationById(applicationGuid);
}
else
{
_logger.LogError(httpOperationException, "Error creating application");
// fail if we can't create.
throw (httpOperationException);
}
}
// now bind the new application to the given licence.
var patchApplication = new MicrosoftDynamicsCRMadoxioApplication()
{
AdoxioAssignedLicenceODataBind = _dynamicsClient.GetEntityURI("adoxio_licenceses", licenceId)
};
try
{
_dynamicsClient.Applications.Update(application.AdoxioApplicationid, patchApplication);
}
catch (HttpOperationException httpOperationException)
{
_logger.LogError(httpOperationException, "Error updating application");
}
return(new JsonResult(await application.ToViewModel(_dynamicsClient)));
}
}
public async Task <IActionResult> CreateApplication([FromBody] ViewModels.Application item)
{
// for association with current user
string userJson = _httpContextAccessor.HttpContext.Session.GetString("UserSettings");
UserSettings userSettings = JsonConvert.DeserializeObject <UserSettings>(userJson);
int count = GetSubmittedCountByApplicant(userSettings.AccountId);
if (count >= 8)
{
return(BadRequest("8 applications have already been submitted. Can not create more"));
}
MicrosoftDynamicsCRMadoxioApplication adoxioApplication = new MicrosoftDynamicsCRMadoxioApplication();
// copy received values to Dynamics Application
adoxioApplication.CopyValues(item);
adoxioApplication.AdoxioApplicanttype = (int?)item.ApplicantType;
try
{
var adoxioLicencetype = _dynamicsClient.GetAdoxioLicencetypeByName(item.LicenseType);
// set license type relationship
adoxioApplication.AdoxioLicenceTypeODataBind = _dynamicsClient.GetEntityURI("adoxio_licencetypes", adoxioLicencetype.AdoxioLicencetypeid);
adoxioApplication.AdoxioApplicantODataBind = _dynamicsClient.GetEntityURI("accounts", userSettings.AccountId);
adoxioApplication = _dynamicsClient.Applications.Create(adoxioApplication);
}
catch (OdataerrorException odee)
{
string applicationId = _dynamicsClient.GetCreatedRecord(odee, null);
if (!string.IsNullOrEmpty(applicationId) && Guid.TryParse(applicationId, out Guid applicationGuid))
{
adoxioApplication = await _dynamicsClient.GetApplicationById(applicationGuid);
}
else
{
_logger.LogError("Error creating application");
_logger.LogError("Request:");
_logger.LogError(odee.Request.Content);
_logger.LogError("Response:");
_logger.LogError(odee.Response.Content);
// fail if we can't create.
throw (odee);
}
}
// in case the job number is not there, try getting the record from the server.
if (adoxioApplication.AdoxioJobnumber == null)
{
_logger.LogError("AdoxioJobnumber is null, fetching record again.");
Guid id = Guid.Parse(adoxioApplication.AdoxioApplicationid);
adoxioApplication = await _dynamicsClient.GetApplicationById(id);
}
if (adoxioApplication.AdoxioJobnumber == null)
{
_logger.LogError("Unable to get the Job Number for the Application.");
throw new Exception("Error creating Licence Application.");
}
await initializeSharepoint(adoxioApplication);
return(Json(await adoxioApplication.ToViewModel(_dynamicsClient)));
}
/// <summary>
/// Returns true if the current user can access the entity
/// </summary>
/// <param name="entityName"></param>
/// <param name="entityId"></param>
/// <param name="isDelete">Some access rules are different for deletes</param>
/// <returns></returns>
private async Task <bool> CanAccessEntity(string entityName, string entityId, string relativeUrl, bool isDelete = false)
{
var result = false;
var id = Guid.Parse(entityId);
string folderName = null;
switch (entityName.ToLower())
{
case "account":
var account = await _dynamicsClient.GetAccountByIdAsync(id).ConfigureAwait(true);
if (account != null)
{
result = CurrentUserHasAccessToAccount(account.Accountid);
folderName = account.GetDocumentFolderName();
}
break;
case "application":
var application = await _dynamicsClient.GetApplicationById(id).ConfigureAwait(true);
if (application != null)
{
result = CurrentUserHasAccessToAccount(application._adoxioApplicantValue);
var allowLGAccess = await CurrentUserIsLGForApplication(application);
result = result || allowLGAccess && !isDelete;
folderName = application.GetDocumentFolderName();
}
break;
case "contact":
var contact = await _dynamicsClient.GetContactById(id).ConfigureAwait(true);
if (contact != null)
{
result = CurrentUserHasAccessToContactOwnedBy(contact.Contactid);
folderName = contact.GetDocumentFolderName();
}
break;
case "worker":
var worker = await _dynamicsClient.GetWorkerById(id).ConfigureAwait(true);
if (worker != null)
{
result = CurrentUserHasAccessToContactOwnedBy(worker._adoxioContactidValue);
folderName = worker.GetDocumentFolderName();
}
break;
case "event":
var eventEntity = _dynamicsClient.GetEventById(id);
if (eventEntity != null)
{
result = CurrentUserHasAccessToAccount(eventEntity._adoxioAccountValue);
folderName = eventEntity.GetDocumentFolderName();
}
break;
}
if (folderName != null && result && relativeUrl != null) // do a case insensitive comparison of the first part.
{
int slashPos = relativeUrl.IndexOf("/");
if (slashPos != -1 && slashPos < relativeUrl.Length)
{
slashPos = relativeUrl.IndexOf("/", slashPos + 1);
}
result = relativeUrl.ToUpper().Substring(slashPos + 1).StartsWith(folderName.ToUpper());
}
return(result);
}