Пример #1
0
 private void UpdateEditAllRole()
 {
     using (IObjectSpace os = ObjectSpace.CreateNestedObjectSpace()) {
         csCSecurityRole EditAllRole = os.FindObject <csCSecurityRole>(
             new BinaryOperator("Name", ConfigurationManager.AppSettings["SecurityGroups.EditAllRole"]), true);
         if (EditAllRole == null)
         {
             EditAllRole      = os.CreateObject <csCSecurityRole>();
             EditAllRole.Name = ConfigurationManager.AppSettings["SecurityGroups.EditAllRole"];
         }
         EditAllRole.BeginUpdate();
         //
         EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Read);
         EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Write);
         EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Create);
         EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Delete);
         EditAllRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Navigate);
         //
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Read);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Write);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Create);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Delete);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityRole), SecurityOperations.Navigate);
         //
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Read);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Write);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Create);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Delete);
         EditAllRole.Permissions.DenyRecursive(typeof(IntecoAG.ERM.CS.Security.csCSecurityUser), SecurityOperations.Navigate);
         //
         EditAllRole.EndUpdate();
         os.CommitChanges();
     }
 }
Пример #2
0
 /// <summary>
 /// Обновим права администратора, для политики Windows Autentication пользователь с административными
 /// правами создается автоматически, а вот список прав не обновляется
 /// Паша!!! Реализация не учитывает вариантов в системе безопасности и использует стандартный класс роли
 /// или его производные
 /// </summary>
 private void UpdateAdminRole()
 {
     using (IObjectSpace os = ObjectSpace.CreateNestedObjectSpace()) {
         csCSecurityRole administratorRole = os.FindObject <csCSecurityRole>(
             new BinaryOperator("Name", SecurityStrategy.AdministratorRoleName), true);
         if (administratorRole == null)
         {
             administratorRole      = os.CreateObject <csCSecurityRole>();
             administratorRole.Name = SecurityStrategy.AdministratorRoleName;
             ModelOperationPermissionData modelPermission =
                 os.CreateObject <ModelOperationPermissionData>();
             administratorRole.PersistentPermissions.Add(modelPermission);
         }
         administratorRole.BeginUpdate();
         administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Read);
         administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Write);
         administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Create);
         administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Delete);
         administratorRole.Permissions.GrantRecursive(typeof(object), SecurityOperations.Navigate);
         administratorRole.EndUpdate();
         if (administratorRole.Users.Count == 0)
         {
             // Паша !!! Неустойчивый вариант, нужен код определяющий тип User по конфигу Application
             csCSecurityUser user = os.FindObject <csCSecurityUser>(
                 new BinaryOperator("UserName", ConfigurationManager.AppSettings["DefaultAdminName"]));
             if (user != null)
             {
                 user.Roles.Add(administratorRole);
             }
         }
         os.CommitChanges();
     }
 }
Пример #3
0
        /// <summary>
        /// Получение головной группы бухгалтерии, содержащей группы простые группы сотрудников бухгалтерии
        /// </summary>
        /// <param name="session"></param>
        /// <returns></returns>
        public static csCSecurityRole GetMainBuhRole(IObjectSpace os)
        {
            csCSecurityRole mainBuhRole = fmCSettingsFinance.GetInstance(((ObjectSpace)os).Session).MainBuhRole;

            if (mainBuhRole == null)
            {
                throw new Exception("Main role for buh. groups is not defined. See Settings --> Finance setting.");
            }
            return(mainBuhRole);
        }
Пример #4
0
 private void UpdateNullRightRole()
 {
     using (IObjectSpace os = ObjectSpace.CreateNestedObjectSpace()) {
         csCSecurityRole NullRightRole = os.FindObject <csCSecurityRole>(
             new BinaryOperator("Name", ConfigurationManager.AppSettings["SecurityGroups.NullRightRole"]), true);
         if (NullRightRole == null)
         {
             NullRightRole      = os.CreateObject <csCSecurityRole>();
             NullRightRole.Name = ConfigurationManager.AppSettings["SecurityGroups.NullRightRole"];
         }
         NullRightRole.BeginUpdate();
         //
         NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Read);
         NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Navigate);
         NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Write);
         NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Create);
         NullRightRole.Permissions.DenyRecursive(typeof(object), SecurityOperations.Delete);
         //
         NullRightRole.EndUpdate();
         os.CommitChanges();
     }
 }
        static public IList <csCSecurityRole> GetActualRoles(Session session, csCSecurityUser user)
        {
            if (user.Session != session)
            {
                throw new ArgumentException("Not valid Session for user object");
            }
            IList <csCSecurityRole> roles       = new List <csCSecurityRole>(user.Roles.Count);
            csCSecurityRole         mainBuhRole = fmCSettingsFinance.GetInstance(session).MainBuhRole;

            if (mainBuhRole != null)
            {
                IList <csCSecurityRole> valid_roles = mainBuhRole.ChildRoles;
                foreach (csCSecurityRole role in user.Roles)
                {
                    if (valid_roles.Contains(role))
                    {
                        roles.Add(role);
                    }
                }
            }
            return(roles);
        }
Пример #6
0
        protected override void OnActivated()
        {
            base.OnActivated();

            novc = Frame.GetController <NewObjectViewController>();
            if (novc != null)
            {
                bool exists = false;
                for (int i = 0; i < novc.NewObjectAction.Items.Count; i++)
                {
                    if (novc.NewObjectAction.Items[i].Id == idCustom)
                    {
                        exists = true;
                        break;
                    }
                }
                if (!exists && novc.NewObjectAction.Items.Count > 0)
                {
                    // Смена заголовка на кнопке создания пустой служебной записки
                    novc.NewObjectAction.Items[0].Caption = captionStandart;

                    // Создать по образцу
                    ChoiceActionItem NewByTemplate = new ChoiceActionItem(idCustom, captionCustom, novc.NewObjectAction.Items[0].Data);
                    NewByTemplate.ImageName = novc.NewObjectAction.Items[0].ImageName;
                    novc.NewObjectAction.Items.Add(NewByTemplate);

                    /*
                     * // Сохранить как шаблон
                     * ChoiceActionItem SaveTemplate = new ChoiceActionItem(idSaveAsTemplate, captionCustomAsTemplate, novc.NewObjectAction.Items[0].Data);
                     * SaveTemplate.ImageName = novc.NewObjectAction.Items[0].ImageName;
                     * novc.NewObjectAction.Items.Add(SaveTemplate);
                     */
                }
                novc.NewObjectAction.Execute += new SingleChoiceActionExecuteEventHandler(CustomNewActionController_Execute);

                // Настройка способа реакции на кнопке
                novc.NewObjectAction.ShowItemsOnClick = !(novc.NewObjectAction.Items.Count < 2);
            }

            View.CurrentObjectChanged += new EventHandler(View_CurrentObjectChanged);

            View.ObjectSpace.ObjectChanged += new EventHandler <ObjectChangedEventArgs>(ObjectSpace_ObjectChanged);
            View.ObjectSpace.ObjectSaved   += new EventHandler <ObjectManipulatingEventArgs>(ObjectSpace_ObjectSaved);

            EnableButton();

            psbc = Frame.GetController <PrintSelectionBaseController>();
            if (psbc != null)
            {
                psbc.ShowInReportAction.SelectionDependencyType = SelectionDependencyType.RequireSingleObject;
            }

            // Настройка фильтров
            csCSecurityUser user = SecuritySystem.CurrentUser as csCSecurityUser;

            //csCSecurityUser user = ObjectSpace.FindObject<csCSecurityUser>(new BinaryOperator("UserName", "PERSONAL\\12222"));

            user = ObjectSpace.GetObjectByKey <csCSecurityUser>(user.Oid);
            if ((View is ListView) & (View.ObjectTypeInfo.Type == typeof(fmPaymentRequestMemorandum)))
            {
                csCSecurityRole  administratorRole = ObjectSpace.FindObject <csCSecurityRole>(new BinaryOperator("Name", SecurityStrategy.AdministratorRoleName), true);
                CriteriaOperator criteriaOr        = null;
                if (user != null && administratorRole != null)
                {
                    bool isAdmin = false;
                    foreach (var role in user.Roles)
                    {
                        if (role.Name == SecurityStrategy.AdministratorRoleName)
                        {
                            isAdmin = true;
                            break;
                        }
                    }
                    if (!isAdmin)
                    {
//                    if (true) {

/*
 *                      // Список пользователей, ассоциированных с группами текущего пользователя
 *                      List<csCSecurityUser> userList = new List<csCSecurityUser>();
 *                      foreach (csCSecurityRole role in GetMainBuhRole(ObjectSpace).ChildRoles) {
 *                          if (user.Roles.IndexOf(role) != -1) {
 *                              foreach (SecurityUserWithRolesBase userOfGroupBase in role.Users) {
 *                                  csCSecurityUser userOfGroup = userOfGroupBase as csCSecurityUser;
 *                                  if (userOfGroup != null && !userList.Contains(userOfGroup)) {
 *                                      userList.Add(userOfGroup);
 *                                  }
 *                              }
 *                          }
 *                      }
 *
 *                      // Список всех доступных служебных записок reqMemoListTotal
 *                      List<fmPaymentRequestMemorandum> reqMemoListTotal = new List<fmPaymentRequestMemorandum>();
 *                      foreach (csCSecurityUser person in userList) {
 *                          XPQuery<fmPaymentRequestMemorandum> RMs = new XPQuery<fmPaymentRequestMemorandum>(((ObjectSpace)ObjectSpace).Session);
 *                          List<fmPaymentRequestMemorandum> queryRM = (from rm in RMs
 *                                                                      where rm.Creator == person
 *                                                                         //&& user.Roles.IndexOf(rm.OwnerRole) != 0
 *                                                                      select rm).ToList();
 *                          foreach (fmPaymentRequestMemorandum rm in queryRM) {
 *                              if (user.Roles.IndexOf(rm.OwnerRole) != -1) {
 *                                  reqMemoListTotal.Add(rm);
 *                              }
 *                          }
 *                          //reqMemoListTotal.AddRange(queryRM);
 *                      }
 *
 *                      Guid[] reqMemoIdListTotal = (from r in reqMemoListTotal
 *                                                   select r.Oid).ToArray();
 */
                        //CriteriaOperator UserHasAdminRole = CriteriaOperator.Parse("Creator.Roles[Name = 'Administrator'].Count() > 0");
                        //CriteriaOperator isTemplate = CriteriaOperator.Parse("State == 'TEMPLATE'");
                        criteriaOr = CriteriaOperator.Or
                                     (
                            new BinaryOperator(new OperandProperty("FBKReceiver"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
                            , new BinaryOperator(new OperandProperty("Creator"), new ConstantValue(user), BinaryOperatorType.Equal)
                            , new BinaryOperator(new OperandProperty("Requester"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
                            , new BinaryOperator(new OperandProperty("FirstSignaturePerson"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
                            , new BinaryOperator(new OperandProperty("SecondSignaturePerson"), new ConstantValue(user.Staff), BinaryOperatorType.Equal)
                            //,isTemplate
                            , new InOperator("OwnerRole", fmCPRPaymentRequestBusinesLogic.GetActualRoles(ObjectSpace, user).ToArray())
                                     );
                    }
                }
                ((ListView)View).CollectionSource.Criteria["MemorandumFilter"] = criteriaOr;
            }
        }