///<summary>Checks to see if current user is authorized. It also checks any date restrictions. If not authorized, it gives a Message box saying so and returns false.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage)
{
if (Security.CurUser != null && GroupPermissions.HasPermission(Security.CurUser.UserGroupNum, perm))
{
if (GroupPermissions.PermTakesDates(perm))
{
DateTime dateLimit = GetDateLimit(perm, Security.CurUser.UserGroupNum);
if (date <= dateLimit) //not authorized
{
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n"
+ Lan.g("Security", "Date limitation"));
}
return(false);
}
return(true);
}
//doesn't take a date
return(true);
}
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm));
}
return(false);
}
private void treePermissions_DoubleClick(object sender, System.EventArgs e)
{
if (clickedPermNode == null)
{
return;
}
Permissions permType = (Permissions)clickedPermNode.Tag;
if (!GroupPermissions.PermTakesDates(permType))
{
return;
}
GroupPermission perm = GroupPermissions.GetPerm(SelectedGroupNum, (Permissions)clickedPermNode.Tag);
if (perm == null)
{
return;
}
FormGroupPermEdit FormG = new FormGroupPermEdit(perm);
FormG.ShowDialog();
if (FormG.DialogResult == DialogResult.Cancel)
{
return;
}
FillTreePerm();
changed = true;
}
///<summary>Allows users to edit the date locks on specific permissions.
///Does nothing if in ReadOnly mode or if more than one UserGroup is selected.</summary>
private void treePermissions_DoubleClick(object sender, System.EventArgs e)
{
if (ReadOnly || _listUserGroupNums.Count != 1)
{
return;
}
if (_clickedPermNode == null)
{
return;
}
Permissions permType = (Permissions)_clickedPermNode.Tag;
if (!GroupPermissions.PermTakesDates(permType))
{
return;
}
GroupPermission perm = GroupPermissions.GetPerm(_listUserGroupNums.First(), (Permissions)_clickedPermNode.Tag);
if (perm == null)
{
return;
}
//Call an event that bubbles back up to the calling Form. The event returns a dialog result so we know how to continue here.
DialogResult result = GroupPermissionChecked?.Invoke(sender, new SecurityEventArgs(perm)) ?? DialogResult.Cancel;
if (result == DialogResult.Cancel)
{
return;
}
FillTreePerm();
}
///<summary></summary>
public static void InsertOrUpdate(GroupPermission gp, bool isNew)
{
if (gp.NewerDate.Year > 1880 && gp.NewerDays > 0)
{
throw new Exception(Lan.g("GroupPermissions", "Date or days can be set, but not both."));
}
if (!GroupPermissions.PermTakesDates(gp.PermType))
{
if (gp.NewerDate.Year > 1880 || gp.NewerDays > 0)
{
throw new Exception(Lan.g("GroupPermissions", "This type of permission may not have a date or days set."));
}
}
if (isNew)
{
Insert(gp);
}
else
{
Update(gp);
}
}
///<summary>Checks to see if current user is authorized. It also checks any date restrictions. If not authorized, it gives a Message box saying so and returns false.</summary>
public static bool IsAuthorized(Permissions perm, DateTime date, bool suppressMessage)
{
if (Security.CurUser == null || !GroupPermissions.HasPermission(Security.CurUser.UserGroupNum, perm))
{
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n" + GroupPermissions.GetDesc(perm));
}
return(false);
}
if (perm == Permissions.AccountingCreate || perm == Permissions.AccountingEdit)
{
if (date <= PrefB.GetDate("AccountingLockDate"))
{
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Locked by Administrator."));
}
return(false);
}
}
if (!GroupPermissions.PermTakesDates(perm))
{
return(true);
}
DateTime dateLimit = GetDateLimit(perm, Security.CurUser.UserGroupNum);
if (date > dateLimit) //authorized
{
return(true);
}
if (!suppressMessage)
{
MessageBox.Show(Lan.g("Security", "Not authorized for") + "\r\n"
+ GroupPermissions.GetDesc(perm) + "\r\n" + Lan.g("Security", "Date limitation"));
}
return(false);
}
private void treePermissions_MouseDown(object sender, System.Windows.Forms.MouseEventArgs e)
{
clickedPermNode = treePermissions.GetNodeAt(e.X, e.Y);
if (clickedPermNode == null)
{
return;
}
//treePermissions.BeginUpdate();
if (clickedPermNode.Parent == null) //level 1
{
if (e.X < 5 || e.X > 17)
{
return;
}
}
else if (clickedPermNode.Parent.Parent == null) //level 2
{
if (e.X < 24 || e.X > 36)
{
return;
}
}
else if (clickedPermNode.Parent.Parent.Parent == null) //level 3
{
if (e.X < 43 || e.X > 55)
{
return;
}
}
if (clickedPermNode.ImageIndex == 1) //unchecked, so need to add a permission
{
GroupPermission perm = new GroupPermission();
perm.PermType = (Permissions)clickedPermNode.Tag;
perm.UserGroupNum = SelectedGroupNum;
if (GroupPermissions.PermTakesDates(perm.PermType))
{
FormGroupPermEdit FormG = new FormGroupPermEdit(perm);
FormG.IsNew = true;
FormG.ShowDialog();
if (FormG.DialogResult == DialogResult.Cancel)
{
treePermissions.EndUpdate();
return;
}
}
else
{
try{
GroupPermissions.InsertOrUpdate(perm, true);
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
}
else if (clickedPermNode.ImageIndex == 2) //checked, so need to delete the perm
{
try{
GroupPermissions.RemovePermission(SelectedGroupNum, (Permissions)clickedPermNode.Tag);
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
FillTreePerm();
changed = true;
}
///<summary>Toggles permissions based on the node the user has clicked.
///Will do nothing if in Read-Only mode or more than one usergroup is selected.</summary>
private void treePermissions_MouseDown(object sender, System.Windows.Forms.MouseEventArgs e)
{
if (ReadOnly || _listUserGroupNums.Count != 1)
{
return;
}
_clickedPermNode = treePermissions.GetNodeAt(e.X, e.Y);
if (_clickedPermNode == null)
{
return;
}
//Do nothing if the user didn't click on a check box.
if (_clickedPermNode.Parent == null) //level 1
{
if (e.X < 5 || e.X > 17)
{
return;
}
}
else if (_clickedPermNode.Parent.Parent == null) //level 2
{
if (e.X < 24 || e.X > 36)
{
return;
}
}
else if (_clickedPermNode.Parent.Parent.Parent == null) //level 3
{
if (e.X < 43 || e.X > 55)
{
return;
}
}
//User clicked on a check box. Do stuff.
if (_clickedPermNode.ImageIndex == 1) //unchecked, so need to add a permission
{
GroupPermission perm = new GroupPermission();
perm.PermType = (Permissions)_clickedPermNode.Tag;
perm.UserGroupNum = _listUserGroupNums.First();
if (GroupPermissions.PermTakesDates(perm.PermType))
{
perm.IsNew = true;
//Call an event that bubbles back up to the calling Form. The event returns a dialog result so we know how to continue here.
DialogResult result = GroupPermissionChecked?.Invoke(sender, new SecurityEventArgs(perm)) ?? DialogResult.Cancel;
if (result == DialogResult.Cancel)
{
treePermissions.EndUpdate();
return;
}
}
else if (perm.PermType == Permissions.Reports) //Reports permission is being checked.
//Call an event that bubbles back up to the calling Form. The event returns a dialog result so we know how to continue here.
{
DialogResult result = ReportPermissionChecked?.Invoke(sender, new SecurityEventArgs(perm)) ?? DialogResult.Cancel;
if (result == DialogResult.Cancel)
{
treePermissions.EndUpdate();
return;
}
}
else
{
try {
GroupPermissions.Insert(perm);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + perm.PermType + "' granted to '"
+ UserGroups.GetGroup(perm.UserGroupNum).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
if (perm.PermType.In(Permissions.ProcComplEdit, Permissions.ProcExistingEdit))
{
//Adding ProcComplEdit full, so add ProcComplEditlimited too.
//Do the same for EO and EC procs
GroupPermission permLimited = GroupPermissions.GetPerm(_listUserGroupNums.First(), Permissions.ProcComplEditLimited);
if (permLimited == null)
{
GroupPermissions.RefreshCache(); //refresh NewerDays/Date to add the same for ProcComplEditLimited
perm = GroupPermissions.GetPerm(_listUserGroupNums.First(), perm.PermType);
permLimited = new GroupPermission();
permLimited.NewerDate = perm.NewerDate;
permLimited.NewerDays = perm.NewerDays;
permLimited.UserGroupNum = perm.UserGroupNum;
permLimited.PermType = Permissions.ProcComplEditLimited;
try {
GroupPermissions.Insert(permLimited);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + perm.PermType + "' granted to '"
+ UserGroups.GetGroup(perm.UserGroupNum).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
}
}
else if (_clickedPermNode.ImageIndex == 2) //checked, so need to delete the perm
{
try {
GroupPermissions.RemovePermission(_listUserGroupNums.First(), (Permissions)_clickedPermNode.Tag);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + _clickedPermNode.Tag + "' revoked from '"
+ UserGroups.GetGroup(_listUserGroupNums.First()).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
if ((Permissions)_clickedPermNode.Tag == Permissions.ProcComplEditLimited)
{
//Deselecting ProcComplEditLimted, deselect ProcComplEdit and ProcExistingEdit permissions if present.
List <Permissions> listPermissions = new List <Permissions>();
if (GroupPermissions.HasPermission(_listUserGroupNums.First(), Permissions.ProcComplEdit, 0))
{
listPermissions.Add(Permissions.ProcComplEdit);
}
if (GroupPermissions.HasPermission(_listUserGroupNums.First(), Permissions.ProcExistingEdit, 0))
{
listPermissions.Add(Permissions.ProcExistingEdit);
}
listPermissions.ForEach(x => {
try {
GroupPermissions.RemovePermission(_listUserGroupNums.First(), x);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + _clickedPermNode.Tag + "' revoked from '"
+ UserGroups.GetGroup(_listUserGroupNums.First()).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
});
}
}
else if (_clickedPermNode.ImageIndex == 3) //Partially checked (currently only applies to Reports permission)
{
try {
GroupPermissions.RemovePermission(_listUserGroupNums.First(), (Permissions)_clickedPermNode.Tag);
SecurityLogs.MakeLogEntry(Permissions.SecurityAdmin, 0, "Permission '" + _clickedPermNode.Tag + "' revoked from '"
+ UserGroups.GetGroup(_listUserGroupNums.First()).Description + "'");
}
catch (Exception ex) {
MessageBox.Show(ex.Message);
return;
}
}
if ((Permissions)_clickedPermNode.Tag == Permissions.AccountProcsQuickAdd)
{
string programName = PrefC.GetString(PrefName.SoftwareName);
MsgBox.Show(this, programName + " needs to be restarted on workstations before the changes will take place.");
}
FillTreePerm();
}