private void butOK_Click(object sender, System.EventArgs e)
{
Userod selectedUser = (Userod)listUser.SelectedItem;
if (selectedUser.Password != "")
{
if (!Userods.CheckPassword(textPassword.Text, selectedUser.Password))
{
MsgBox.Show(this, "Incorrect password");
return;
}
//if (selectedUser.UserGroupNum == 1) this works to elevate privs to admin
if (GroupPermissions.HasPermission(selectedUser.UserGroupNum, Permissions.AnesthesiaControlMeds))
{
DialogResult = DialogResult.OK;
Security.CurUser = (Userod)listUser.SelectedItem;
return;
}
else
{
MessageBox.Show(this, "You must be an administrator to unlock this action");
}
return;
}
}
///<summary>Checks to see if current user is authorized. It also checks any date restrictions. If not authorized, it gives a Message box saying so and returns false.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage)
{
if (Security.CurUser != null && GroupPermissions.HasPermission(Security.CurUser.UserGroupNum, perm))
{
if (GroupPermissions.PermTakesDates(perm))
{
DateTime dateLimit = GetDateLimit(perm, Security.CurUser.UserGroupNum);
if (date <= dateLimit) //not authorized
{
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n"
+ Lan.g("Security", "Date limitation"));
}
return(false);
}
return(true);
}
//doesn't take a date
return(true);
}
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm));
}
return(false);
}
private void FillList()
{
UserGroups.RefreshCache();
listGroups.Items.Clear();
_listUserGroups = UserGroups.GetWhere(x => IsAdminMode || !GroupPermissions.HasPermission(x.UserGroupNum, Permissions.SecurityAdmin, 0));
for (int i = 0; i < _listUserGroups.Count; i++)
{
listGroups.Items.Add(_listUserGroups[i].Description);
}
}
///<summary>Gives the current usergroup all permissions. There should only be one usergroup selected when this is called. Throws exceptions.</summary>
public void SetAll()
{
if (_listUserGroupNums.Count != 1)
{
throw new Exception("SetAll may not be called when multiple usergroups are selected.");
}
GroupPermission perm;
for (int i = 0; i < Enum.GetNames(typeof(Permissions)).Length; i++)
{
if (i == (int)Permissions.SecurityAdmin ||
i == (int)Permissions.StartupMultiUserOld ||
i == (int)Permissions.StartupSingleUserOld ||
i == (int)Permissions.EhrKeyAdd)
{
continue;
}
perm = GroupPermissions.GetPerm(_listUserGroupNums.First(), (Permissions)i);
if (perm == null)
{
perm = new GroupPermission();
perm.PermType = (Permissions)i;
perm.UserGroupNum = _listUserGroupNums.First();
try {
GroupPermissions.Insert(perm);
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
}
}
}
//add all the report permissions as well
List <DisplayReport> _listDisplayReportAll = DisplayReports.GetAll(false);
foreach (DisplayReport report in _listDisplayReportAll)
{
if (GroupPermissions.HasPermission(_listUserGroupNums.First(), Permissions.Reports, report.DisplayReportNum))
{
continue; //don't bother creating or adding the permission if the usergroup already has it.
}
perm = new GroupPermission();
perm.NewerDate = DateTime.MinValue;
perm.NewerDays = 0;
perm.PermType = Permissions.Reports;
perm.UserGroupNum = _listUserGroupNums.First();
perm.FKey = report.DisplayReportNum;
try {
GroupPermissions.Insert(perm);
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
}
}
FillTreePerm();
}
private void butAdjustQtys_Click(object sender, EventArgs e)
{
Userod curUser = Security.CurUser;
if (GroupPermissions.HasPermission(curUser.UserGroupNum, Permissions.AnesthesiaControlMeds))
{
FormAnesthMedsEdit FormA = new FormAnesthMedsEdit();
AnesthMedsInventory med = new AnesthMedsInventory();
med.IsNew = true;
FormA.ShowDialog();
return;
}
else
{
MessageBox.Show(Lan.g(this, "You must be an administrator to unlock this action"));
return;
}
}
private void FormGlobalSecurity_Load(object sender, EventArgs e)
{
textLogOffAfterMinutes.Text = PrefC.GetInt(PrefName.SecurityLogOffAfterMinutes).ToString();
checkAllowLogoffOverride.Checked = PrefC.GetBool(PrefName.SecurityLogOffAllowUserOverride);
checkPasswordsMustBeStrong.Checked = PrefC.GetBool(PrefName.PasswordsMustBeStrong);
checkPasswordsStrongIncludeSpecial.Checked = PrefC.GetBool(PrefName.PasswordsStrongIncludeSpecial);
checkPasswordForceWeakToStrong.Checked = PrefC.GetBool(PrefName.PasswordsWeakChangeToStrong);
checkTimecardSecurityEnabled.Checked = PrefC.GetBool(PrefName.TimecardSecurityEnabled);
checkCannotEditOwn.Checked = PrefC.GetBool(PrefName.TimecardUsersDontEditOwnCard);
checkCannotEditOwn.Enabled = checkTimecardSecurityEnabled.Checked;
checkDomainLoginEnabled.Checked = PrefC.GetBool(PrefName.DomainLoginEnabled);
textDomainLoginPath.ReadOnly = !checkDomainLoginEnabled.Checked;
textDomainLoginPath.Text = PrefC.GetString(PrefName.DomainLoginPath);
checkLogOffWindows.Checked = PrefC.GetBool(PrefName.SecurityLogOffWithWindows);
checkUserNameManualEntry.Checked = PrefC.GetBool(PrefName.UserNameManualEntry);
if (PrefC.GetDate(PrefName.BackupReminderLastDateRun).ToShortDateString() == DateTime.MaxValue.AddMonths(-1).ToShortDateString())
{
checkDisableBackupReminder.Checked = true;
}
if (PrefC.GetInt(PrefName.SecurityLockDays) > 0)
{
textDaysLock.Text = PrefC.GetInt(PrefName.SecurityLockDays).ToString();
}
if (PrefC.GetDate(PrefName.SecurityLockDate).Year > 1880)
{
textDateLock.Text = PrefC.GetDate(PrefName.SecurityLockDate).ToShortDateString();
}
if (PrefC.GetBool(PrefName.CentralManagerSecurityLock))
{
butChange.Enabled = false;
labelGlobalDateLockDisabled.Visible = true;
}
List <UserGroup> listGroupsNotAdmin = UserGroups.GetList().FindAll(x => !GroupPermissions.HasPermission(x.UserGroupNum, Permissions.SecurityAdmin, 0));
for (int i = 0; i < listGroupsNotAdmin.Count; i++)
{
comboGroups.Items.Add(listGroupsNotAdmin[i].Description, listGroupsNotAdmin[i]);
if (PrefC.GetLong(PrefName.DefaultUserGroup) == listGroupsNotAdmin[i].UserGroupNum)
{
comboGroups.SelectedIndex = i;
}
}
}
private void gridAnesthMedsInventory_CellDoubleClick(object sender, ODGridClickEventArgs e)
{
Userod curUser = Security.CurUser;
if (GroupPermissions.HasPermission(curUser.UserGroupNum, Permissions.AnesthesiaControlMeds))
{
FormAnesthMedsEdit FormME = new FormAnesthMedsEdit();
FormME.Med = listAnestheticMeds[e.Row];
FormME.ShowDialog();
if (FormME.DialogResult == DialogResult.OK)
{
FillGrid();
}
return;
}
else
{
MessageBox.Show(Lan.g(this, "You must be an administrator with rights to control anesthetic medication inventory levels to unlock this action"));
return;
}
}
///<summary>Checks to see if current user is authorized. It also checks any date restrictions. If not authorized, it gives a Message box saying so and returns false.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage)
{
if (Security.CurUser == null || !GroupPermissions.HasPermission(Security.CurUser.UserGroupNum, perm))
{
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefB.GetDate("AccountingLockDate"))
{
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Locked by Administrator."));
}
return(false);
}
}
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
DateTime dateLimit = GetDateLimit(perm, Security.CurUser.UserGroupNum);
if (date > dateLimit) //authorized
{
return(true);
}
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lan.g("Security", "Date limitation"));
}
return(false);
}
///<summary>Toggles permissions based on the node the user has clicked.
///Will do nothing if in Read-Only mode or more than one usergroup is selected.</summary>
private void treePermissions_MouseDown(object sender, System.Windows.Forms.MouseEventArgs e)
{
if (ReadOnly || _listUserGroupNums.Count != 1)
{
return;
}
_clickedPermNode = treePermissions.GetNodeAt(e.X, e.Y);
if (_clickedPermNode == null)
{
return;
}
//Do nothing if the user didn't click on a check box.
if (_clickedPermNode.Parent == null) //level 1
{
if (e.X < 5 || e.X > 17)
{
return;
}
}
else if (_clickedPermNode.Parent.Parent == null) //level 2
{
if (e.X < 24 || e.X > 36)
{
return;
}
}
else if (_clickedPermNode.Parent.Parent.Parent == null) //level 3
{
if (e.X < 43 || e.X > 55)
{
return;
}
}
//User clicked on a check box. Do stuff.
if (_clickedPermNode.ImageIndex == 1) //unchecked, so need to add a permission
{
GroupPermission perm = new GroupPermission();
perm.PermType = (Permissions)_clickedPermNode.Tag;
perm.UserGroupNum = _listUserGroupNums.First();
if (GroupPermissions.PermTakesDates(perm.PermType))
{
perm.IsNew = true;
//Call an event that bubbles back up to the calling Form. The event returns a dialog result so we know how to continue here.
DialogResult result = GroupPermissionChecked?.Invoke(sender, new SecurityEventArgs(perm)) ?? DialogResult.Cancel;
if (result == DialogResult.Cancel)
{
treePermissions.EndUpdate();
return;
}
}
else if (perm.PermType == Permissions.Reports) //Reports permission is being checked.
//Call an event that bubbles back up to the calling Form. The event returns a dialog result so we know how to continue here.
{
DialogResult result = ReportPermissionChecked?.Invoke(sender, new SecurityEventArgs(perm)) ?? DialogResult.Cancel;
if (result == DialogResult.Cancel)
{
treePermissions.EndUpdate();
return;
}
}
else
{
try {
GroupPermissions.Insert(perm);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + perm.PermType + "' granted to '"
+ UserGroups.GetGroup(perm.UserGroupNum).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
if (perm.PermType.In(Permissions.ProcComplEdit, Permissions.ProcExistingEdit))
{
//Adding ProcComplEdit full, so add ProcComplEditlimited too.
//Do the same for EO and EC procs
GroupPermission permLimited = GroupPermissions.GetPerm(_listUserGroupNums.First(), Permissions.ProcComplEditLimited);
if (permLimited == null)
{
GroupPermissions.RefreshCache(); //refresh NewerDays/Date to add the same for ProcComplEditLimited
perm = GroupPermissions.GetPerm(_listUserGroupNums.First(), perm.PermType);
permLimited = new GroupPermission();
permLimited.NewerDate = perm.NewerDate;
permLimited.NewerDays = perm.NewerDays;
permLimited.UserGroupNum = perm.UserGroupNum;
permLimited.PermType = Permissions.ProcComplEditLimited;
try {
GroupPermissions.Insert(permLimited);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + perm.PermType + "' granted to '"
+ UserGroups.GetGroup(perm.UserGroupNum).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
}
}
else if (_clickedPermNode.ImageIndex == 2) //checked, so need to delete the perm
{
try {
GroupPermissions.RemovePermission(_listUserGroupNums.First(), (Permissions)_clickedPermNode.Tag);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + _clickedPermNode.Tag + "' revoked from '"
+ UserGroups.GetGroup(_listUserGroupNums.First()).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
if ((Permissions)_clickedPermNode.Tag == Permissions.ProcComplEditLimited)
{
//Deselecting ProcComplEditLimted, deselect ProcComplEdit and ProcExistingEdit permissions if present.
List <Permissions> listPermissions = new List <Permissions>();
if (GroupPermissions.HasPermission(_listUserGroupNums.First(), Permissions.ProcComplEdit, 0))
{
listPermissions.Add(Permissions.ProcComplEdit);
}
if (GroupPermissions.HasPermission(_listUserGroupNums.First(), Permissions.ProcExistingEdit, 0))
{
listPermissions.Add(Permissions.ProcExistingEdit);
}
listPermissions.ForEach(x => {
try {
GroupPermissions.RemovePermission(_listUserGroupNums.First(), x);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + _clickedPermNode.Tag + "' revoked from '"
+ UserGroups.GetGroup(_listUserGroupNums.First()).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
});
}
}
else if (_clickedPermNode.ImageIndex == 3) //Partially checked (currently only applies to Reports permission)
{
try {
GroupPermissions.RemovePermission(_listUserGroupNums.First(), (Permissions)_clickedPermNode.Tag);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + _clickedPermNode.Tag + "' revoked from '"
+ UserGroups.GetGroup(_listUserGroupNums.First()).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
if ((Permissions)_clickedPermNode.Tag == Permissions.AccountProcsQuickAdd)
{
string programName = PrefC.GetString(PrefName.SoftwareName);
MsgBox.Show(this, programName + " needs to be restarted on workstations before the changes will take place.");
}
FillTreePerm();
}
