internal bool CheckAllGroupsForObjectPermission(OCL.User AccessingUser, int ObjectTypeId, int ObjectId, OysterPermissions OPT) { string ColumnName = ""; switch(OPT) { case OysterPermissions.IsVisible: ColumnName = "IsVisible"; break; case OysterPermissions.CanAdd: ColumnName = "CanAdd"; break; case OysterPermissions.CanEdit: ColumnName = "CanEdit"; break; case OysterPermissions.CanDelete: ColumnName = "CanDelete"; break; case OysterPermissions.IsUsable: ColumnName = "IsUsable"; break; } string sCheckGroup = "SELECT DISTINCT ObjectId FROM tblGroupTokens WHERE UserId = " + AccessingUser.ID + " AND ObjectTypeId = " + ObjectTypeId + " AND ObjectId = " + ObjectId + " AND " + ColumnName + " <> 0"; int numrecs = RF.ExecuteCommandNonQuery(sCheckGroup); if(numrecs > 0) return true; else return false; }
internal bool CheckGroupObjectPermission(OCL.User AccessingUser, OCL.Group CurrentGroup, int ObjectTypeId, int ObjectId, OysterPermissions OPT) { string ColumnName = ""; switch(OPT) { case OysterPermissions.IsVisible: ColumnName = "IsVisible"; break; case OysterPermissions.CanAdd: ColumnName = "CanAdd"; break; case OysterPermissions.CanEdit: ColumnName = "CanEdit"; break; case OysterPermissions.CanDelete: ColumnName = "CanDelete"; break; case OysterPermissions.IsUsable: ColumnName = "IsUsable"; break; } string sCheckGroup = "SELECT * FROM tblGroupTokens WHERE GroupId = " + CurrentGroup.ID + " AND UserId = " + AccessingUser.ID + " AND ObjectTypeId = " + ObjectTypeId + " AND ObjectId = " + ObjectId + " AND " + ColumnName + " <> 0"; int numrecs = RF.ExecuteQuery(sCheckGroup); if(numrecs > 0) return true; else { if(AccessingUser.mvarIsSuperUser) { return true; } return false; } }
internal Users All_Users(OCL.Group QueryGroup, OCL.User AccessingUser, OysterPermissions OPT) { try { string ColumnName = GetPermissionColumnName(OPT); Users X = new Users(); OCL.User DU = (OCL.User)GetUnassignedObject(OCL.OysterUnassignedObjects.User); string sSQL = ""; if(AccessingUser.mvarIsSuperUser) sSQL = "SELECT DISTINCT UserId FROM tblGroupTokens WHERE GroupId = " + QueryGroup.ID + " AND UserId <> " + DU.ID; else sSQL = "SELECT DISTINCT ObjectId FROM tblGroupTokens WHERE GroupId = " + QueryGroup.ID + " AND UserId = " + AccessingUser.ID + " AND ObjectTypeId = " + Convert.ToInt32(OysterObjectType.User) + " AND ObjectId <> " + DU.ID + " AND " + ColumnName + " <> 0"; DataSet DS = RF.GetDataSet(sSQL); foreach(DataRow r in DS.Tables[0].Rows) { int UserID = Convert.ToInt32(r[0]); User U = GetUser(UserID); X.Add(U); } return X; } catch(Exception Err) { throw new ApplicationException(Err.Message); } }