private IQueryable <Project> Filter(UserSessionModel currentUser, IQueryable <Project> query, Filter filter) { if (filter != null) { var rootFilters = filter.Filters; var rootLogic = filter.Logic; var rootFilterName = filter.Name; if (rootFilters != null && rootLogic == "and") { query = ProcessFilterItemsAnd(query, rootFilters); } else if (rootFilters != null && rootLogic == "or" && rootFilterName != "search")// A or B --- (PairFilter) { query = ProcessPairFilterOr(query, rootFilters); } else if (rootFilters != null && rootLogic == "or" && rootFilterName == "search") // A or B --- (PairFilter) { query = ProcessSearchProjectFilter(query, rootFilters); // Project Search Box Filter } } if (!currentUser.HasAccess(SystemAccessEnum.RequestCommission) && !currentUser.HasAccess(SystemAccessEnum.ViewRequestedCommission) && !currentUser.HasAccess(SystemAccessEnum.ApprovedRequestCommission)) { query = query.Where(p => p.Quotes.Any(a => a.Active == true && a.IsCommission == false)); } return(query); }
private IQueryable <Project> QueryProjectsExportViewableByUser(UserSessionModel user, ProjectExportParameter exportParam = null) { IQueryable <Project> query; if (user == null) { query = this.Projects; } else { // Does user have rights to see projects in his/her own group ? bool inclusive = user.HasAccess(SystemAccessEnum.ViewProjectsInGroup); query = from project in this.Projects join owner in this.Context.Users on project.OwnerId equals owner.UserId join groups in this.QueryGroupsViewableBelowByGroupId(user.GroupId.Value, inclusive) on owner.GroupId equals groups.GroupId into Lg from groups in Lg.DefaultIfEmpty() // Return any in group tree or the users own projects where (owner.GroupId == groups.GroupId) || project.OwnerId == user.UserId select project; // Get al projects which have been transferred var transfersQuery = from project in this.Projects join transfers in this.Context.ProjectTransfers on new { user.UserId, project.ProjectId } equals new { transfers.UserId, transfers.ProjectId } select project; // join the two query = query.Union(transfersQuery); bool removeDeletedProjects = false; //if user cannot see deleted projects to start with, filter them out if (!user.HasAccess(SystemAccessEnum.UndeleteProject)) { removeDeletedProjects = true; } else { //I have permission, and a search project, and I chose to NOT show deleted projects if (exportParam != null && exportParam.ShowDeletedProjects == false) { removeDeletedProjects = true; } } if (removeDeletedProjects) { query = query.Where(p => p.Deleted == false); } } return(query); }
//################################################################ // View all unallocated users under the users grouping tree //################################################################ public IQueryable <User> QueryUnallocatedUsersViewableByUser(UserSessionModel user) { IQueryable <User> query; if (user.UserTypeId >= UserTypeEnum.DaikinSuperUser) { query = from unallocated in this.Users where unallocated.GroupId == 0 select unallocated; } else { query = //get all business in the group tree for user from g in this.QueryGroupsViewableBelowByGroupId(user.GroupId.Value, true) join u in this.Users on g.GroupId equals u.GroupId join b in this.Businesses on u.BusinessId equals b.BusinessId join unallocated in this.Users on b.BusinessId equals unallocated.BusinessId where unallocated.GroupId == 0 select unallocated; if (user.HasAccess(SystemAccessEnum.AdminAccessRights)) { query = query.Where(u => u.UserTypeId <= user.UserTypeId); } else { query = query.Where(u => u.UserTypeId < user.UserTypeId); } } return(query.Distinct()); }
public IQueryable <UserType> GetUserTypes(UserSessionModel admin) { if (admin.HasAccess(SystemAccessEnum.AdminAccessRights)) { return(from a in this.UserTypes where a.UserTypeId <= admin.UserTypeId select a); } else { return(from a in this.UserTypes where a.UserTypeId < admin.UserTypeId select a); } }
public IQueryable <Quote> QueryQuoteViewableByQuoteId(UserSessionModel admin, long?quoteId) { var query = this.QueryQuotesViewableByUser(admin).Where(u => u.QuoteId == quoteId); if (!admin.HasAccess(SystemAccessEnum.UndeleteProject)) { query = query.Where(p => p.Deleted == false); } return(query); }
private bool IsUserParentOwner(UserSessionModel user, long groupId) { var inclusive = user.HasAccess(SystemAccessEnum.AdminAccessRights); var result = Db.QueryGroupParentOwnersByGroupId(groupId, inclusive).Any(g => g.UserId == user.UserId); // We are also owner if we have owner access if (result == false) { } return(result); }
public DropDownModel DropDownModelProjectDarComStatusTypes(UserSessionModel admin, ProjectDarComStatusTypeEnum?selectedId) { DPO.Common.Models.Project.ProjectDarComTypesModel projectDarComTypeModel = new DPO.Common.Models.Project.ProjectDarComTypesModel(); IEnumerable <ProjectDarComStatusTypeEnum> ProjectDarComTypes = Enum.GetValues(typeof(ProjectDarComStatusTypeEnum)) .Cast <ProjectDarComStatusTypeEnum>(); IEnumerable <DropDownItem> result = null; var hasCommission = admin.HasAccess(SystemAccessEnum.RequestCommission) || admin.HasAccess(SystemAccessEnum.ApprovedRequestCommission) || admin.HasAccess(SystemAccessEnum.ViewRequestedCommission); var hasDiscountRequest = admin.HasAccess(SystemAccessEnum.RequestDiscounts) || admin.HasAccess(SystemAccessEnum.ApproveDiscounts) || admin.HasAccess(SystemAccessEnum.ViewDiscountRequest); if (hasCommission && !hasDiscountRequest) { result = from type in ProjectDarComTypes where ((int)type == 2 || (int)type == 0) select new DropDownItem { //ValueLong = (int)type, Value = ((int)type).ToString(), Text = type.ToString() }; } if (hasDiscountRequest && !hasCommission) { result = from type in ProjectDarComTypes where ((int)type == 1 || (int)type == 0) select new DropDownItem { //ValueLong = (int)type, Value = ((int)type).ToString(), Text = type.ToString() }; } if (hasDiscountRequest && hasCommission) { result = from type in ProjectDarComTypes select new DropDownItem { // ValueLong = (int)type, Value = ((int)type).ToString(), Text = type.ToString() }; } //model.ProjectDarComTypes = projectDarComTypeModel; return(DropDown(result, (int?)selectedId)); }
public IQueryable <User> QueryUsersViewableByProjectSearch(UserSessionModel admin, SearchUser search, bool includeUnallocated, bool includeCurrentUser = false) { IQueryable <User> query = null; // log if (admin == null || admin.UserId == 0 || admin.UserTypeId == UserTypeEnum.Systems) { query = this.Users; } else { query = from u in this.Users join g in this.QueryGroupsViewableBelowByGroupId(admin.GroupId.Value, true) on u.GroupId equals g.GroupId select u; if (!admin.HasAccess(SystemAccessEnum.ViewProjectsInGroup)) { query = query.Where(u => u.UserId == admin.UserId); } if (includeUnallocated) { query = (from u in query select u) .Union (from u in QueryUnallocatedUsersViewableByUser(admin) select u); } } query = Filter(query, search); if (search != null && search.ReturnTotals) { search.TotalRecords = query.Count(); } query = Sort(query, search); if (!includeCurrentUser) { query = query.Where(u => u.UserId != admin.UserId); } query = Paging(admin, query, search); // Must be Last return(query); }
private IQueryable <Quote> QueryQuotesViewableByUser(UserSessionModel user) { IQueryable <Quote> query; if (user == null) { query = this.Quotes; } else { query = from quote in this.Quotes join project in this.QueryProjectsViewableByUser(user) on quote.ProjectId equals project.ProjectId select quote; } if (!user.HasAccess(SystemAccessEnum.UndeleteProject)) { query = query.Where(q => q.Deleted == false); } return(query); }
public ServiceResponse GetDefaultPageUrl(UserSessionModel user, string selectedLink = "") { this.Response = new ServiceResponse(); //string url = "/Projectdashboard/Overview"; string url = "/v2/#/home"; if (selectedLink == null) { selectedLink = String.Empty; } if (user == null || !user.Enabled || user.UserId == 0) { url = "/Account/Login"; } //else if (!user.HasAccess(SystemAccessEnum.ViewProject) // && (selectedLink.ToLower().Contains("projectdashboard/projects") // || selectedLink.ToLower().Contains("projectdashboard/overview") // || String.IsNullOrEmpty(selectedLink))) //{ // url = "/ProjectDashboard/Tools"; //} else if (!user.HasAccess(SystemAccessEnum.ViewProject) && (selectedLink.ToLower().Contains("/v2/#/projects") || selectedLink.ToLower().Contains("projectdashboard/overview") || String.IsNullOrEmpty(selectedLink))) { url = "/ProjectDashboard/Tools"; } else if (!String.IsNullOrWhiteSpace(selectedLink)) { url = selectedLink; } this.Response.Model = url; return(this.Response); }
//################################################################ // Get all users linked to groups under the user //################################################################ public IQueryable <User> QueryUsersViewableByUser(UserSessionModel user, bool includeUnallocated) { IQueryable <User> query = null; // log if (user == null || user.UserId == 0 || user.UserTypeId == UserTypeEnum.Systems) { query = this.Users; } else { query = from u in this.Users join g in this.QueryGroupsViewableBelowByGroupId(user.GroupId.Value) on u.GroupId equals g.GroupId select u; if (user.HasAccess(SystemAccessEnum.AdminAccessRights)) { query = query.Where(u => u.UserTypeId <= user.UserTypeId); } else { query = query.Where(u => u.UserTypeId < user.UserTypeId); } query = query.Where(u => u.GroupId != user.GroupId); if (includeUnallocated) { query = (from u in query select u) .Union (from u in QueryUnallocatedUsersViewableByUser(user) select u); } } return(query); }
// ################################################# // Rules to calculate the actual project total // ################################################# private void RulesCommon(UserSessionModel admin, User user) { if (!user.IsRegistering) { var passSecurity = (admin.HasAccess(SystemAccessEnum.AdminAccessRights) && admin.UserTypeId >= user.UserTypeId); passSecurity = passSecurity || (admin.UserTypeId > user.UserTypeId && admin.UserId != user.UserId); if (!passSecurity) { this.Response.Messages.AddError("", Resources.DataMessages.DM005); } // if you are managing your own account these values should not change if (!admin.HasAccess(SystemAccessEnum.AdminAccessRights) && user.UserId == admin.UserId && (Entry.HasChanged("UserTypeId") || Entry.HasChanged("BusinessId"))) { this.Response.Messages.AddError("", Resources.SystemMessages.SM007); } } if (user.Approved && Entry.HasChanged("Approved")) { user.ApprovedOn = DateTime.UtcNow; user.Enabled = true; user.Rejected = false; } if (user.Rejected && Entry.HasChanged("Rejected")) { user.Enabled = false; user.Approved = false; } // Make sure email is unique if (Entry.HasChanged("Email") && Db.IsUser(user.Email)) { this.Response.Messages.AddError("Email", ResourceModelUser.MU001); } // Make sure access level is set for the user if not registering and not rejected if (!user.IsRegistering && user.Rejected == false && user.UserTypeId == UserTypeEnum.NotSet) { if (user.UserTypeId == UserTypeEnum.NotSet) { this.Response.Messages.AddError("UserTypeId", ResourceModelUser.MU015); } } // Validate that the business they are registering under is enabled if it was looked up if (user.IsRegistering && user.Business != null && !string.IsNullOrEmpty(user.Business.DaikinCityId) && !user.Business.Enabled) { this.Response.Messages.AddError(ResourceModelUser.MU023); } if (user.Business != null) { businessService.BeginPropertyReference(this, "Business"); businessService.ApplyBusinessRules(admin, user.Business); businessService.EndPropertyReference(); } if (user.Contact != null) { contactService.BeginPropertyReference(this, "Contact"); contactService.RulesOnEdit(admin, user.Contact); contactService.EndPropertyReference(); } if (user.Address != null) { addressService.BeginPropertyReference(this, "Address"); addressService.RulesOnEdit(admin, user.Address); addressService.EndPropertyReference(); } if (user.BusinessId != null && this.Response.IsOK && Entry.HasChanged("BusinessId")) { Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.Business.BusinessTypeId, EntityEnum.User, user.UserId, PermissionTypeEnum.Brand); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.Business.BusinessTypeId, EntityEnum.User, user.UserId, PermissionTypeEnum.CityArea); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.Business.BusinessTypeId, EntityEnum.User, user.UserId, PermissionTypeEnum.ProductFamily); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.Business.BusinessTypeId, EntityEnum.User, user.UserId, PermissionTypeEnum.Tool); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.BusinessId, EntityEnum.User, user.UserId, PermissionTypeEnum.Brand); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.BusinessId, EntityEnum.User, user.UserId, PermissionTypeEnum.CityArea); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.BusinessId, EntityEnum.User, user.UserId, PermissionTypeEnum.ProductFamily); Db.ReplacePermissions(EntityEnum.BusinessType, (long)user.BusinessId, EntityEnum.User, user.UserId, PermissionTypeEnum.Tool); this.Response.AddSuccess("User product and tool permissions set to the default settings."); if (user.Business.BusinessTypeId == BusinessTypeEnum.Daikin || user.Business.BusinessTypeId == BusinessTypeEnum.ManufacturerRep || user.Business.BusinessTypeId == BusinessTypeEnum.Distributor) { user.ShowPricing = true; } else { user.ShowPricing = false; } this.Response.AddSuccess("Show prices has been set to the default setting."); } if (user.BusinessId != null && this.Response.IsOK && Entry.HasChanged("UserTypeId")) { Db.ReplacePermissions(EntityEnum.UserType, (long)user.UserTypeId, EntityEnum.User, user.UserId, PermissionTypeEnum.SystemAccess); var permissionsToRemove = this.Db.GetPermissionList(user.UserId).Select(p => p) .Where(p => p.PermissionTypeId == PermissionTypeEnum.SystemAccess) .ToList(); var permissionsToAdd = this.Db.GetPermissionList((long)user.UserTypeId) .Where(p => p.PermissionTypeId == PermissionTypeEnum.SystemAccess) .Select(p => new { permissionId = p.PermissionId, referenceId = p.ReferenceId, referenceEntityId = p.ReferenceEntityId }).ToList(); var newPermissions = this.Db.GetPermissionList((long)user.UserTypeId) .Where(p => p.PermissionTypeId == PermissionTypeEnum.SystemAccess) .ToList(); Db.UpdatePermissionAudit(EntityEnum.UserType, user, newPermissions, PermissionTypeEnum.SystemAccess, admin, permissionsToRemove); this.Response.AddSuccess("User system access permissions set to the default settings."); } }
// ################################################# // Rules to calculate the actual project total // ################################################# private void RulesCommon(UserSessionModel admin, User user) { if (!user.IsRegistering) { var passSecurity = (admin.HasAccess(SystemAccessEnum.AdminAccessRights) && admin.UserTypeId >= user.UserTypeId); passSecurity = passSecurity || (admin.UserTypeId > user.UserTypeId && admin.UserId != user.UserId); if (!passSecurity) { this.Response.Messages.AddError("", Resources.DataMessages.DM005); } // if you are managing your own account these values should not change if (!admin.HasAccess(SystemAccessEnum.AdminAccessRights) && user.UserId == admin.UserId && (Entry.HasChanged("UserTypeId") || Entry.HasChanged("BusinessId"))) { this.Response.Messages.AddError("", Resources.SystemMessages.SM007); } } if (user.Approved && Entry.HasChanged("Approved")) { user.ApprovedOn = DateTime.UtcNow; user.Enabled = true; user.Rejected = false; } if (user.Rejected && Entry.HasChanged("Rejected")) { user.Enabled = false; user.Approved = false; } // Make sure email is unique if (Entry.HasChanged("Email") && Db.IsUser(user.Email)) { this.Response.Messages.AddError("Email", ResourceModelUser.MU001); } // Make sure access level is set for the user if not registering and not rejected if (!user.IsRegistering && user.Rejected == false && user.UserTypeId == UserTypeEnum.NotSet) { if (user.UserTypeId == UserTypeEnum.NotSet) { this.Response.Messages.AddError("UserTypeId", ResourceModelUser.MU015); } } if (user.Business != null) { new BusinessServices(this, "Business").ApplyBusinessRules(admin, user.Business); this.Response.PropertyReference = ""; } if (user.Contact != null) { new ContactServices(this, "Contact").RulesOnEdit(admin, user.Contact); this.Response.PropertyReference = ""; } if (user.Address != null) { new AddressServices(this, "Address").RulesOnEdit(admin, user.Address); this.Response.PropertyReference = ""; } if (user.BusinessId != null && this.Response.IsOK && Entry.HasChanged("BusinessId")) { Db.ReplacePermissions((long)user.BusinessId, user.UserId, PermissionTypeEnum.Brand); Db.ReplacePermissions((long)user.BusinessId, user.UserId, PermissionTypeEnum.CityArea); Db.ReplacePermissions((long)user.BusinessId, user.UserId, PermissionTypeEnum.ProductFamily); Db.ReplacePermissions((long)user.BusinessId, user.UserId, PermissionTypeEnum.Tool); this.Response.AddSuccess("User product and tool permissions set to the default settings."); if (user.Business.BusinessTypeId == BusinessTypeEnum.Daikin || user.Business.BusinessTypeId == BusinessTypeEnum.ManufacturerRep || user.Business.BusinessTypeId == BusinessTypeEnum.Distributor) { user.ShowPricing = true; } else { user.ShowPricing = false; } this.Response.AddSuccess("Show prices has been set to the default setting."); } if (user.BusinessId != null && this.Response.IsOK && Entry.HasChanged("UserTypeId")) { Db.ReplacePermissions((long)user.UserTypeId, user.UserId, PermissionTypeEnum.SystemAccess); this.Response.AddSuccess("User system access permissions set to the default settings."); } //modify by aaraon ////if ( user.BusinessId != null && this.Response.IsOK ) ////{ //// Db.ReplacePermissions((long)user.UserTypeId, user.UserId, PermissionTypeEnum.SystemAccess); //// this.Response.AddSuccess("User system access permission set to the default settings"); ////} }