/// <summary>
/// Extends expression list with authentication filters
/// </summary>
/// <param name="session">Data Access object</param>
/// <param name="expressions">List of filters</param>
/// <param name="option">Hierarchical filter by sort of company</param>
public static string GetSecurityInfoStringForSQL(IDalSession session, SecurityInfoOptions option, string aliasName, string clause)
{
List<ICriterion> expressions = new List<ICriterion>();
string query = "";
GetSecurityInfo(session, expressions, option);
if (expressions != null)
{
foreach (ICriterion criterion in expressions)
{
query = (query != string.Empty ? " and " : "") + criterion.ToString();
}
}
if (aliasName != string.Empty)
query = query.Replace("this_.", aliasName + ".");
if (clause != string.Empty)
query = " " + clause + " " + query;
return query;
}
/// <summary>
/// Extends expression list with authentication filters
/// </summary>
/// <param name="session">Data Access object</param>
/// <param name="expressions">List of filters</param>
/// <param name="option">Hierarchical filter by sort of company</param>
public static void GetSecurityInfo(IDalSession session, List<ICriterion> expressions, SecurityInfoOptions option)
{
ICriterion crit = null;
ICriterion crit1 = null;
ICriterion crit2 = null;
ILogin login = GetCurrentLogin(session);
if (login != null)
{
if (option == SecurityInfoOptions.NoFilter)
{
if (login is AssetManagerEmployeeLogin)
option = SecurityInfoOptions.Both;
else if (login is CustomerLogin)
throw new System.Security.Authentication.AuthenticationException("The no filter option is only available for stichting employees");
}
if (login is StichtingEmployeeLogin)
{
switch (option)
{
case SecurityInfoOptions.ManagedsAcctsOnly:
crit1 = Expression.Sql(string.Format("this_.AccountID IN (SELECT AccountID FROM vweInternalAccounts WHERE (ManagementCompanyID = {0}))", ((StichtingEmployeeLogin)login).Employer.Key));
crit2 = Expression.Sql(string.Format("this_.AccountID NOT IN (SELECT TradingAccountID FROM ManagementCompanies WHERE (ManagementCompanyID = {0}))", ((StichtingEmployeeLogin)login).Employer.Key));
crit = Expression.And(crit1, crit2);
break;
case SecurityInfoOptions.TradingAcctOnly:
crit = Expression.Sql(string.Format("this_.AccountID IN (SELECT TradingAccountID FROM ManagementCompanies WHERE (ManagementCompanyID = {0}))", ((StichtingEmployeeLogin)login).Employer.Key));
break;
case SecurityInfoOptions.NoFilter:
// Do Nothing
crit = null;
break;
default:
crit1 = Expression.Sql(string.Format("this_.AccountID IN (SELECT AccountID FROM vweInternalAccounts WHERE (ManagementCompanyID = {0}))", ((StichtingEmployeeLogin)login).Employer.Key));
crit2 = Expression.Sql(string.Format("this_.AccountID IN (SELECT TradingAccountID FROM ManagementCompanies WHERE (ManagementCompanyID = {0}))", ((StichtingEmployeeLogin)login).Employer.Key));
crit = Expression.Or(crit1, crit2);
break;
}
}
else if (login is AssetManagerEmployeeLogin)
{
crit1 = Expression.Sql(string.Format("this_.AccountID IN (SELECT AccountID FROM vweInternalAccounts WHERE (ManagementCompanyID = {0}))", ((AssetManagerEmployeeLogin)login).Employer.Key));
crit2 = Expression.Sql(string.Format("this_.AccountID IN (SELECT TradingAccountID FROM ManagementCompanies WHERE (ManagementCompanyID = {0}))", ((AssetManagerEmployeeLogin)login).Employer.Key));
crit = Expression.Or(crit1, crit2);
}
else if (login is CustomerLogin)
{
// TODO -> Get Account from Customer, take AssetManager into account
crit = null;
}
}
else
throw new System.Security.Authentication.AuthenticationException("You are not a registered user");
if (crit != null)
{
if (expressions == null)
expressions = new List<ICriterion>();
expressions.Add(crit);
}
}
