private void CheckCompleted()
{
if (!ToDo.CanRead(ToDoID) && Security.CurrentUser.IsExternal)
{
Response.Redirect("~/External/MissingObject.aspx");
}
}
private static bool CheckRights(SystemEventTypes eventType, ObjectTypes objectType, ObjectTypes relObjectType, int?objectId, int?relObjectId, Guid?objectUid, int userId)
{
// если нужна дополнительная проверка в зависимости от типа события, то её нужно делать здесь
bool retval = false;
if (relObjectType == ObjectTypes.File_FileStorage && relObjectId != null)
{
FileInfo fileInfo = null;
//Получаем оригинальный файл
using (IDataReader reader = Mediachase.IBN.Database.ControlSystem.DBFile.GetById(0, relObjectId.Value))
{
if (reader.Read())
{
fileInfo = new Mediachase.IBN.Business.ControlSystem.FileInfo(reader);
}
}
if (fileInfo != null)
{
return(CheckFileStorageRight(fileInfo, "Read", userId));
}
}
switch (objectType)
{
case ObjectTypes.ToDo:
retval = ToDo.CanRead(objectId.Value, userId);
break;
case ObjectTypes.CalendarEntry:
retval = CalendarEntry.CanRead(objectId.Value, userId);
break;
case ObjectTypes.Document:
retval = Document.CanRead(objectId.Value, userId);
break;
case ObjectTypes.Issue:
retval = Incident.CanRead(objectId.Value, userId);
break;
case ObjectTypes.List:
retval = ListInfoBus.CanRead(objectId.Value, userId);
break;
case ObjectTypes.Project:
retval = Project.CanRead(objectId.Value, userId);
break;
case ObjectTypes.Task:
retval = Task.CanRead(objectId.Value, userId);
break;
case ObjectTypes.IssueRequest:
retval = IssueRequest.CanUse(userId);
break;
case ObjectTypes.User:
retval = Security.IsUserInGroup(userId, InternalSecureGroups.Administrator);
break;
case ObjectTypes.Assignment:
AssignmentEntity entity = (AssignmentEntity)BusinessManager.Load(AssignmentEntity.ClassName, (PrimaryKeyId)objectUid);
if (entity != null && entity.OwnerDocumentId.HasValue)
{
retval = Document.CanRead(entity.OwnerDocumentId.Value, userId);
}
break;
default:
// Для остальных временно разрешаем любой доступ
retval = true;
break;
}
return(retval);
}
