private void UpdateEditAllRole()
{
using (IObjectSpace os = ObjectSpace.CreateNestedObjectSpace()) {
csCSecurityRole EditAllRole = os.FindObject <csCSecurityRole>(
new BinaryOperator("Name", ConfigurationManager.AppSettings["SecurityGroups.EditAllRole"]), true);
if (EditAllRole == null)
{
EditAllRole = os.CreateObject <csCSecurityRole>();
EditAllRole.Name = ConfigurationManager.AppSettings["SecurityGroups.EditAllRole"];
}
EditAllRole.BeginUpdate();
//
EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Read);
EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Write);
EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Create);
EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Delete);
EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Navigate);
//
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Read);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Write);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Create);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Delete);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Navigate);
//
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Read);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Write);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Create);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Delete);
EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Navigate);
//
EditAllRole.EndUpdate();
os.CommitChanges();
}
}
/// <summary>
/// Обновим права администратора, для политики Windows Autentication пользователь с административными
/// правами создается автоматически, а вот список прав не обновляется
/// Паша!!! Реализация не учитывает вариантов в системе безопасности и использует стандартный класс роли
/// или его производные
/// </summary>
private void UpdateAdminRole()
{
using (IObjectSpace os = ObjectSpace.CreateNestedObjectSpace()) {
csCSecurityRole administratorRole = os.FindObject <csCSecurityRole>(
new BinaryOperator("Name", SecurityStrategy.AdministratorRoleName), true);
if (administratorRole == null)
{
administratorRole = os.CreateObject <csCSecurityRole>();
administratorRole.Name = SecurityStrategy.AdministratorRoleName;
ModelOperationPermissionData modelPermission =
os.CreateObject <ModelOperationPermissionData>();
administratorRole.PersistentPermissions.Add(modelPermission);
}
administratorRole.BeginUpdate();
administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Read);
administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Write);
administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Create);
administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Delete);
administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Navigate);
administratorRole.EndUpdate();
if (administratorRole.Users.Count == 0)
{
// Паша !!! Неустойчивый вариант, нужен код определяющий тип User по конфигу Application
csCSecurityUser user = os.FindObject <csCSecurityUser>(
new BinaryOperator("UserName", ConfigurationManager.AppSettings["DefaultAdminName"]));
if (user != null)
{
user.Roles.Add(administratorRole);
}
}
os.CommitChanges();
}
}
/// <summary>
/// Получение головной группы бухгалтерии, содержащей группы простые группы сотрудников бухгалтерии
/// </summary>
/// <param name="session"></param>
/// <returns></returns>
public static csCSecurityRole GetMainBuhRole(IObjectSpace os)
{
csCSecurityRole mainBuhRole = fmCSettingsFinance.GetInstance(((ObjectSpace)os).Session).MainBuhRole;
if (mainBuhRole == null)
{
throw new Exception("Main role for buh. groups is not defined. See Settings --> Finance setting.");
}
return(mainBuhRole);
}
private void UpdateNullRightRole()
{
using (IObjectSpace os = ObjectSpace.CreateNestedObjectSpace()) {
csCSecurityRole NullRightRole = os.FindObject <csCSecurityRole>(
new BinaryOperator("Name", ConfigurationManager.AppSettings["SecurityGroups.NullRightRole"]), true);
if (NullRightRole == null)
{
NullRightRole = os.CreateObject <csCSecurityRole>();
NullRightRole.Name = ConfigurationManager.AppSettings["SecurityGroups.NullRightRole"];
}
NullRightRole.BeginUpdate();
//
NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Read);
NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Navigate);
NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Write);
NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Create);
NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Delete);
//
NullRightRole.EndUpdate();
os.CommitChanges();
}
}
static public IList <csCSecurityRole> GetActualRoles(Session session, csCSecurityUser user)
{
if (user.Session != session)
{
throw new ArgumentException("Not valid Session for user object");
}
IList <csCSecurityRole> roles = new List <csCSecurityRole>(user.Roles.Count);
csCSecurityRole mainBuhRole = fmCSettingsFinance.GetInstance(session).MainBuhRole;
if (mainBuhRole != null)
{
IList <csCSecurityRole> valid_roles = mainBuhRole.ChildRoles;
foreach (csCSecurityRole role in user.Roles)
{
if (valid_roles.Contains(role))
{
roles.Add(role);
}
}
}
return(roles);
}
protected override void OnActivated()
{
base.OnActivated();
novc = Frame.GetController <NewObjectViewController>();
if (novc != null)
{
bool exists = false;
for (int i = 0; i < novc.NewObjectAction.Items.Count; i++)
{
if (novc.NewObjectAction.Items[i].Id == idCustom)
{
exists = true;
break;
}
}
if (!exists && novc.NewObjectAction.Items.Count > 0)
{
// Смена заголовка на кнопке создания пустой служебной записки
novc.NewObjectAction.Items[0].Caption = captionStandart;
// Создать по образцу
ChoiceActionItem NewByTemplate = new ChoiceActionItem(idCustom, captionCustom, novc.NewObjectAction.Items[0].Data);
NewByTemplate.ImageName = novc.NewObjectAction.Items[0].ImageName;
novc.NewObjectAction.Items.Add(NewByTemplate);
/*
* // Сохранить как шаблон
* ChoiceActionItem SaveTemplate = new ChoiceActionItem(idSaveAsTemplate, captionCustomAsTemplate, novc.NewObjectAction.Items[0].Data);
* SaveTemplate.ImageName = novc.NewObjectAction.Items[0].ImageName;
* novc.NewObjectAction.Items.Add(SaveTemplate);
*/
}
novc.NewObjectAction.Execute += new SingleChoiceActionExecuteEventHandler(CustomNewActionController_Execute);
// Настройка способа реакции на кнопке
novc.NewObjectAction.ShowItemsOnClick = !(novc.NewObjectAction.Items.Count < 2);
}
View.CurrentObjectChanged += new EventHandler(View_CurrentObjectChanged);
View.ObjectSpace.ObjectChanged += new EventHandler <ObjectChangedEventArgs>(ObjectSpace_ObjectChanged);
View.ObjectSpace.ObjectSaved += new EventHandler <ObjectManipulatingEventArgs>(ObjectSpace_ObjectSaved);
EnableButton();
psbc = Frame.GetController <PrintSelectionBaseController>();
if (psbc != null)
{
psbc.ShowInReportAction.SelectionDependencyType = SelectionDependencyType.RequireSingleObject;
}
// Настройка фильтров
csCSecurityUser user = SecuritySystem.CurrentUser as csCSecurityUser;
//csCSecurityUser user = ObjectSpace.FindObject<csCSecurityUser>(new BinaryOperator("UserName", "PERSONAL\\12222"));
user = ObjectSpace.GetObjectByKey <csCSecurityUser>(user.Oid);
if ((View is ListView) & (View.ObjectTypeInfo.Type == typeof(fmPaymentRequestMemorandum)))
{
csCSecurityRole administratorRole = ObjectSpace.FindObject <csCSecurityRole>(new BinaryOperator("Name", SecurityStrategy.AdministratorRoleName), true);
CriteriaOperator criteriaOr = null;
if (user != null && administratorRole != null)
{
bool isAdmin = false;
foreach (var role in user.Roles)
{
if (role.Name == SecurityStrategy.AdministratorRoleName)
{
isAdmin = true;
break;
}
}
if (!isAdmin)
{
// if (true) {
/*
* // Список пользователей, ассоциированных с группами текущего пользователя
* List<csCSecurityUser> userList = new List<csCSecurityUser>();
* foreach (csCSecurityRole role in GetMainBuhRole(ObjectSpace).ChildRoles) {
* if (user.Roles.IndexOf(role) != -1) {
* foreach (SecurityUserWithRolesBase userOfGroupBase in role.Users) {
* csCSecurityUser userOfGroup = userOfGroupBase as csCSecurityUser;
* if (userOfGroup != null && !userList.Contains(userOfGroup)) {
* userList.Add(userOfGroup);
* }
* }
* }
* }
*
* // Список всех доступных служебных записок reqMemoListTotal
* List<fmPaymentRequestMemorandum> reqMemoListTotal = new List<fmPaymentRequestMemorandum>();
* foreach (csCSecurityUser person in userList) {
* XPQuery<fmPaymentRequestMemorandum> RMs = new XPQuery<fmPaymentRequestMemorandum>(((ObjectSpace)ObjectSpace).Session);
* List<fmPaymentRequestMemorandum> queryRM = (from rm in RMs
* where rm.Creator == person
* //&& user.Roles.IndexOf(rm.OwnerRole) != 0
* select rm).ToList();
* foreach (fmPaymentRequestMemorandum rm in queryRM) {
* if (user.Roles.IndexOf(rm.OwnerRole) != -1) {
* reqMemoListTotal.Add(rm);
* }
* }
* //reqMemoListTotal.AddRange(queryRM);
* }
*
* Guid[] reqMemoIdListTotal = (from r in reqMemoListTotal
* select r.Oid).ToArray();
*/
//CriteriaOperator UserHasAdminRole = CriteriaOperator.Parse("Creator.Roles[Name = 'Administrator'].Count() > 0");
//CriteriaOperator isTemplate = CriteriaOperator.Parse("State == 'TEMPLATE'");
criteriaOr = CriteriaOperator.Or
(
new BinaryOperator(new OperandProperty("FBKReceiver"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
, new BinaryOperator(new OperandProperty("Creator"), new ConstantValue(user), BinaryOperatorType.Equal)
, new BinaryOperator(new OperandProperty("Requester"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
, new BinaryOperator(new OperandProperty("FirstSignaturePerson"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
, new BinaryOperator(new OperandProperty("SecondSignaturePerson"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
//,isTemplate
, new InOperator("OwnerRole", fmCPRPaymentRequestBusinesLogic.GetActualRoles(ObjectSpace, user).ToArray())
);
}
}
((ListView)View).CollectionSource.Criteria["MemorandumFilter"] = criteriaOr;
}
}