public bool CreatePositionAssignment(PositionAssignmentCreate model) { using (var ctx = new ApplicationDbContext()) { var entity = new PositionAssignment() { OwnerId = _userId, PositionId = ctx .Positions .FirstOrDefault(e => e.OwnerId == _userId).PositionId, WorkerId = ctx .Workers .FirstOrDefault(e => e.OwnerId == _userId).WorkerId, Notes = model.Notes, ShiftId = ctx .Shifts .FirstOrDefault(e => e.OwnerId == _userId).ShiftId }; ctx.PositionAssignments.Add(entity); return(ctx.SaveChanges() == 1); } }
public void SetOrganization(Organization organization) { // This changes the active organization. There may be a Primary Position in this // organization; if so, activate that too. Otherwise, just null out the Position. // The reason this isn't an ordinary setter for the field is to minimize risk for // miscoding in the security framework. PositionAssignment primaryAssignment = Person.GetPrimaryAssignment(organization); _data.OrganizationId = organization.Identity; _data.PositionAssignmentId = (primaryAssignment == null ? 0 : primaryAssignment.Identity); }
public static AjaxCallResult TerminatePositionAssignment(int assignmentId) { AuthenticationData authData = GetAuthenticationDataAndCulture(); PositionAssignment assignment = PositionAssignment.FromIdentity(assignmentId); if (assignment.OrganizationId == 0) { if (!authData.Authority.HasAccess(new Access(AccessAspect.Administration))) // System-wide admin { throw new UnauthorizedAccessException(); } } else // Org-specific assignment { if (assignment.GeographyId == 0) { if (!authData.Authority.HasAccess(new Access(authData.CurrentOrganization, AccessAspect.Administration))) { throw new UnauthorizedAccessException(); } } else // Org- and geo-specific assignment { if ( !authData.Authority.HasAccess(new Access(authData.CurrentOrganization, assignment.Position.Geography, AccessAspect.Administration))) { throw new UnauthorizedAccessException(); } } } // Ok, go ahead and terminate try { assignment.Terminate(authData.CurrentUser, authData.CurrentUser.GetPrimaryPosition(authData.CurrentOrganization), string.Empty); } catch (DatabaseConcurrencyException) { return(new AjaxCallResult { Success = false, DisplayMessage = Resources.Global.Error_DatabaseConcurrency }); } return(new AjaxCallResult { Success = true }); }
public static Authority FromLogin(Person person, Organization organization) { PositionAssignment assignment = person.GetPrimaryAssignment(organization); // TODO: Verify membership OR position OR volunteer return(new Authority(new AuthorityData { CustomData = new Basic.Types.Common.SerializableDictionary <string, string>(), LoginDateTimeUtc = DateTime.UtcNow, OrganizationId = organization.Identity, PersonId = person.Identity, PositionAssignmentId = (assignment != null ? assignment.Identity : 0) })); }
public bool CanAccess(IHasIdentity identifiableObject, AccessType accessType = AccessType.Write) { // Tests if this Authority can access a certain object. Add new object types as needed by the logic. // This is a very general case of the CanSeePerson() function. PositionAssignment testAssignment = identifiableObject as PositionAssignment; if (testAssignment != null) { // shortcut, for now return(HasSystemAccess(accessType)); } throw new NotImplementedException("Authority.CanAccess is not implemented for type " + identifiableObject.GetType().FullName); }
public void SetPosition(PositionAssignment assignment) { // This changes to a Position. The Organization will change along with it, but only // if it's not a system-level Position. // The reason this isn't an ordinary setter for the field is to minimize risk for // miscoding in the security framework. _data.PositionAssignmentId = (assignment == null ? 0 : assignment.Identity); if (assignment != null) { if (assignment.Position.PositionLevel != PositionLevel.SystemWide) { _data.OrganizationId = assignment.Position.OrganizationId; } } }
static public AssignmentData GetAssignmentData(int assignmentId) { AuthenticationData authData = GetAuthenticationDataAndCulture(); PositionAssignment assignment = PositionAssignment.FromIdentity(assignmentId); if (authData.Authority.CanAccess(assignment, AccessType.Read)) { return(new AssignmentData { Success = true, AssignedPersonCanonical = assignment.Person.Canonical, AssignedPersonId = assignment.PersonId, PositionAssignmentId = assignment.Identity, PositionId = assignment.PositionId, PositionLocalized = assignment.Position.Localized() }); } else { return(new AssignmentData { Success = false }); } }
public static void Initialize(SchoolContext context) { // Look for any students. if (context.Students.Any()) { return; // DB has been seeded } var teachers = new Teacher[] { new Teacher { FirstMidName = "Kim", LastName = "Abercrombie" }, new Teacher { FirstMidName = "Fadi", LastName = "Fakhouri" }, new Teacher { FirstMidName = "Roger", LastName = "Harui" }, new Teacher { FirstMidName = "Candace", LastName = "Kapoor" }, new Teacher { FirstMidName = "Roger", LastName = "Zheng" } }; foreach (Teacher i in teachers) { context.Teachers.Add(i); } context.SaveChanges(); var schoolclasses = new SchoolClass[] { new SchoolClass { Name = "1A", TeacherID = teachers.Single(i => i.LastName == "Abercrombie").ID }, new SchoolClass { Name = "2Б", TeacherID = teachers.Single(i => i.LastName == "Fakhouri").ID }, new SchoolClass { Name = "3В", TeacherID = teachers.Single(i => i.LastName == "Harui").ID }, new SchoolClass { Name = "4Г", TeacherID = teachers.Single(i => i.LastName == "Kapoor").ID } }; foreach (SchoolClass d in schoolclasses) { context.SchoolClasses.Add(d); } context.SaveChanges(); var students = new Student[] { new Student { FirstMidName = "Carson", LastName = "Alexander", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "1A").SchoolClassID, EnrollmentDate = DateTime.Parse("2010-09-01") }, new Student { FirstMidName = "Meredith", LastName = "Alonso", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "2Б").SchoolClassID, EnrollmentDate = DateTime.Parse("2012-09-01") }, new Student { FirstMidName = "Arturo", LastName = "Anand", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "3В").SchoolClassID, EnrollmentDate = DateTime.Parse("2013-09-01") }, new Student { FirstMidName = "Gytis", LastName = "Barzdukas", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "4Г").SchoolClassID, EnrollmentDate = DateTime.Parse("2012-09-01") }, new Student { FirstMidName = "Yan", LastName = "Li", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "4Г").SchoolClassID, EnrollmentDate = DateTime.Parse("2012-09-01") }, new Student { FirstMidName = "Peggy", LastName = "Justice", Birthday = DateTime.Parse("2010-09-01"), Sex = "male", StudentsClassID = schoolclasses.Single(i => i.Name == "1A").SchoolClassID, EnrollmentDate = DateTime.Parse("2011-09-01") }, new Student { FirstMidName = "Laura", LastName = "Norman", Birthday = DateTime.Parse("2010-09-01"), Sex = "female", StudentsClassID = schoolclasses.Single(i => i.Name == "1A").SchoolClassID, EnrollmentDate = DateTime.Parse("2013-09-01") }, }; foreach (Student s in students) { context.Students.Add(s); } context.SaveChanges(); var subjects = new Subject[] { new Subject { SubjectID = 1050, Title = "Chemistry", SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID }, new Subject { SubjectID = 4022, Title = "Microeconomics", SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID }, new Subject { SubjectID = 4041, Title = "Macroeconomics", SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID }, new Subject { SubjectID = 1045, Title = "Calculus", SchoolClassID = schoolclasses.Single(s => s.Name == "1A").SchoolClassID }, new Subject { SubjectID = 3141, Title = "Trigonometry", SchoolClassID = schoolclasses.Single(s => s.Name == "2Б").SchoolClassID }, new Subject { SubjectID = 2021, Title = "Composition", SchoolClassID = schoolclasses.Single(s => s.Name == "3В").SchoolClassID }, new Subject { SubjectID = 2042, Title = "Literature", SchoolClassID = schoolclasses.Single(s => s.Name == "4Г").SchoolClassID }, }; foreach (Subject c in subjects) { context.Subjects.Add(c); } context.SaveChanges(); var positionAssignments = new PositionAssignment[] { new PositionAssignment { TeacherID = teachers.Single(i => i.LastName == "Fakhouri").ID, Position = "Director" }, new PositionAssignment { TeacherID = teachers.Single(i => i.LastName == "Harui").ID, Position = "HeadTeacher" }, new PositionAssignment { TeacherID = teachers.Single(i => i.LastName == "Kapoor").ID, Position = "Teacher" }, }; foreach (PositionAssignment o in positionAssignments) { context.PositionAssignments.Add(o); } context.SaveChanges(); var subjectTeachers = new SubjectAssignment[] { new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Kapoor").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Harui").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Microeconomics").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Zheng").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Macroeconomics").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Zheng").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Calculus").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Fakhouri").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Trigonometry").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Harui").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Composition").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Abercrombie").ID }, new SubjectAssignment { SubjectID = subjects.Single(c => c.Title == "Literature").SubjectID, TeacherID = teachers.Single(i => i.LastName == "Abercrombie").ID }, }; foreach (SubjectAssignment ci in subjectTeachers) { context.SubjectAssignments.Add(ci); } context.SaveChanges(); var enrollments = new Enrollment[] { new Enrollment { StudentID = students.Single(s => s.LastName == "Alexander").ID, SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Alexander").ID, SubjectID = subjects.Single(c => c.Title == "Microeconomics").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Alexander").ID, SubjectID = subjects.Single(c => c.Title == "Macroeconomics").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Alonso").ID, SubjectID = subjects.Single(c => c.Title == "Calculus").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Alonso").ID, SubjectID = subjects.Single(c => c.Title == "Trigonometry").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Alonso").ID, SubjectID = subjects.Single(c => c.Title == "Composition").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Anand").ID, SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID }, new Enrollment { StudentID = students.Single(s => s.LastName == "Anand").ID, SubjectID = subjects.Single(c => c.Title == "Microeconomics").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Barzdukas").ID, SubjectID = subjects.Single(c => c.Title == "Chemistry").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Li").ID, SubjectID = subjects.Single(c => c.Title == "Composition").SubjectID, }, new Enrollment { StudentID = students.Single(s => s.LastName == "Justice").ID, SubjectID = subjects.Single(c => c.Title == "Literature").SubjectID, } }; foreach (Enrollment e in enrollments) { var enrollmentInDataBase = context.Enrollments.SingleOrDefault(s => s.Student.ID == e.StudentID && s.Subject.SubjectID == e.SubjectID); if (enrollmentInDataBase == null) { context.Enrollments.Add(e); } } context.SaveChanges(); }
public static AjaxCallResult AssignPosition(int personId, int positionId, int durationMonths, int geographyId) { AuthenticationData authData = GetAuthenticationDataAndCulture(); Position position = Position.FromIdentity(positionId); Person person = Person.FromIdentity(personId); Geography geography = (geographyId == 0 ? null : Geography.FromIdentity(geographyId)); if (position.PositionLevel == PositionLevel.Geography || position.PositionLevel == PositionLevel.GeographyDefault) { position.AssignGeography(geography); } if ((position.OrganizationId > 0 && authData.CurrentOrganization.Identity != position.OrganizationId) || person.Identity < 0) { throw new UnauthorizedAccessException(); } if (position.PositionLevel == PositionLevel.SystemWide && !authData.Authority.HasAccess(new Access(AccessAspect.Administration))) { // Authority check for systemwide throw new UnauthorizedAccessException(); } if ((position.GeographyId == Geography.RootIdentity || position.GeographyId == 0) && !authData.Authority.HasAccess(new Access(authData.CurrentOrganization, AccessAspect.Administration))) { // Authority check for org-global throw new UnauthorizedAccessException(); } if ( !authData.Authority.HasAccess(new Access(authData.CurrentOrganization, geography, AccessAspect.Administration))) { // Authority check for org/geo combo throw new UnauthorizedAccessException(); } if (position.MaxCount > 0 && position.Assignments.Count >= position.MaxCount) { return(new AjaxCallResult { Success = false, DisplayMessage = Resources.Controls.Swarm.Positions_NoMorePeopleOnPosition }); } // Deliberate: no requirement for membership (or equivalent) in order to be assigned to position. Position currentUserPosition = authData.CurrentUser.PositionAssignment.Position; // excludes acting positions. May throw! DateTime?expiresUtc = null; if (durationMonths > 0) { expiresUtc = DateTime.UtcNow.AddMonths(durationMonths); } try { PositionAssignment.Create(position, geography, person, authData.CurrentUser, currentUserPosition, expiresUtc, string.Empty); } catch (DatabaseConcurrencyException) { return(new AjaxCallResult { Success = false, DisplayMessage = Resources.Global.Error_DatabaseConcurrency }); } return(new AjaxCallResult { Success = true }); }
public static AjaxCallResult AssignPosition(int personId, int positionId, int durationMonths, int geographyId) { AuthenticationData authData = GetAuthenticationDataAndCulture(); Position position = Position.FromIdentity(positionId); Person person = Person.FromIdentity(personId); Geography geography = (geographyId == 0 ? null : Geography.FromIdentity(geographyId)); if (position.PositionLevel == PositionLevel.Geography || position.PositionLevel == PositionLevel.GeographyDefault) { position.AssignGeography(geography); } if ((position.OrganizationId > 0 && authData.CurrentOrganization.Identity != position.OrganizationId) || person.Identity < 0) { throw new UnauthorizedAccessException(); } if (position.PositionLevel == PositionLevel.SystemWide && !authData.Authority.HasAccess(new Access(AccessAspect.Administration))) { // Authority check for systemwide throw new UnauthorizedAccessException(); } if ((position.GeographyId == Geography.RootIdentity || position.GeographyId == 0) && !authData.Authority.HasAccess(new Access(authData.CurrentOrganization, AccessAspect.Administration))) { // Authority check for org-global throw new UnauthorizedAccessException(); } if ( !authData.Authority.HasAccess(new Access(authData.CurrentOrganization, geography, AccessAspect.Administration))) { // Authority check for org/geo combo throw new UnauthorizedAccessException(); } if (position.MaxCount > 0 && position.Assignments.Count >= position.MaxCount) { return(new AjaxCallResult { Success = false, DisplayMessage = Resources.Controls.Swarm.Positions_NoMorePeopleOnPosition }); } // Deliberate: no requirement for membership (or equivalent) in order to be assigned to position. // Find the current user position used to assign. PositionAssignments currentUserAssignments = authData.CurrentUser.PositionAssignments; // Get the one this user is currently using to assign - it's either a system level position, // one with a parent organization (TODO), or one with this organization Position activePosition = null; foreach (PositionAssignment currentUserAssignment in currentUserAssignments) { if (currentUserAssignment.OrganizationId == 0 && currentUserAssignment.Active) { activePosition = currentUserAssignment.Position; break; // a system-level active position has priority over org-level } if (currentUserAssignment.OrganizationId == authData.CurrentOrganization.Identity && currentUserAssignment.Active) { activePosition = currentUserAssignment.Position; } } if (activePosition == null) { return(new AjaxCallResult { Success = false, DisplayMessage = "Error: No authority to assign a position" }); } DateTime?expiresUtc = null; if (durationMonths > 0) { expiresUtc = DateTime.UtcNow.AddMonths(durationMonths); } try { PositionAssignment.Create(position, geography, person, authData.CurrentUser, activePosition, expiresUtc, string.Empty); } catch (DatabaseConcurrencyException) { return(new AjaxCallResult { Success = false, DisplayMessage = Resources.Global.Error_DatabaseConcurrency }); } return(new AjaxCallResult { Success = true }); }