public bool CreatePositionAssignment(PositionAssignmentCreate model)
{
using (var ctx = new ApplicationDbContext())
{
var entity =
new PositionAssignment()
{
OwnerId = _userId,
PositionId =
ctx
.Positions
.FirstOrDefault(e => e.OwnerId == _userId).PositionId,
WorkerId =
ctx
.Workers
.FirstOrDefault(e => e.OwnerId == _userId).WorkerId,
Notes = model.Notes,
ShiftId =
ctx
.Shifts
.FirstOrDefault(e => e.OwnerId == _userId).ShiftId
};
ctx.PositionAssignments.Add(entity);
return(ctx.SaveChanges() == 1);
}
}
public void SetOrganization(Organization organization)
{
// This changes the active organization. There may be a Primary Position in this
// organization; if so, activate that too. Otherwise, just null out the Position.
// The reason this isn't an ordinary setter for the field is to minimize risk for
// miscoding in the security framework.
PositionAssignment primaryAssignment = Person.GetPrimaryAssignment(organization);
_data.OrganizationId = organization.Identity;
_data.PositionAssignmentId = (primaryAssignment == null ? 0 : primaryAssignment.Identity);
}
public static AjaxCallResult TerminatePositionAssignment(int assignmentId)
{
AuthenticationData authData = GetAuthenticationDataAndCulture();
PositionAssignment assignment = PositionAssignment.FromIdentity(assignmentId);
if (assignment.OrganizationId == 0)
{
if (!authData.Authority.HasAccess(new Access(AccessAspect.Administration))) // System-wide admin
{
throw new UnauthorizedAccessException();
}
}
else // Org-specific assignment
{
if (assignment.GeographyId == 0)
{
if (!authData.Authority.HasAccess(new Access(authData.CurrentOrganization, AccessAspect.Administration)))
{
throw new UnauthorizedAccessException();
}
}
else // Org- and geo-specific assignment
{
if (
!authData.Authority.HasAccess(new Access(authData.CurrentOrganization,
assignment.Position.Geography, AccessAspect.Administration)))
{
throw new UnauthorizedAccessException();
}
}
}
// Ok, go ahead and terminate
try
{
assignment.Terminate(authData.CurrentUser, authData.CurrentUser.GetPrimaryPosition(authData.CurrentOrganization), string.Empty);
}
catch (DatabaseConcurrencyException)
{
return(new AjaxCallResult {
Success = false, DisplayMessage = Resources.Global.Error_DatabaseConcurrency
});
}
return(new AjaxCallResult {
Success = true
});
}
public static Authority FromLogin(Person person, Organization organization)
{
PositionAssignment assignment = person.GetPrimaryAssignment(organization);
// TODO: Verify membership OR position OR volunteer
return(new Authority(new AuthorityData
{
CustomData = new Basic.Types.Common.SerializableDictionary <string, string>(),
LoginDateTimeUtc = DateTime.UtcNow,
OrganizationId = organization.Identity,
PersonId = person.Identity,
PositionAssignmentId = (assignment != null ? assignment.Identity : 0)
}));
}
public bool CanAccess(IHasIdentity identifiableObject, AccessType accessType = AccessType.Write)
{
// Tests if this Authority can access a certain object. Add new object types as needed by the logic.
// This is a very general case of the CanSeePerson() function.
PositionAssignment testAssignment = identifiableObject as PositionAssignment;
if (testAssignment != null)
{
// shortcut, for now
return(HasSystemAccess(accessType));
}
throw new NotImplementedException("Authority.CanAccess is not implemented for type " + identifiableObject.GetType().FullName);
}
public void SetPosition(PositionAssignment assignment)
{
// This changes to a Position. The Organization will change along with it, but only
// if it's not a system-level Position.
// The reason this isn't an ordinary setter for the field is to minimize risk for
// miscoding in the security framework.
_data.PositionAssignmentId = (assignment == null ? 0 : assignment.Identity);
if (assignment != null)
{
if (assignment.Position.PositionLevel != PositionLevel.SystemWide)
{
_data.OrganizationId = assignment.Position.OrganizationId;
}
}
}
static public AssignmentData GetAssignmentData(int assignmentId)
{
AuthenticationData authData = GetAuthenticationDataAndCulture();
PositionAssignment assignment = PositionAssignment.FromIdentity(assignmentId);
if (authData.Authority.CanAccess(assignment, AccessType.Read))
{
return(new AssignmentData
{
Success = true,
AssignedPersonCanonical = assignment.Person.Canonical,
AssignedPersonId = assignment.PersonId,
PositionAssignmentId = assignment.Identity,
PositionId = assignment.PositionId,
PositionLocalized = assignment.Position.Localized()
});
}
else
{
return(new AssignmentData {
Success = false
});
}
}
public static void Initialize(SchoolContext context)
{
// Look for any students.
if (context.Students.Any())
{
return; // DB has been seeded
}
var teachers = new Teacher[]
{
new Teacher {
FirstMidName = "Kim", LastName = "Abercrombie"
},
new Teacher {
FirstMidName = "Fadi", LastName = "Fakhouri"
},
new Teacher {
FirstMidName = "Roger", LastName = "Harui"
},
new Teacher {
FirstMidName = "Candace", LastName = "Kapoor"
},
new Teacher {
FirstMidName = "Roger", LastName = "Zheng"
}
};
foreach (Teacher i in teachers)
{
context.Teachers.Add(i);
}
context.SaveChanges();
var schoolclasses = new SchoolClass[]
{
new SchoolClass {
Name = "1A",
TeacherID = teachers.Single(i => i.LastName == "Abercrombie").ID
},
new SchoolClass {
Name = "2Б",
TeacherID = teachers.Single(i => i.LastName == "Fakhouri").ID
},
new SchoolClass {
Name = "3В",
TeacherID = teachers.Single(i => i.LastName == "Harui").ID
},
new SchoolClass {
Name = "4Г",
TeacherID = teachers.Single(i => i.LastName == "Kapoor").ID
}
};
foreach (SchoolClass d in schoolclasses)
{
context.SchoolClasses.Add(d);
}
context.SaveChanges();
var students = new Student[]
{
new Student {
FirstMidName = "Carson", LastName = "Alexander", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "1A").SchoolClassID,
EnrollmentDate = DateTime.Parse("2010-09-01")
},
new Student {
FirstMidName = "Meredith", LastName = "Alonso", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "2Б").SchoolClassID,
EnrollmentDate = DateTime.Parse("2012-09-01")
},
new Student {
FirstMidName = "Arturo", LastName = "Anand", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "3В").SchoolClassID,
EnrollmentDate = DateTime.Parse("2013-09-01")
},
new Student {
FirstMidName = "Gytis", LastName = "Barzdukas", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "4Г").SchoolClassID,
EnrollmentDate = DateTime.Parse("2012-09-01")
},
new Student {
FirstMidName = "Yan", LastName = "Li", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "4Г").SchoolClassID,
EnrollmentDate = DateTime.Parse("2012-09-01")
},
new Student {
FirstMidName = "Peggy", LastName = "Justice", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "1A").SchoolClassID,
EnrollmentDate = DateTime.Parse("2011-09-01")
},
new Student {
FirstMidName = "Laura", LastName = "Norman", Birthday = DateTime.Parse("2010-09-01"), Sex = "female", StudentsClassID = schoolclasses.Single(i => i.Name == "1A").SchoolClassID,
EnrollmentDate = DateTime.Parse("2013-09-01")
},
};
foreach (Student s in students)
{
context.Students.Add(s);
}
context.SaveChanges();
var subjects = new Subject[]
{
new Subject {
SubjectID = 1050, Title = "Chemistry",
SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID
},
new Subject {
SubjectID = 4022, Title = "Microeconomics",
SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID
},
new Subject {
SubjectID = 4041, Title = "Macroeconomics",
SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID
},
new Subject {
SubjectID = 1045, Title = "Calculus",
SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID
},
new Subject {
SubjectID = 3141, Title = "Trigonometry",
SchoolClassID = schoolclasses.Single(s => s.Name == "2Б").SchoolClassID
},
new Subject {
SubjectID = 2021, Title = "Composition",
SchoolClassID = schoolclasses.Single(s => s.Name == "3В").SchoolClassID
},
new Subject {
SubjectID = 2042, Title = "Literature",
SchoolClassID = schoolclasses.Single(s => s.Name == "4Г").SchoolClassID
},
};
foreach (Subject c in subjects)
{
context.Subjects.Add(c);
}
context.SaveChanges();
var positionAssignments = new PositionAssignment[]
{
new PositionAssignment {
TeacherID = teachers.Single(i => i.LastName == "Fakhouri").ID,
Position = "Director"
},
new PositionAssignment {
TeacherID = teachers.Single(i => i.LastName == "Harui").ID,
Position = "HeadTeacher"
},
new PositionAssignment {
TeacherID = teachers.Single(i => i.LastName == "Kapoor").ID,
Position = "Teacher"
},
};
foreach (PositionAssignment o in positionAssignments)
{
context.PositionAssignments.Add(o);
}
context.SaveChanges();
var subjectTeachers = new SubjectAssignment[]
{
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Kapoor").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Harui").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Microeconomics").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Zheng").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Macroeconomics").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Zheng").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Calculus").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Fakhouri").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Trigonometry").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Harui").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Composition").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Abercrombie").ID
},
new SubjectAssignment {
SubjectID = subjects.Single(c => c.Title == "Literature").SubjectID,
TeacherID = teachers.Single(i => i.LastName == "Abercrombie").ID
},
};
foreach (SubjectAssignment ci in subjectTeachers)
{
context.SubjectAssignments.Add(ci);
}
context.SaveChanges();
var enrollments = new Enrollment[]
{
new Enrollment {
StudentID = students.Single(s => s.LastName == "Alexander").ID,
SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Alexander").ID,
SubjectID = subjects.Single(c => c.Title == "Microeconomics").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Alexander").ID,
SubjectID = subjects.Single(c => c.Title == "Macroeconomics").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Alonso").ID,
SubjectID = subjects.Single(c => c.Title == "Calculus").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Alonso").ID,
SubjectID = subjects.Single(c => c.Title == "Trigonometry").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Alonso").ID,
SubjectID = subjects.Single(c => c.Title == "Composition").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Anand").ID,
SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Anand").ID,
SubjectID = subjects.Single(c => c.Title == "Microeconomics").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Barzdukas").ID,
SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Li").ID,
SubjectID = subjects.Single(c => c.Title == "Composition").SubjectID,
},
new Enrollment {
StudentID = students.Single(s => s.LastName == "Justice").ID,
SubjectID = subjects.Single(c => c.Title == "Literature").SubjectID,
}
};
foreach (Enrollment e in enrollments)
{
var enrollmentInDataBase = context.Enrollments.SingleOrDefault(s => s.Student.ID == e.StudentID &&
s.Subject.SubjectID == e.SubjectID);
if (enrollmentInDataBase == null)
{
context.Enrollments.Add(e);
}
}
context.SaveChanges();
}
public static AjaxCallResult AssignPosition(int personId, int positionId, int durationMonths, int geographyId)
{
AuthenticationData authData = GetAuthenticationDataAndCulture();
Position position = Position.FromIdentity(positionId);
Person person = Person.FromIdentity(personId);
Geography geography = (geographyId == 0 ? null : Geography.FromIdentity(geographyId));
if (position.PositionLevel == PositionLevel.Geography ||
position.PositionLevel == PositionLevel.GeographyDefault)
{
position.AssignGeography(geography);
}
if ((position.OrganizationId > 0 && authData.CurrentOrganization.Identity != position.OrganizationId) || person.Identity < 0)
{
throw new UnauthorizedAccessException();
}
if (position.PositionLevel == PositionLevel.SystemWide && !authData.Authority.HasAccess(new Access(AccessAspect.Administration)))
{
// Authority check for systemwide
throw new UnauthorizedAccessException();
}
if ((position.GeographyId == Geography.RootIdentity || position.GeographyId == 0) &&
!authData.Authority.HasAccess(new Access(authData.CurrentOrganization, AccessAspect.Administration)))
{
// Authority check for org-global
throw new UnauthorizedAccessException();
}
if (
!authData.Authority.HasAccess(new Access(authData.CurrentOrganization, geography,
AccessAspect.Administration)))
{
// Authority check for org/geo combo
throw new UnauthorizedAccessException();
}
if (position.MaxCount > 0 && position.Assignments.Count >= position.MaxCount)
{
return(new AjaxCallResult
{
Success = false,
DisplayMessage = Resources.Controls.Swarm.Positions_NoMorePeopleOnPosition
});
}
// Deliberate: no requirement for membership (or equivalent) in order to be assigned to position.
Position currentUserPosition = authData.CurrentUser.PositionAssignment.Position; // excludes acting positions. May throw!
DateTime?expiresUtc = null;
if (durationMonths > 0)
{
expiresUtc = DateTime.UtcNow.AddMonths(durationMonths);
}
try
{
PositionAssignment.Create(position, geography, person, authData.CurrentUser, currentUserPosition,
expiresUtc, string.Empty);
}
catch (DatabaseConcurrencyException)
{
return(new AjaxCallResult {
Success = false, DisplayMessage = Resources.Global.Error_DatabaseConcurrency
});
}
return(new AjaxCallResult {
Success = true
});
}
public static AjaxCallResult AssignPosition(int personId, int positionId, int durationMonths, int geographyId)
{
AuthenticationData authData = GetAuthenticationDataAndCulture();
Position position = Position.FromIdentity(positionId);
Person person = Person.FromIdentity(personId);
Geography geography = (geographyId == 0 ? null : Geography.FromIdentity(geographyId));
if (position.PositionLevel == PositionLevel.Geography ||
position.PositionLevel == PositionLevel.GeographyDefault)
{
position.AssignGeography(geography);
}
if ((position.OrganizationId > 0 && authData.CurrentOrganization.Identity != position.OrganizationId) || person.Identity < 0)
{
throw new UnauthorizedAccessException();
}
if (position.PositionLevel == PositionLevel.SystemWide && !authData.Authority.HasAccess(new Access(AccessAspect.Administration)))
{
// Authority check for systemwide
throw new UnauthorizedAccessException();
}
if ((position.GeographyId == Geography.RootIdentity || position.GeographyId == 0) &&
!authData.Authority.HasAccess(new Access(authData.CurrentOrganization, AccessAspect.Administration)))
{
// Authority check for org-global
throw new UnauthorizedAccessException();
}
if (
!authData.Authority.HasAccess(new Access(authData.CurrentOrganization, geography,
AccessAspect.Administration)))
{
// Authority check for org/geo combo
throw new UnauthorizedAccessException();
}
if (position.MaxCount > 0 && position.Assignments.Count >= position.MaxCount)
{
return(new AjaxCallResult
{
Success = false,
DisplayMessage = Resources.Controls.Swarm.Positions_NoMorePeopleOnPosition
});
}
// Deliberate: no requirement for membership (or equivalent) in order to be assigned to position.
// Find the current user position used to assign.
PositionAssignments currentUserAssignments = authData.CurrentUser.PositionAssignments;
// Get the one this user is currently using to assign - it's either a system level position,
// one with a parent organization (TODO), or one with this organization
Position activePosition = null;
foreach (PositionAssignment currentUserAssignment in currentUserAssignments)
{
if (currentUserAssignment.OrganizationId == 0 && currentUserAssignment.Active)
{
activePosition = currentUserAssignment.Position;
break; // a system-level active position has priority over org-level
}
if (currentUserAssignment.OrganizationId == authData.CurrentOrganization.Identity &&
currentUserAssignment.Active)
{
activePosition = currentUserAssignment.Position;
}
}
if (activePosition == null)
{
return(new AjaxCallResult
{
Success = false,
DisplayMessage = "Error: No authority to assign a position"
});
}
DateTime?expiresUtc = null;
if (durationMonths > 0)
{
expiresUtc = DateTime.UtcNow.AddMonths(durationMonths);
}
try
{
PositionAssignment.Create(position, geography, person, authData.CurrentUser, activePosition,
expiresUtc, string.Empty);
}
catch (DatabaseConcurrencyException)
{
return(new AjaxCallResult {
Success = false, DisplayMessage = Resources.Global.Error_DatabaseConcurrency
});
}
return(new AjaxCallResult {
Success = true
});
}
