private Permissions GetNonRolePermissions(IndPair moduleOperation, int idProject)
{
//The permission that comes not from the user role (which can only be business administrator, technical administrator or
//financial team), but from the user being a program manager or core team member (different from program manager)
Permissions nonRolePermission = Permissions.None;
//Get the nonRolePermission from the program manager permissions if this user is a program manager,
//else get it from the core team member permissions
//else get it from the program reader permissions
if (_ProgramManagerProjects.ContainsKey(idProject))
{
nonRolePermission = _ProgramManagerPermissions[moduleOperation];
return(nonRolePermission);
}
if (_CoreTeamProjects.ContainsKey(idProject))
{
nonRolePermission = _CoreTeamPermissions[moduleOperation];
return(nonRolePermission);
}
if (_ProgramReaderProjects.ContainsKey(idProject))
{
nonRolePermission = _ProgramReaderPermissions[moduleOperation];
return(nonRolePermission);
}
return(nonRolePermission);
}
/// <summary>
/// Checks if this user has permission to perform the given operation on the given module
/// </summary>
/// <param name="moduleCode">the code of the module</param>
/// <param name="operation">the operation to be performed</param>
/// <returns>true if this user has permission to perform the given operation on the given module, false otherwise</returns>
private bool HasXPermission(string moduleCode, Operations operation)
{
//Get the view permission from the user role corresponding to the given module
Permissions rolePermission = _UserRole.GetPermission(moduleCode, operation);
IndPair moduleOperation = new IndPair(moduleCode, operation);
//If the CoreTeamPermission dictionary does not contain this permission, then the permission for this user will be the one from
//its role
if (!_ProgramManagerPermissions.ContainsKey(moduleOperation) &&
!_CoreTeamPermissions.ContainsKey(moduleOperation) &&
!_ProgramReaderPermissions.ContainsKey(moduleOperation))
{
//The user has view permission if the permission is not none
return(rolePermission != Permissions.None);
}
//The permission that comes not from the user role (which can only be business administrator, technical administrator or
//financial team), but from the user being a program manager or core team member (different from program manager)
Permissions nonRolePermission = GetNonRolePermissions(moduleOperation);
//Else, if either of the 2 permissions (from the role of the user, or from the core team role) is not none, than the user
//will have view permission
return((rolePermission != Permissions.None) || (nonRolePermission != Permissions.None));
}
/// <summary>
/// Gets the permissions for the given module code and operation, for modules which are accessed only after a project is selected
/// </summary>
/// <param name="moduleCode">The code of the module</param>
/// <param name="operation">The operation to be performed on the module</param>
/// <param name="idProject">The project for which the permission is applied</param>
/// <returns></returns>
public Permissions GetPermission(string moduleCode, Operations operation, int idProject)
{
try
{
Permissions permission = _UserRole.GetPermission(moduleCode, operation);
IndPair moduleOperation = new IndPair(moduleCode, operation);
//If this user does not belong to the core team of the given project, the permission is the one from its role
if (!_ProgramManagerProjects.ContainsKey(idProject) &&
!_CoreTeamProjects.ContainsKey(idProject) &&
!_ProgramReaderProjects.ContainsKey(idProject))
{
return(permission);
}
//The permission that comes not from the user role (which can only be business administrator, technical administrator or
//financial team), but from the user being a program manager or core team member (different from program manager)
Permissions nonRolePermission = GetNonRolePermissions(moduleOperation, idProject);
//The permission will be the smallest of the 2 permissions (Permission.All = 1, Permissions.Restricted = 2, Permissions.None = 3
// - this means that choosing the least restrictive permission from the permissions enumeration is the same thing as chosing the
// permission with the smallest value - this is why we calculate the minimum value of the 2 permissions).
return((permission < nonRolePermission) ? permission : nonRolePermission);
}
catch (Exception ex)
{
throw new IndException(ex);
}
}
/// <summary>
/// Populates the _CoreTeamPermissions dictionary with the permissions the core team role if this user is a core team member
/// (other than program manager). If he is not a core team member (other than program manager), this function will not get called
/// </summary>
private void GetProgramReaderPermissions()
{
DataTable permissionsDataTable = DBCurrentUser.GetRolePermissions(ApplicationConstants.ROLE_PROGRAM_READER);
foreach (DataRow row in permissionsDataTable.Rows)
{
//Build the pair of module code and operation which will be the key of the dictionary
IndPair pair = new IndPair(row["ModuleCode"].ToString(), (Operations)row["IdOperation"]);
//Add the key-value pair to the dictionary (the value is the permission)
_ProgramReaderPermissions.Add(pair, (Permissions)row["IdPermission"]);
}
}
/// <summary>
/// Initialize the permissions of the role from the given DataTable
/// </summary>
/// <param name="dataTable">the DataTable containing the permissions of the role</param>
private void InitializePermissionsInformation(DataTable dataTable)
{
//Instantiate the role permissions dictionary
_RolePermissions = new Dictionary <IndPair, Permissions>(new IndPairComparer());
//For each row in the table
foreach (DataRow row in dataTable.Rows)
{
//Build the pair of module code and operation which will be the key of the dictionary
IndPair pair = new IndPair(row["ModuleCode"].ToString(), (Operations)row["IdOperation"]);
//Add the key-value pair to the dictionary (the value is the permission)
_RolePermissions.Add(pair, (Permissions)row["IdPermission"]);
}
}
