示例#1
0
        public InspectionResult Inspect(Core.Services.tmp.EntityOperation operation)
        {
            if (operation.IsEntity(EntityConsts.BibliographicListQuery) &&
                _securityService.HasModulePermission(_securityService.CurrentUser, BiblListModule.Id, Permissions.Use))
            {
                if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
                {
                    return(InspectionResult.Allow);
                }
                else if (operation is EntityUpdate)
                {
                    var update = operation as EntityUpdate;
                    if (update.IsCreate())
                    {
                        return(InspectionResult.Allow);
                    }
                    else if (update.IsEntity(EntityConsts.BibliographicListQuery))
                    {
                        var q = new EntityQuery2(User.ENTITY, _securityService.CurrentUser.Id);
                        q.WhereRelated(new RelationQuery(EntityConsts.BibliographicListQuery, Roles.Customer, update.Id.Value));
                        if (_repository.Read(q) != null)
                        {
                            return(InspectionResult.Allow);
                        }
                    }
                }
            }

            return(InspectionResult.None);
        }
示例#2
0
        private void SendIssueToSubscribers(EntityUpdate update)
        {
            var issueQuery = new EntityQuery2(EntityConsts.Issue, update.Id.Value);

            issueQuery.AllProperties = true;
            issueQuery.Include(EntityConsts.Magazine, Roles.Issue);
            issueQuery.Include(NbuLibrary.Core.Domain.File.ENTITY, Roles.Content);
            var issue            = _repository.Read(issueQuery);
            var magazine         = issue.GetSingleRelation(EntityConsts.Magazine, Roles.Issue).Entity;
            var subscribersQuery = new EntityQuery2(User.ENTITY);
            var relQuery         = new RelationQuery(EntityConsts.Magazine, Roles.Subscriber, magazine.Id);

            relQuery.RelationRules.Add(new Condition("IsActive", Condition.Is, true));
            subscribersQuery.WhereRelated(relQuery);
            subscribersQuery.AllProperties = true;
            var subscribers = _repository.Search(subscribersQuery).Select(e => new User(e));

            var contents = issue.GetManyRelations(NbuLibrary.Core.Domain.File.ENTITY, Roles.Content).Select(r => new File(r.Entity));

            var template = _templateService.Get(new Guid(NotificationTemplates.NEW_ISSUE));

            string subject = null, body = null;
            Dictionary <string, Entity> templateContext = new Dictionary <string, Entity>(StringComparer.InvariantCultureIgnoreCase);

            templateContext.Add("Magazine", magazine);
            templateContext.Add("Issue", issue);

            _templateService.Render(template, templateContext, out subject, out body);


            _notificationService.SendNotification(true, subscribers, subject, body, contents, new Relation[] { new Relation(Notification.ROLE, issue) });
        }
示例#3
0
        public bool HasAccess(User user, int fileId, FileAccessType accessType, Guid?token = null)
        {
            if (user.UserType == UserTypes.Admin)
            {
                return(true);
            }
            else if (_securityService.HasModulePermission(user, FilesModule.Id, Permissions.ManageAll))
            {
                return(true);
            }

            var q = new EntityQuery2(File.ENTITY, fileId);

            q.Include(User.ENTITY, Roles.Access);
            var relQuery = new RelationQuery(User.ENTITY, Roles.Access, user.Id);

            relQuery.RelationRules.Add(new Condition("Type", Condition.Is, accessType));
            q.WhereRelated(relQuery);

            var e = _repository.Read(q);

            if (e == null)
            {
                return(false);
            }

            var file = new File(e);

            if (file.Access == null)
            {
                return(false);
            }

            return(HasAccessInternal(user, file.Access, token));
        }
示例#4
0
        public void Before(Services.tmp.EntityOperation operation, EntityOperationContext context)
        {
            if (operation.IsEntity(Payment.ENTITY) && operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (update.IsCreate())
                {
                    List <int> usersToAttach = new List <int>();
                    foreach (var attach in update.RelationUpdates.Where(ru => ru.Operation == Services.tmp.RelationOperation.Attach))
                    {
                        var em          = _domainService.Domain.Entities[attach.Entity];
                        var customerRel = em.Relations[em.Name, User.ENTITY, Payment.ROLE_CUSTOMER];
                        if (customerRel != null && customerRel.TypeFor(User.ENTITY) == RelationType.OneToMany)
                        {
                            var q = new EntityQuery2(User.ENTITY);
                            q.WhereRelated(new RelationQuery(em.Name, customerRel.Role, attach.Id.Value));
                            var cust = _repository.Read(q);
                            if (cust != null)
                            {
                                usersToAttach.Add(cust.Id);
                            }
                        }
                    }

                    foreach (var id in usersToAttach)
                    {
                        update.Attach(User.ENTITY, Payment.ROLE_CUSTOMER, id);
                    }
                }
            }
        }
示例#5
0
        public void After(Core.Services.tmp.EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
        {
            if (!result.Success)
            {
                return;
            }

            var update = operation as EntityUpdate;

            if (operation.IsEntity(EntityConsts.BibliographicListQuery) && update != null && update.ContainsProperty("Status") && update.Get <QueryStatus>("Status") == QueryStatus.Completed)
            {
                var q = new EntityQuery2(EntityConsts.BibliographicListQuery, update.Id.Value)
                {
                    AllProperties = true
                };
                q.Include(User.ENTITY, Roles.Customer);
                var    biblListQuery = _repository.Read(q);
                var    user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity);
                var    template = _templateService.Get(new Guid(NotificationTemplates.QUERY_COMPLETED));
                string subject = null, body = null;
                Dictionary <string, Entity> templateContext = new Dictionary <string, Entity>(StringComparer.InvariantCultureIgnoreCase);
                templateContext.Add("Customer", user);
                templateContext.Add("Query", biblListQuery);

                _templateService.Render(template, templateContext, out subject, out body);
                var withEmail = biblListQuery.GetData <ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail;
                _notificationService.SendNotification(withEmail, new User[] { user }, subject, body, null, new Relation[] { new Relation(Notification.ROLE, biblListQuery) });
            }
            else if (operation.IsEntity(Payment.ENTITY) && update != null && update.ContainsProperty("Status") && update.Get <PaymentStatus>("Status") == PaymentStatus.Paid)
            {
                var q = new EntityQuery2(EntityConsts.BibliographicListQuery);
                q.AddProperties("Number");
                q.WhereRelated(new RelationQuery(Payment.ENTITY, Roles.Payment, update.Id.Value));
                q.Include(User.ENTITY, Roles.Customer);
                q.Include(File.ENTITY, Roles.File);
                var biblListQuery = _repository.Read(q);
                if (biblListQuery != null)
                {
                    var file = new File(biblListQuery.GetSingleRelation(File.ENTITY, Roles.File).Entity);
                    var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity);

                    var template = _templateService.Get(new Guid(NotificationTemplates.PAYMENT_COMPLETED));

                    string subject = null, body = null;
                    Dictionary <string, Entity> templateContext = new Dictionary <string, Entity>(StringComparer.InvariantCultureIgnoreCase);
                    templateContext.Add("Customer", user);
                    templateContext.Add("Query", biblListQuery);

                    _templateService.Render(template, templateContext, out subject, out body);

                    var withEmail = biblListQuery.GetData <ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail;
                    _notificationService.SendNotification(withEmail, new User[] { user }, subject, body, new File[] { file }, new Relation[] { new Relation(Notification.ROLE, biblListQuery) });
                    //_fileService.GrantAccess(file.Id, FileAccessType.Read, new User(biblQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity));
                }
            }
        }
        public InspectionResult Inspect(Core.Services.tmp.EntityOperation operation)
        {
            if ((operation.IsEntity(EntityConsts.BibliographicQuery)
                || operation.IsEntity(EntityConsts.Bibliography))
                && _securityService.HasModulePermission(_securityService.CurrentUser, BiblRefModule.Id, Permissions.Use))
            {
                if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
                    return InspectionResult.Allow;
                else if (operation is EntityUpdate)
                {
                    var update = operation as EntityUpdate;
                    if (update.IsCreate())
                        return InspectionResult.Allow;
                    else if (update.IsEntity(EntityConsts.BibliographicQuery))
                    {
                        var q = new EntityQuery2(User.ENTITY, _securityService.CurrentUser.Id);
                        q.WhereRelated(new RelationQuery(EntityConsts.BibliographicQuery, Roles.Customer, update.Id.Value));
                        if (_repository.Read(q) != null)
                            return InspectionResult.Allow;
                    }
                    else if(update.IsEntity(EntityConsts.Bibliography))
                    {
                        var q = new EntityQuery2(EntityConsts.BibliographicQuery);
                        q.WhereIs("ForNew", true);
                        q.WhereRelated(new RelationQuery(EntityConsts.Bibliography, Roles.Query, update.Id.Value));
                        q.WhereRelated(new RelationQuery(User.ENTITY, Roles.Customer, _securityService.CurrentUser.Id));
                        q.Include(EntityConsts.Bibliography, Roles.Query);

                        if (_repository.Read(q) != null)
                            return InspectionResult.Allow;

                    }
                }
            }

            return InspectionResult.None;
        }
示例#7
0
        public void Before(EntityOperation operation, EntityOperationContext context)
        {
            if (!operation.IsEntity(Inquery.EntityType))
            {
                return;
            }

            if (operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (_securityService.CurrentUser.UserType == UserTypes.Customer && update.IsCreate())
                {
                    update.Attach(User.ENTITY, RelationConsts.Customer, _securityService.CurrentUser.Id);
                }
                else if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
                {
                    bool attach = false;
                    if (update.IsCreate())
                    {
                        attach = true;
                    }
                    else
                    {
                        var q = new EntityQuery2(User.ENTITY);
                        q.WhereRelated(new RelationQuery(Inquery.EntityType, RelationConsts.ProcessedBy, update.Id.Value));
                        var user = _repository.Read(q);
                        if (user == null)
                        {
                            attach = true;
                        }
                        else if (user.Id != _securityService.CurrentUser.Id)
                        {
                            update.Detach(User.ENTITY, RelationConsts.ProcessedBy, user.Id);
                            attach = true;
                        }
                    }

                    if (attach)
                    {
                        update.Attach(User.ENTITY, RelationConsts.ProcessedBy, _securityService.CurrentUser.Id);
                    }
                }
            }
        }
示例#8
0
        public void After(Core.Services.tmp.EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
        {
            if (!result.Success)
                return;

            var update = operation as EntityUpdate;
            if (operation.IsEntity(EntityConsts.BibliographicListQuery) && update != null && update.ContainsProperty("Status") && update.Get<QueryStatus>("Status") == QueryStatus.Completed)
            {
                var q = new EntityQuery2(EntityConsts.BibliographicListQuery, update.Id.Value) { AllProperties = true };
                q.Include(User.ENTITY, Roles.Customer);
                var biblListQuery = _repository.Read(q);
                var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity);
                var template = _templateService.Get(new Guid(NotificationTemplates.QUERY_COMPLETED));
                string subject = null, body = null;
                Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase);
                templateContext.Add("Customer", user);
                templateContext.Add("Query", biblListQuery);

                _templateService.Render(template, templateContext, out subject, out body);
                var withEmail = biblListQuery.GetData<ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail;
                _notificationService.SendNotification(withEmail, new User[] { user }, subject, body, null, new Relation[] { new Relation(Notification.ROLE, biblListQuery) });
            }
            else if (operation.IsEntity(Payment.ENTITY) && update != null && update.ContainsProperty("Status") && update.Get<PaymentStatus>("Status") == PaymentStatus.Paid)
            {
                var q = new EntityQuery2(EntityConsts.BibliographicListQuery);
                q.AddProperties("Number");
                q.WhereRelated(new RelationQuery(Payment.ENTITY, Roles.Payment, update.Id.Value));
                q.Include(User.ENTITY, Roles.Customer);
                q.Include(File.ENTITY, Roles.File);
                var biblListQuery = _repository.Read(q);
                if (biblListQuery != null)
                {
                    var file = new File(biblListQuery.GetSingleRelation(File.ENTITY, Roles.File).Entity);
                    var user = new User(biblListQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity);

                    var template = _templateService.Get(new Guid(NotificationTemplates.PAYMENT_COMPLETED));

                    string subject = null, body = null;
                    Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase);
                    templateContext.Add("Customer", user);
                    templateContext.Add("Query", biblListQuery);

                    _templateService.Render(template, templateContext, out subject, out body);

                    var withEmail = biblListQuery.GetData<ReplyMethods>("ReplyMethod") == ReplyMethods.ByEmail;
                    _notificationService.SendNotification(withEmail, new User[] { user }, subject, body, new File[] { file }, new Relation[] { new Relation(Notification.ROLE, biblListQuery) });
                    //_fileService.GrantAccess(file.Id, FileAccessType.Read, new User(biblQuery.GetSingleRelation(User.ENTITY, Roles.Customer).Entity));

                }
            }
        }
示例#9
0
        public void Before(Services.tmp.EntityOperation operation, EntityOperationContext context)
        {
            if (operation.IsEntity(Payment.ENTITY) && operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (update.IsCreate())
                {
                    List<int> usersToAttach = new List<int>();
                    foreach (var attach in update.RelationUpdates.Where(ru => ru.Operation == Services.tmp.RelationOperation.Attach))
                    {
                        var em = _domainService.Domain.Entities[attach.Entity];
                        var customerRel = em.Relations[em.Name, User.ENTITY, Payment.ROLE_CUSTOMER];
                        if (customerRel != null && customerRel.TypeFor(User.ENTITY) == RelationType.OneToMany)
                        {
                            var q = new EntityQuery2(User.ENTITY);
                            q.WhereRelated(new RelationQuery(em.Name, customerRel.Role, attach.Id.Value));
                            var cust = _repository.Read(q);
                            if (cust != null)
                                usersToAttach.Add(cust.Id);
                        }
                    }

                    foreach (var id in usersToAttach)
                    {
                        update.Attach(User.ENTITY, Payment.ROLE_CUSTOMER, id);
                    }
                }
            }
        }
示例#10
0
        public bool HasAccess(User user, int fileId, FileAccessType accessType, Guid? token = null)
        {
            if (user.UserType == UserTypes.Admin)
                return true;
            else if (_securityService.HasModulePermission(user, FilesModule.Id, Permissions.ManageAll))
                return true;

            var q = new EntityQuery2(File.ENTITY, fileId);
            q.Include(User.ENTITY, Roles.Access);
            var relQuery = new RelationQuery(User.ENTITY, Roles.Access, user.Id);
            relQuery.RelationRules.Add(new Condition("Type", Condition.Is, accessType));
            q.WhereRelated(relQuery);

            var e = _repository.Read(q);
            if (e == null)
                return false;

            var file = new File(e);
            if (file.Access == null)
                return false;

            return HasAccessInternal(user, file.Access, token);
        }
示例#11
0
        public void Before(EntityOperation operation, EntityOperationContext context)
        {
            if (!operation.IsEntity(Inquery.EntityType))
                return;

            if (operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (_securityService.CurrentUser.UserType == UserTypes.Customer && update.IsCreate())
                {
                    update.Attach(User.ENTITY, RelationConsts.Customer, _securityService.CurrentUser.Id);
                }
                else if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
                {
                    bool attach = false;
                    if (update.IsCreate())
                        attach = true;
                    else
                    {
                        var q = new EntityQuery2(User.ENTITY);
                        q.WhereRelated(new RelationQuery(Inquery.EntityType, RelationConsts.ProcessedBy, update.Id.Value));
                        var user = _repository.Read(q);
                        if (user == null)
                            attach = true;
                        else if (user.Id != _securityService.CurrentUser.Id)
                        {
                            update.Detach(User.ENTITY, RelationConsts.ProcessedBy, user.Id);
                            attach = true;
                        }
                    }

                    if (attach)
                        update.Attach(User.ENTITY, RelationConsts.ProcessedBy, _securityService.CurrentUser.Id);
                }
            }
        }
示例#12
0
        private void SendIssueToSubscribers(EntityUpdate update)
        {
            var issueQuery = new EntityQuery2(EntityConsts.Issue, update.Id.Value);
            issueQuery.AllProperties = true;
            issueQuery.Include(EntityConsts.Magazine, Roles.Issue);
            issueQuery.Include(NbuLibrary.Core.Domain.File.ENTITY, Roles.Content);
            var issue = _repository.Read(issueQuery);
            var magazine = issue.GetSingleRelation(EntityConsts.Magazine, Roles.Issue).Entity;
            var subscribersQuery = new EntityQuery2(User.ENTITY);
            var relQuery = new RelationQuery(EntityConsts.Magazine, Roles.Subscriber, magazine.Id);
            relQuery.RelationRules.Add(new Condition("IsActive", Condition.Is, true));
            subscribersQuery.WhereRelated(relQuery);
            subscribersQuery.AllProperties = true;
            var subscribers = _repository.Search(subscribersQuery).Select(e => new User(e));

            var contents = issue.GetManyRelations(NbuLibrary.Core.Domain.File.ENTITY, Roles.Content).Select(r => new File(r.Entity));

            var template = _templateService.Get(new Guid(NotificationTemplates.NEW_ISSUE));

            string subject = null, body = null;
            Dictionary<string, Entity> templateContext = new Dictionary<string, Entity>(StringComparer.InvariantCultureIgnoreCase);
            templateContext.Add("Magazine", magazine);
            templateContext.Add("Issue", issue);

            _templateService.Render(template, templateContext, out subject, out body);

            _notificationService.SendNotification(true, subscribers, subject, body, contents, new Relation[] { new Relation(Notification.ROLE, issue) });
        }
示例#13
0
        public void After(EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
        {
            if (!result.Success)
                return;

            if (operation.IsEntity(EntityConsts.Issue) && operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (context.Get<bool>(CTXKEY_SEND_ISSUE))
                {
                    SendIssueToSubscribers(operation as EntityUpdate);
                }

                if (update.ContainsRelation(File.ENTITY, Roles.Content))
                {
                    var filesAttached = update.GetMultipleRelationUpdates(File.ENTITY, Roles.Content).Where(fu => fu.Operation == RelationOperation.Attach);
                    if (filesAttached.Count() > 0)
                    {
                        var issue = update.ToEntity();
                        var q = new EntityQuery2(EntityConsts.Magazine);
                        q.WhereRelated(new RelationQuery(EntityConsts.Issue, Roles.Issue, issue.Id));
                        q.Include(User.ENTITY, Roles.Subscriber);
                        var mag = _repository.Read(q);
                        var subscribers = mag.GetManyRelations(User.ENTITY, Roles.Subscriber).Select(r => new User(r.Entity));
                        foreach (var subscriber in subscribers)
                        {
                            foreach (var fileUpdate in filesAttached)
                            {
                                if (!_fileService.HasAccess(subscriber, fileUpdate.Id.Value))
                                    _fileService.GrantAccess(fileUpdate.Id.Value, FileAccessType.Read, subscriber);
                            }
                        }
                    }
                }
            }
            else if (operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (update.IsEntity(User.ENTITY) && update.ContainsRelation(EntityConsts.Magazine, Roles.Subscriber))
                {
                    var rus = update.GetMultipleRelationUpdates(EntityConsts.Magazine, Roles.Subscriber).Where(ru => ru.Operation == RelationOperation.Attach);
                    foreach (var ru in rus)
                    {
                        var q = new EntityQuery2(EntityConsts.Issue);
                        q.WhereRelated(new RelationQuery(EntityConsts.Magazine, Roles.Issue, ru.Id.Value));
                        q.Include(File.ENTITY, Roles.Content);
                        var issues = _repository.Search(q);
                        foreach (var issue in issues)
                        {
                            //The user cannot give himself an access to file - only owner or administrator can.
                            using (_securityService.BeginSystemContext())
                            {
                                GiveFileAccessForIssue(issue, new User(update.ToEntity()));
                            }
                        }
                    }
                }
                else if (update.IsEntity(EntityConsts.Magazine) && update.ContainsRelation(User.ENTITY, Roles.Subscriber))
                {
                    var rus = update.GetMultipleRelationUpdates(User.ENTITY, Roles.Subscriber).Where(ru => ru.Operation == RelationOperation.Attach);

                    if (rus.Count() > 0)
                    {
                        var q = new EntityQuery2(EntityConsts.Issue);
                        q.WhereRelated(new RelationQuery(EntityConsts.Magazine, Roles.Issue, update.Id.Value));
                        q.Include(File.ENTITY, Roles.Content);
                        var issues = _repository.Search(q);
                        foreach (var ru in rus)
                        {
                            foreach (var issue in issues)
                                GiveFileAccessForIssue(issue, new User(ru.Id.Value));
                        }
                    }
                }
                else if (update.IsEntity(EntityConsts.Magazine) && update.ContainsProperty("IsActive"))
                {
                    var isActiveNew = update.Get<bool>("IsActive");
                    if (isActiveNew == false && context.Get<bool>(CTXKEY_ISACTIVEOLD))
                    {
                        SendMagazineNotActiveToSubscribers(update);
                    }
                }
            }
        }
示例#14
0
        public void After(EntityOperation operation, EntityOperationContext context, EntityOperationResult result)
        {
            if (!result.Success)
            {
                return;
            }

            if (operation.IsEntity(EntityConsts.Issue) && operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (context.Get <bool>(CTXKEY_SEND_ISSUE))
                {
                    SendIssueToSubscribers(operation as EntityUpdate);
                }

                if (update.ContainsRelation(File.ENTITY, Roles.Content))
                {
                    var filesAttached = update.GetMultipleRelationUpdates(File.ENTITY, Roles.Content).Where(fu => fu.Operation == RelationOperation.Attach);
                    if (filesAttached.Count() > 0)
                    {
                        var issue = update.ToEntity();
                        var q     = new EntityQuery2(EntityConsts.Magazine);
                        q.WhereRelated(new RelationQuery(EntityConsts.Issue, Roles.Issue, issue.Id));
                        q.Include(User.ENTITY, Roles.Subscriber);
                        var mag         = _repository.Read(q);
                        var subscribers = mag.GetManyRelations(User.ENTITY, Roles.Subscriber).Select(r => new User(r.Entity));
                        foreach (var subscriber in subscribers)
                        {
                            foreach (var fileUpdate in filesAttached)
                            {
                                if (!_fileService.HasAccess(subscriber, fileUpdate.Id.Value))
                                {
                                    _fileService.GrantAccess(fileUpdate.Id.Value, FileAccessType.Read, subscriber);
                                }
                            }
                        }
                    }
                }
            }
            else if (operation is EntityUpdate)
            {
                var update = operation as EntityUpdate;
                if (update.IsEntity(User.ENTITY) && update.ContainsRelation(EntityConsts.Magazine, Roles.Subscriber))
                {
                    var rus = update.GetMultipleRelationUpdates(EntityConsts.Magazine, Roles.Subscriber).Where(ru => ru.Operation == RelationOperation.Attach);
                    foreach (var ru in rus)
                    {
                        var q = new EntityQuery2(EntityConsts.Issue);
                        q.WhereRelated(new RelationQuery(EntityConsts.Magazine, Roles.Issue, ru.Id.Value));
                        q.Include(File.ENTITY, Roles.Content);
                        var issues = _repository.Search(q);
                        foreach (var issue in issues)
                        {
                            //The user cannot give himself an access to file - only owner or administrator can.
                            using (_securityService.BeginSystemContext())
                            {
                                GiveFileAccessForIssue(issue, new User(update.ToEntity()));
                            }
                        }
                    }
                }
                else if (update.IsEntity(EntityConsts.Magazine) && update.ContainsRelation(User.ENTITY, Roles.Subscriber))
                {
                    var rus = update.GetMultipleRelationUpdates(User.ENTITY, Roles.Subscriber).Where(ru => ru.Operation == RelationOperation.Attach);

                    if (rus.Count() > 0)
                    {
                        var q = new EntityQuery2(EntityConsts.Issue);
                        q.WhereRelated(new RelationQuery(EntityConsts.Magazine, Roles.Issue, update.Id.Value));
                        q.Include(File.ENTITY, Roles.Content);
                        var issues = _repository.Search(q);
                        foreach (var ru in rus)
                        {
                            foreach (var issue in issues)
                            {
                                GiveFileAccessForIssue(issue, new User(ru.Id.Value));
                            }
                        }
                    }
                }
                else if (update.IsEntity(EntityConsts.Magazine) && update.ContainsProperty("IsActive"))
                {
                    var isActiveNew = update.Get <bool>("IsActive");
                    if (isActiveNew == false && context.Get <bool>(CTXKEY_ISACTIVEOLD))
                    {
                        SendMagazineNotActiveToSubscribers(update);
                    }
                }
            }
        }
示例#15
0
        public InspectionResult Inspect(Core.Services.tmp.EntityOperation operation)
        {
            if (operation.IsEntity(EntityConsts.AnalysisQuery)
                && _securityService.HasModulePermission(_securityService.CurrentUser, RefAnalysisModule.Id, Permissions.Use))
            {
                if (_securityService.CurrentUser.UserType == UserTypes.Librarian)
                    return InspectionResult.Allow;
                else if (operation is EntityUpdate)
                {
                    var update = operation as EntityUpdate;
                    if (update.IsCreate())
                        return InspectionResult.Allow;
                    else if (update.IsEntity(EntityConsts.AnalysisQuery))
                    {
                        var q = new EntityQuery2(User.ENTITY, _securityService.CurrentUser.Id);
                        q.WhereRelated(new RelationQuery(EntityConsts.AnalysisQuery, Roles.Customer, update.Id.Value));
                        if (_repository.Read(q) != null)
                            return InspectionResult.Allow;
                    }
                }
            }

            return InspectionResult.None;
        }