Menu
▾
▴
[tcdb-devel] SF.net SVN: tcdb: [275] Website
|
From: <ro...@us...> - 2006-08-05 19:00:42
|
Revision: 275 Author: rouquin Date: 2006-08-05 12:00:23 -0700 (Sat, 05 Aug 2006) ViewCVS: http://svn.sourceforge.net/tcdb/?rev=275&view=rev Log Message: ----------- Fixed some bugs with assignments & action items that I came across. Added rights enforcement to roleAdmin and Roles. Added for functionality into dev_access right. Modified Paths: -------------- Website/Administration.aspx Website/App_Code/Common.cs Website/App_Code/Right.cs Website/App_Code/SiteUserControl.cs Website/App_Code/Users.cs Website/Includes/ActionItems.ascx.cs Website/Includes/Assignments.ascx.cs Website/Includes/AssignmentsTree.ascx Website/Includes/AssignmentsTree.ascx.cs Website/Includes/Rights.ascx Website/Includes/Rights.ascx.cs Website/Includes/RoleAdmin.ascx Website/Includes/RoleAdmin.ascx.cs Website/Includes/Roles.ascx Website/Includes/Roles.ascx.cs Website/Includes/UserSettings.ascx.cs Added Paths: ----------- Website/Includes/Administration.ascx Website/Includes/Administration.ascx.cs Modified: Website/Administration.aspx =================================================================== --- Website/Administration.aspx 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Administration.aspx 2006-08-05 19:00:23 UTC (rev 275) @@ -2,7 +2,6 @@ <%@ Register Src="~/Includes/AdministrationTree.ascx" TagPrefix="admin" TagName="Tree" %> <%@ Register Src="~/Includes/Administration.ascx" TagPrefix="admin" TagName="Nav" %> - <asp:Content ID="TreeContent" ContentPlaceHolderID="TreeContentPlaceHolder" runat="Server"> <admin:Tree runat="server" ID="Tree" /> </asp:Content> Modified: Website/App_Code/Common.cs =================================================================== --- Website/App_Code/Common.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/App_Code/Common.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -1247,8 +1247,7 @@ public static int ANONYMOUSUSERID = 1; public static int PRODUCT_SITEID = 1; public static int PRODUCT_ANYID = -1; - public static int PRODUCT_MINE = -2; - public static int PRODUCT_CREATED = -3; + public static int PRODUCT_CREATED = -2; public static string CODE_USER = "u"; Modified: Website/App_Code/Right.cs =================================================================== --- Website/App_Code/Right.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/App_Code/Right.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -143,6 +143,29 @@ return null; } + public static List<String> TCDB_GetUserRoles(int productID, int userID) + { + tcdbDataSetTableAdapters.db_roleUserProductTableAdapter userRoleAdapter = new tcdbDataSetTableAdapters.db_roleUserProductTableAdapter(); + tcdbDataSet.db_roleUserProductDataTable userRoleTable = userRoleAdapter.GetData(userID, productID, true); + List<String> roleList = new List<String>(); + + foreach (tcdbDataSet.db_roleUserProductRow row in userRoleTable) + roleList.Add(row.roleName); + + return roleList; + } + public static Role TCDB_GetUserRoles(int productID, int userID, String roleName) + { + tcdbDataSetTableAdapters.db_roleUserProductTableAdapter userRoleAdapter = new tcdbDataSetTableAdapters.db_roleUserProductTableAdapter(); + tcdbDataSet.db_roleUserProductDataTable userRoleTable = userRoleAdapter.GetData(userID, productID, true); + + foreach (tcdbDataSet.db_roleUserProductRow row in userRoleTable) + if (row.roleName == roleName) + return GetRoleInfo(row.roleID); + + return null; + } + public static bool TCDB_SaveRight(Right right) { tcdbDataSetTableAdapters.db_rightsTableAdapter rightsAdapter = new tcdbDataSetTableAdapters.db_rightsTableAdapter(); @@ -158,6 +181,22 @@ return true; } + + public static bool TCDB_SaveRole(Role role) + { + tcdbDataSetTableAdapters.db_roleTableAdapter roleAdapter = new tcdbDataSetTableAdapters.db_roleTableAdapter(); + try + { + roleAdapter.Insert(role.NAME, role.DESCRIPTION); + } + catch (Exception e) + { + m_logg.Error(e.Message); + return false; + } + + return true; + } } /// <summary> Modified: Website/App_Code/SiteUserControl.cs =================================================================== --- Website/App_Code/SiteUserControl.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/App_Code/SiteUserControl.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -16,6 +16,7 @@ /// </summary> public class SiteUserControl : System.Web.UI.UserControl { + protected static Nullable<bool> active = true; protected static User m_user = null; protected static DateTime m_startTime = DateTime.Now; private static ILog m_logg = LogManager.GetLogger("TCDB.Master"); @@ -26,5 +27,16 @@ m_user = ((SiteMaster)(this.Page.Master)).LoadSessionUser(); m_startTime = ((SiteMaster)(this.Page.Master)).LoadStartTime(); + + if (m_user.HasRight("dev_access")) + { + active = null; + Session["active"] = null; + } + else + { + active = true; + Session["active"] = true; + } } } Modified: Website/App_Code/Users.cs =================================================================== --- Website/App_Code/Users.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/App_Code/Users.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -276,7 +276,8 @@ private bool p_isNew; private string p_password; private List<Assignment> p_assignments; - private Dictionary<int,List<String> > p_rights; + private Dictionary<int, List<String> > p_rights; + private Dictionary<int, List<String> > p_roles; /* TODO: Implement these as the time is right private List<Feature> p_features; private List<Assignment> p_assignmentsCreated; @@ -318,6 +319,7 @@ p_assignments = null; p_password = ""; p_rights = new Dictionary<int, List<String> >(); + p_roles = new Dictionary<int, List<String>>(); } private void BuildUser(User user) @@ -345,7 +347,8 @@ //p_assignments = user.GetAssignments(false, Constants.ASSIGNMENT_FINISHEDANDUNFINISHED); } p_assignments = null; - p_rights = new Dictionary<int, List<String>>(); + p_rights = new Dictionary<int, List<String>>(); + p_roles = new Dictionary<int, List<String>>(); } public int ID @@ -429,12 +432,17 @@ { return p_username.Trim(); } + + public void ClearRights() + { + p_rights = new Dictionary<int, List<String>>(); + p_roles = new Dictionary<int, List<String>>(); + } public bool HasRight(string right) { return HasRight(right, Constants.PRODUCT_SITEID); } - public bool HasRight(string right, int productID) { // Any product @@ -466,12 +474,41 @@ return false; } + public bool HasRight(string right, User user, int productID) + { + // Any product + if (productID == Constants.PRODUCT_ANYID) + { + List<Product> products = ProductDB.GetProductList(true); + foreach (Product product in products) + { + if (user.HasRights(product.ID) && HasRight(right, product.ID)) + return true; + } + return false; + } + // Specified product + if (!p_rights.ContainsKey(productID)) + p_rights[productID] = RightDB.TCDB_GetUserRights(productID, p_id); + if (user.HasRights(productID) && p_rights[productID].Contains(right)) + return true; + + // Site rights? + if (productID != Constants.PRODUCT_SITEID) + { + if (!p_rights.ContainsKey(Constants.PRODUCT_SITEID)) + p_rights[Constants.PRODUCT_SITEID] = RightDB.TCDB_GetUserRights(Constants.PRODUCT_SITEID, p_id); + if (user.HasRights(Constants.PRODUCT_SITEID) && p_rights[Constants.PRODUCT_SITEID].Contains(right)) + return true; + } + + return false; + } public static bool HasRight(int userID, string right, int productID) { return (RightDB.TCDB_GetUserRight(productID, userID, right) != null); } - public bool HasRights(int productID) { // Any product @@ -494,7 +531,6 @@ return false; } - public static bool HasRights(int userID, int productID) { return (RightDB.TCDB_GetUserRights(productID, userID).Count > 0); @@ -510,7 +546,72 @@ if (rTable.Count > 0) rupAdapter.ins_userRoleProduct(p_id, rTable[0].roleID, productID); } + public bool HasRole(string role) + { + return HasRole(role, Constants.PRODUCT_SITEID); + } + public bool HasRole(string role, int productID) + { + // Any product + if (productID == Constants.PRODUCT_ANYID) + { + List<Product> products = ProductDB.GetProductList(true); + foreach (Product product in products) + { + if (HasRole(role, product.ID)) + return true; + } + return false; + } + // Specified product + if (!p_roles.ContainsKey(productID)) + p_roles[productID] = RightDB.TCDB_GetUserRoles(productID, p_id); + if (p_roles[productID].Contains(role)) + return true; + + // Site rights? + if (productID != Constants.PRODUCT_SITEID) + { + if (!p_roles.ContainsKey(Constants.PRODUCT_SITEID)) + p_roles[Constants.PRODUCT_SITEID] = RightDB.TCDB_GetUserRoles(Constants.PRODUCT_SITEID, p_id); + if (p_roles[Constants.PRODUCT_SITEID].Contains(role)) + return true; + } + + return false; + } + public static bool HasRole(int userID, string role, int productID) + { + return (RightDB.TCDB_GetUserRoles(productID, userID, role) != null); + } + public bool HasRoles(int productID) + { + // Any product + if (productID == Constants.PRODUCT_ANYID) + { + List<Product> products = ProductDB.GetProductList(true); + foreach (Product product in products) + { + if (HasRoles(product.ID)) + return true; + } + return false; + } + + if (!p_roles.ContainsKey(productID)) + p_roles[productID] = RightDB.TCDB_GetUserRoles(productID, p_id); + + if (p_roles[productID].Count > 0) + return true; + + return false; + } + public static bool HasRoles(int userID, int productID) + { + return (RightDB.TCDB_GetUserRoles(productID, userID).Count > 0); + } + public List<Assignment> GetAssignments(bool reload, int statusFilter) { // TODO: This list needs to be able to reflect filters! Modified: Website/Includes/ActionItems.ascx.cs =================================================================== --- Website/Includes/ActionItems.ascx.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/ActionItems.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -399,11 +399,16 @@ protected void assignedTo_Init(object sender, EventArgs e) { DropDownList assignedTo = (DropDownList)sender; + if (ai == null) ai = ActionItemDB.GetActionItem(Convert.ToInt32(item_id)); - if (!m_user.HasRight("create_other_ai", Constants.PRODUCT_ANYID)) + if (!(ActionItemsView.CurrentMode == FormViewMode.Insert && m_user.HasRight("create_other_ai", Constants.PRODUCT_ANYID)) && + !(ActionItemsView.CurrentMode == FormViewMode.Edit && m_user.HasRight("reassign_other_ai", ai.CREATOR, Constants.PRODUCT_ANYID))) { assignedTo.Enabled = false; - assignedTo.Items.Add(new ListItem(m_user.FULLNAME, m_user.ID.ToString())); + if (ActionItemsView.CurrentMode == FormViewMode.Edit) + assignedTo.Items.Add(new ListItem(ai.ASSIGNED.FULLNAME, ai.ASSIGNED.ID.ToString())); + else + assignedTo.Items.Add(new ListItem(m_user.FULLNAME, m_user.ID.ToString())); } else { @@ -415,7 +420,8 @@ foreach (tcdbDataSet.db_productsRow pRow in pTable) { - if (m_user.HasRight("create_other_ai",pRow.productID)) + if ((ActionItemsView.CurrentMode == FormViewMode.Insert && m_user.HasRight("create_other_ai", pRow.productID)) || + (ActionItemsView.CurrentMode == FormViewMode.Edit && m_user.HasRight("reassign_other_ai", ai.CREATOR, pRow.productID))) { tcdbDataSet.db_roleProductUserDataTable rpuTable = rpuAdapter.GetData(null, pRow.productID, true); @@ -425,7 +431,7 @@ if (lastID == rpuRow.userID) continue; lastID = rpuRow.userID; - + assignedTo.Items.Add(new ListItem(rpuRow.fullName, rpuRow.userID.ToString())); } } Added: Website/Includes/Administration.ascx =================================================================== --- Website/Includes/Administration.ascx (rev 0) +++ Website/Includes/Administration.ascx 2006-08-05 19:00:23 UTC (rev 275) @@ -0,0 +1,13 @@ +<%@ Control Language="C#" AutoEventWireup="true" CodeFile="Administration.ascx.cs" Inherits="Administration" %> + +<div class="pictureMenu"> + <asp:LinkButton ID="newProduct" runat="server" PostBackUrl="~/Product.aspx?mode=new" OnInit="newProduct_Init">New Product</asp:LinkButton> + <div class="button"> + <asp:LinkButton ID="newUser" runat="server" PostBackUrl="~/UserSettings.aspx?mode=new" OnInit="newUser_Init" > + <asp:Image ID="newUserIcon" runat="server" SkinID="newUserImage" AlternateText="New User" />New + User</asp:LinkButton></div> + <div class="button"> + <asp:LinkButton ID="userRole" runat="server" PostBackUrl="~/AdminRole.aspx" OnInit="userRole_Init"> + <asp:Image ID="userRoleIcon" runat="server" SkinID="userRoleImage" AlternateText="User Roles" />User + Roles</asp:LinkButton></div> + </div> Added: Website/Includes/Administration.ascx.cs =================================================================== --- Website/Includes/Administration.ascx.cs (rev 0) +++ Website/Includes/Administration.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -0,0 +1,46 @@ +using System; +using System.Data; +using System.Configuration; +using System.Web; +using System.Web.Security; +using System.Web.UI; +using System.Web.UI.WebControls; +using System.Web.UI.WebControls.WebParts; +using System.Web.UI.HtmlControls; +using System.Collections.Generic; +using TCDB.Assignments; +using TCDB.Common; +using TCDB.Products; +using TCDB.Users; +using log4net; + +public partial class Administration : SiteUserControl +{ + private static ILog m_logg = LogManager.GetLogger("Page:Authenticate"); + + void Page_Load(Object sender, EventArgs e) + { + m_logg.Debug("Loading Administration page"); + } + protected void newUser_Init(object sender, EventArgs e) + { + LinkButton newUser = (LinkButton) sender; + + if (!m_user.HasRight("create_user", Constants.PRODUCT_ANYID)) + newUser.Visible = false; + } + protected void userRole_Init(object sender, EventArgs e) + { + LinkButton seeRoles = (LinkButton)sender; + + if (!m_user.HasRight("view_my_roles", Constants.PRODUCT_ANYID) && !m_user.HasRight("view_other_roles",Constants.PRODUCT_ANYID)) + seeRoles.Visible = false; + } + protected void newProduct_Init(object sender, EventArgs e) + { + LinkButton newProduct = (LinkButton)sender; + + if (!m_user.HasRight("create_product", Constants.PRODUCT_ANYID)) + newProduct.Visible = false; + } +} Modified: Website/Includes/Assignments.ascx.cs =================================================================== --- Website/Includes/Assignments.ascx.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/Assignments.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -125,13 +125,13 @@ if (ai != null && // It's not mine, the assignee doesn't belong to this product group, or I don't have rights to see other users' Action Items - !(ai.ASSIGNED.ID != m_user.ID && ai.ASSIGNED.HasRights(productID) && m_user.HasRight("view_other_ai",productID)) && + !(ai.ASSIGNED.ID != m_user.ID && m_user.HasRight("view_other_ai",ai.ASSIGNED,productID)) && // It's not mine, I don't have any product rights, or I can't view my own !(ai.ASSIGNED.ID == m_user.ID && m_user.HasRights(productID) && m_user.HasRight("view_my_ai", productID)) && // It's mine, the assignee doesn't belong to this product group, I didn't create it, or I don't have rights to look at it - !(ai.ASSIGNED.ID != m_user.ID && ai.ASSIGNED.HasRights(productID) && ai.CREATOR.ID == m_user.ID && m_user.HasRight("view_created_ai",productID)) + !(ai.ASSIGNED.ID != m_user.ID && ai.CREATOR.ID == m_user.ID && m_user.HasRight("view_created_ai",ai.ASSIGNED,productID)) ) return false; @@ -149,13 +149,13 @@ if (wo != null && // It's not mine, the assignee doesn't belong to this product group, or I don't have rights to see other users' work orders - !(wo.ASSIGNED.ID != m_user.ID && wo.ASSIGNED.HasRights(productID) && m_user.HasRight("view_other_wo", productID)) && + !(wo.ASSIGNED.ID != m_user.ID && m_user.HasRight("view_other_wo", wo.ASSIGNED, productID)) && // It's not mine, I don't have any product rights, or I can't view my own - !(wo.ASSIGNED.ID == m_user.ID && m_user.HasRights(productID) && m_user.HasRight("view_my_wo", productID)) && + !(wo.ASSIGNED.ID == m_user.ID && m_user.HasRight("view_my_wo", m_user, productID)) && // It's mine, the assignee doesn't belong to this product group, I didn't create it, or I don't have rights to look at it - !(wo.ASSIGNED.ID != m_user.ID && wo.ASSIGNED.HasRights(productID) && wo.CREATOR.ID == m_user.ID && m_user.HasRight("view_created_wo", productID)) + !(wo.ASSIGNED.ID != m_user.ID && wo.CREATOR.ID == m_user.ID && m_user.HasRight("view_created_wo", wo.ASSIGNED, productID)) ) return false; @@ -354,10 +354,10 @@ // update Session Session["showCompleted"] = cboShowCompleted.Checked; Session["showAICompleted"] = aiStatusList.Items.FindByText("Completed").Selected; - Session["showWOCompleted"] = woStatusList.Items.FindByText("Completed").Selected = true; + Session["showWOCompleted"] = woStatusList.Items.FindByText("Completed").Selected; Session.Add("refresh", true); - AssignmentsGridView.DataBind(); + Response.Redirect(Request.RawUrl); } protected void cboStatusFilter_CheckedChanged(object sender, EventArgs e) { @@ -391,7 +391,7 @@ Session["showCompleted"] = cboShowCompleted.Checked; Session.Add("refresh", true); - AssignmentsGridView.DataBind(); + Response.Redirect(Request.RawUrl); } protected void woStatusList_SelectedIndexChanged(object sender, EventArgs e) { Modified: Website/Includes/AssignmentsTree.ascx =================================================================== --- Website/Includes/AssignmentsTree.ascx 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/AssignmentsTree.ascx 2006-08-05 19:00:23 UTC (rev 275) @@ -1,6 +1,6 @@ <%@ Control Language="C#" AutoEventWireup="true" CodeFile="AssignmentsTree.ascx.cs" Inherits="AssignmentsTree" %> -<asp:CheckBox ID="statusComplete" runat="server" Text="Show Completed" AutoPostBack="True" OnCheckedChanged="statusComplete_CheckedChanged" OnInit="statusComplete_Init"/> +<asp:CheckBox ID="statusComplete" runat="server" Text="Show Completed" AutoPostBack="True" OnCheckedChanged="statusComplete_CheckedChanged" OnLoad="statusComplete_Load" Visible="false"/> <asp:TreeView ID="AssignmentTree" runat="server" SelectedNodeStyle-CssClass="selectednode" OnTreeNodePopulate="AssignmentTree_TreeNodePopulate" OnTreeNodeCollapsed="AssignmentTree_TreeNodeCollapsed" Modified: Website/Includes/AssignmentsTree.ascx.cs =================================================================== --- Website/Includes/AssignmentsTree.ascx.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/AssignmentsTree.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -142,7 +142,7 @@ if (e.Node.NavigateUrl.Contains("mode=created")) BuildCreatedUserList(e.Node); else if (e.Node.NavigateUrl.Contains("mode=mine")) - BuildMyUserList(e.Node); + BuildAssignmentList(e.Node); else BuildUserList(e.Node); break; @@ -183,7 +183,7 @@ { TreeNode mine = new TreeNode(); mine.Text = "My Assignments"; - mine.Value = Constants.PRODUCT_MINE.ToString(); + mine.Value = m_user.ID.ToString(); mine.SelectAction = TreeNodeSelectAction.Select; mine.PopulateOnDemand = true; mine.NavigateUrl = "~/Assignments.aspx?mode=mine&" + Constants.CODE_USER + "=" + m_user.ID; @@ -210,22 +210,6 @@ created.Expand(); } } - private void BuildMyUserList(TreeNode parent) - { - m_logg.Debug("Building my user list"); - ArrayList nodes = (ArrayList)Session["AssignmentNodes"]; - - // User name - TreeNode user = new TreeNode(); - user.Text = m_user.FULLNAME; - user.Value = m_user.ID.ToString(); - user.PopulateOnDemand = true; - user.SelectAction = TreeNodeSelectAction.Select; - user.NavigateUrl = "~/Assignments.aspx?" + Constants.CODE_USER + "=" + m_user.ID; - parent.ChildNodes.Add(user); - if (nodes.Contains(user.ValuePath)) - user.Expand(); - } private void BuildCreatedUserList(TreeNode parent) { m_logg.Debug("Building my user list"); @@ -301,9 +285,17 @@ m_logg.Debug("Building created assignment list"); // Populate the second-level nodes with assignments int status = Constants.ASSIGNMENT_UNFINISHED; - int productID = Convert.ToInt32(parent.Parent.Value); int userID = Convert.ToInt32(parent.Value); + int productID = Constants.PRODUCT_ANYID; + // try and get the product id (should only fail if in "My Assignments" + try + { + productID = Convert.ToInt32(parent.Parent.Value); + } + catch { } + + // Set status and get assignment list if (statusComplete.Checked) status = Constants.ASSIGNMENT_FINISHEDANDUNFINISHED; List<Assignment> assignmentList = UserDB.GetUserInfo(Convert.ToInt32(parent.Value)).GetAssignments(false, status); @@ -372,12 +364,20 @@ AssignmentTree_TreeNodePopulate(AssignmentTree, new TreeNodeEventArgs(node)); } } - Session["completeTree"] = statusComplete.Checked; + Session["showCompleted"] = statusComplete.Checked; + Session["showAICompleted"] = statusComplete.Checked; + Session["showAICompleted"] = statusComplete.Checked; } - protected void statusComplete_Init(object sender, EventArgs e) + protected void statusComplete_Load(object sender, EventArgs e) { - if (Session["completeTree"] == null) - Session.Add("completeTree", false); - statusComplete.Checked = Convert.ToBoolean(Session["completeTree"]); + if (Session["showCompleted"] == null) + Session["showCompleted"] = (m_user.GetConfigBool("filter_show_ai_completed") && m_user.GetConfigBool("filter_show_wo_completed")); + bool show = Convert.ToBoolean(Session["showCompleted"]); + + if (statusComplete.Checked != show) + { + statusComplete.Checked = show; + //statusComplete_CheckedChanged(sender, e); + } } } Modified: Website/Includes/Rights.ascx =================================================================== --- Website/Includes/Rights.ascx 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/Rights.ascx 2006-08-05 19:00:23 UTC (rev 275) @@ -191,11 +191,11 @@ </asp:FormView> <asp:ObjectDataSource ID="RightsDataSource" runat="server" SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_rightsTableAdapter" - InsertMethod="Insert" UpdateMethod="Update"> + InsertMethod="Insert" UpdateMethod="Update" OldValuesParameterFormatString="original_{0}"> <SelectParameters> <asp:SessionParameter Name="rightsID" SessionField="rightsID" Type="Int32" /> <asp:Parameter Name="rightsName" Type="String" /> - <asp:Parameter Name="active" Type="Boolean" DefaultValue="true" /> + <asp:SessionParameter DefaultValue="" Name="active" SessionField="active" Type="Boolean" /> </SelectParameters> <UpdateParameters> <asp:Parameter Name="rightsID" Type="Int32" /> @@ -209,10 +209,20 @@ </InsertParameters> </asp:ObjectDataSource> <asp:ObjectDataSource ID="RolesDataSource" runat="server" OldValuesParameterFormatString="original_{0}" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_roleTableAdapter"> + SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_roleTableAdapter" InsertMethod="Insert" UpdateMethod="Update"> <SelectParameters> <asp:Parameter Name="roleID" Type="Int32" /> <asp:Parameter Name="roleName" Type="String" /> - <asp:Parameter Name="active" Type="Boolean" DefaultValue="true" /> + <asp:SessionParameter DefaultValue="" Name="active" SessionField="active" Type="Boolean" /> </SelectParameters> + <UpdateParameters> + <asp:Parameter Name="roleID" Type="Int32" /> + <asp:Parameter Name="roleName" Type="String" /> + <asp:Parameter Name="roleDescription" Type="String" /> + <asp:Parameter Name="active" Type="Boolean" /> + </UpdateParameters> + <InsertParameters> + <asp:Parameter Name="roleName" Type="String" /> + <asp:Parameter Name="roleDescription" Type="String" /> + </InsertParameters> </asp:ObjectDataSource> Modified: Website/Includes/Rights.ascx.cs =================================================================== --- Website/Includes/Rights.ascx.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/Rights.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -25,8 +25,6 @@ protected void Page_Load(object sender, EventArgs e) { - if (!m_user.ISAUTHENTICATED) { return; } - m_logg.Debug("Loading page Rights"); if (rightsID == 0) { @@ -44,32 +42,10 @@ if (mode == "new") FormView1.ChangeMode(FormViewMode.Insert); + else if (mode == "edit") + FormView1.ChangeMode(FormViewMode.Edit); } - protected void FormView1_ItemInserted(object sender, FormViewInsertedEventArgs e) - { - tcdbDataSetTableAdapters.db_rightsTableAdapter rightsAdapter = new tcdbDataSetTableAdapters.db_rightsTableAdapter(); - tcdbDataSet.db_rightsDataTable rightsTable = rightsAdapter.GetData(null, e.Values["rightsName"].ToString(), true); - if (rightsTable.Count > 0) - { - rightsID = rightsTable[rightsTable.Count - 1].rightsID; - - updateRoles(); - Response.Redirect("~/Right.aspx?" + Constants.CODE_RIGHT + "=" + rightsID); - } - else - { - m_logg.Error("Could not insert right: " + e.Values["rightsName"]); - Response.Redirect("~/Administration.aspx"); - } - } - protected void deleteCmd(object sender, CommandEventArgs e) - { - tcdbDataSetTableAdapters.db_rightsTableAdapter rAdapter = new tcdbDataSetTableAdapters.db_rightsTableAdapter(); - rAdapter.Update(rightsID, right.NAME, right.DESCRIPTION, false); - - Response.Redirect("~/Administration.aspx"); - } protected void updateRoles() { ListBox roleList = (ListBox)FormView1.FindControl("roleList"); @@ -100,6 +76,31 @@ rrAdapter.DeleteRoleRights(roleID, rightsID); } } + protected void FormView1_ItemInserted(object sender, FormViewInsertedEventArgs e) + { + tcdbDataSetTableAdapters.db_rightsTableAdapter rightsAdapter = new tcdbDataSetTableAdapters.db_rightsTableAdapter(); + tcdbDataSet.db_rightsDataTable rightsTable = rightsAdapter.GetData(null, e.Values["rightsName"].ToString(), true); + + if (rightsTable.Count > 0) + { + rightsID = rightsTable[rightsTable.Count - 1].rightsID; + + updateRoles(); + Response.Redirect("~/Right.aspx?" + Constants.CODE_RIGHT + "=" + rightsID); + } + else + { + m_logg.Error("Could not insert right: " + e.Values["rightsName"]); + Response.Redirect("~/Administration.aspx"); + } + } + protected void deleteCmd(object sender, CommandEventArgs e) + { + tcdbDataSetTableAdapters.db_rightsTableAdapter rAdapter = new tcdbDataSetTableAdapters.db_rightsTableAdapter(); + rAdapter.Update(rightsID, right.NAME, right.DESCRIPTION, false); + + Response.Redirect("~/Administration.aspx"); + } protected void FormView1_ItemUpdated(object sender, FormViewUpdatedEventArgs e) { updateRoles(); @@ -110,6 +111,7 @@ if (FormView1.CurrentMode == FormViewMode.Insert && e.CommandName == "Cancel") Response.Redirect("Administration.aspx"); } + protected void roleList_DataBound(object sender, EventArgs e) { ListBox roleList = (ListBox)sender; @@ -117,7 +119,7 @@ if (FormView1.CurrentMode == FormViewMode.Edit) { tcdbDataSetTableAdapters.db_rightRoleTableAdapter rrAdapter = new tcdbDataSetTableAdapters.db_rightRoleTableAdapter(); - tcdbDataSet.db_rightRoleDataTable rrTable = rrAdapter.GetData(rightsID, true); + tcdbDataSet.db_rightRoleDataTable rrTable = rrAdapter.GetData(rightsID, active); foreach (tcdbDataSet.db_rightRoleRow row in rrTable) roleList.Items.FindByValue(row.roleID.ToString()).Selected = true; Modified: Website/Includes/RoleAdmin.ascx =================================================================== --- Website/Includes/RoleAdmin.ascx 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/RoleAdmin.ascx 2006-08-05 19:00:23 UTC (rev 275) @@ -1,34 +1,27 @@ -<%@ Control Language="C#" AutoEventWireup="true" CodeFile="RoleAdmin.ascx.cs" - Inherits="RoleAdmin" %> - +<%@ Control Language="C#" AutoEventWireup="true" CodeFile="RoleAdmin.ascx.cs" Inherits="RoleAdmin" %> <table width="700"> - <tr> - <td align="center" valign="middle" style="height: 101px"> - <asp:DropDownList ID="roleList" runat="server" DataSourceID="RoleDataSource" DataTextField="roleName" - DataValueField="roleID"> - </asp:DropDownList><asp:ObjectDataSource ID="RoleDataSource" runat="server" OldValuesParameterFormatString="original_{0}" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_roleTableAdapter" InsertMethod="Insert" UpdateMethod="Update"> - <SelectParameters> - <asp:Parameter Name="roleID" Type="Int32" /> - <asp:Parameter Name="roleName" Type="String" /> - <asp:Parameter DefaultValue="true" Name="active" Type="Boolean" /> - </SelectParameters> - <UpdateParameters> - <asp:Parameter Name="roleID" Type="Int32" /> - <asp:Parameter Name="roleName" Type="String" /> - <asp:Parameter Name="roleDescription" Type="String" /> - <asp:Parameter Name="active" Type="Boolean" /> - </UpdateParameters> - <InsertParameters> - <asp:Parameter Name="roleName" Type="String" /> - <asp:Parameter Name="roleDescription" Type="String" /> - </InsertParameters> - </asp:ObjectDataSource> - <asp:LinkButton ID="addRoleBtn" runat="server" CommandName="addRole" OnCommand="addRole">Add User To Role</asp:LinkButton> - - <asp:LinkButton ID="newRoleBtn" runat="server" CommandName="newRole" OnCommand="newRole" OnInit="newRole_Init">New User Role</asp:LinkButton> - - <asp:LinkButton ID="newRightBtn" runat="server" CommandName="newRight" OnCommand="newRight" OnInit="newRight_Init">New User Right</asp:LinkButton><br /> - </td> - </tr> - </table> + <tr> + <td align="center" valign="middle" style="height: 101px"> + <asp:DropDownList ID="roleList" runat="server" OnInit="roleList_Init" AutoPostBack="True"> + </asp:DropDownList> + <asp:LinkButton ID="viewRoleBtn" runat="server" CommandName="viewRole" OnCommand="viewRole" + OnLoad="viewRoleBtn_Load">View Role</asp:LinkButton> + + <asp:LinkButton ID="addRoleBtn" runat="server" CommandName="addRole" OnCommand="addRole" + OnLoad="addRoleBtn_Load">Add User To Role</asp:LinkButton> + <br /> + <br /><asp:DropDownList ID="rightsList" runat="server" OnInit="rightsList_Init" AutoPostBack="True"> + </asp:DropDownList> + <asp:LinkButton ID="viewRightBtn" runat="server" CommandName="viewRight" OnCommand="viewRight">View Right</asp:LinkButton> + + <asp:LinkButton ID="editRightsBtn" runat="server" CommandName="editRight" OnCommand="addRight">Edit Right</asp:LinkButton> + <br /> + <br /> + <asp:LinkButton ID="newRoleBtn" runat="server" CommandName="newRole" OnCommand="newRole" + OnInit="newRole_Init">New User Role</asp:LinkButton> + + <asp:LinkButton ID="newRightBtn" runat="server" CommandName="newRight" OnCommand="newRight" + OnInit="newRight_Init">New User Right</asp:LinkButton><br /> + </td> + </tr> +</table> Modified: Website/Includes/RoleAdmin.ascx.cs =================================================================== --- Website/Includes/RoleAdmin.ascx.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/RoleAdmin.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -17,39 +17,89 @@ public partial class RoleAdmin : SiteUserControl { private static ILog m_logg = LogManager.GetLogger("Page:Authenticate"); - int product = Convert.ToInt32(HttpContext.Current.Request.QueryString[Constants.CODE_PRODUCT]); + int productID = Convert.ToInt32(HttpContext.Current.Request.QueryString[Constants.CODE_PRODUCT]); protected void Page_Load(object sender, EventArgs e) { + if (productID == 0) + productID = Constants.PRODUCT_ANYID; } + + protected void viewRole(object sender, CommandEventArgs e) + { + Response.Redirect("Role.aspx?" + Constants.CODE_PRODUCT + "=" + productID + "&" + Constants.CODE_ROLE + "=" + roleList.SelectedValue); + } protected void addRole(object sender, CommandEventArgs e) { - Response.Redirect("Role.aspx?mode=edit&" + Constants.CODE_PRODUCT + "=" + product + "&" + Constants.CODE_ROLE + "=" + roleList.SelectedValue); + Response.Redirect("Role.aspx?mode=edit&" + Constants.CODE_PRODUCT + "=" + productID + "&" + Constants.CODE_ROLE + "=" + roleList.SelectedValue); } - protected void newRole(object sender, CommandEventArgs e) { - Response.Redirect("Role.aspx?mode=new&" + Constants.CODE_PRODUCT + "=" + product); + Response.Redirect("Role.aspx?mode=new&" + Constants.CODE_PRODUCT + "=" + productID); } - protected void newRight(object sender, CommandEventArgs e) { - Response.Redirect("Right.aspx?mode=new&" + Constants.CODE_PRODUCT + "=" + product); + Response.Redirect("Right.aspx?mode=new&" + Constants.CODE_PRODUCT + "=" + productID); } + protected void addRight(object sender, CommandEventArgs e) + { + Response.Redirect("Right.aspx?mode=edit&" + Constants.CODE_PRODUCT + "=" + productID + "&" + Constants.CODE_RIGHT + "=" + rightsList.SelectedValue); + } + protected void viewRight(object sender, CommandEventArgs e) + { + Response.Redirect("Right.aspx?" + Constants.CODE_PRODUCT + "=" + productID + "&" + Constants.CODE_RIGHT + "=" + rightsList.SelectedValue); + } protected void newRole_Init(object sender, EventArgs e) { - LinkButton newRole = (LinkButton)sender; - if (!m_user.HasRight("create_role", Constants.PRODUCT_ANYID)) - newRole.Visible = false; + newRoleBtn.Visible = false; } - protected void newRight_Init(object sender, EventArgs e) { - LinkButton newRight = (LinkButton) sender; + if (!m_user.HasRight("dev_access")) + newRightBtn.Visible = false; + } - if (!m_user.HasRight("dev_access", Constants.PRODUCT_ANYID)) - newRight.Visible = false; + protected void roleList_Init(object sender, EventArgs e) + { + tcdbDataSetTableAdapters.db_roleTableAdapter rAdapter = new tcdbDataSetTableAdapters.db_roleTableAdapter(); + tcdbDataSet.db_roleDataTable rTable = rAdapter.GetData(null, null, active); + + foreach (tcdbDataSet.db_roleRow row in rTable) + roleList.Items.Add(new ListItem(row.roleName, row.roleID.ToString())); } + protected void addRoleBtn_Load(object sender, EventArgs e) + { + String role = roleList.SelectedItem.Text; + + if (!m_user.HasRight("edit_role_users", productID)) + addRoleBtn.Visible = false; + } + protected void viewRoleBtn_Load(object sender, EventArgs e) + { + String role = roleList.SelectedItem.Text; + + if (!(m_user.HasRole(role,productID) && m_user.HasRight("view_my_roles", productID)) && + !m_user.HasRight("view_other_roles", productID)) + viewRoleBtn.Visible = false; + } + + protected void rightsList_Init(object sender, EventArgs e) + { + if (!m_user.HasRight("dev_access")) + { + rightsList.Visible = false; + viewRightBtn.Visible = false; + editRightsBtn.Visible = false; + + return; + } + + tcdbDataSetTableAdapters.db_rightsTableAdapter rAdapter = new tcdbDataSetTableAdapters.db_rightsTableAdapter(); + tcdbDataSet.db_rightsDataTable rTable = rAdapter.GetData(null, null, active); + + foreach (tcdbDataSet.db_rightsRow row in rTable) + rightsList.Items.Add(new ListItem(row.rightsName, row.rightsID.ToString())); + } } Modified: Website/Includes/Roles.ascx =================================================================== --- Website/Includes/Roles.ascx 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/Roles.ascx 2006-08-05 19:00:23 UTC (rev 275) @@ -42,14 +42,14 @@ <td colspan="2" align="left" valign="top" width="34%" style="height: 132px"> <strong>Rights:</strong><br /> <asp:ListBox ID="rightsList" runat="server" DataSourceID="RoleRightsDataSource" - DataTextField="rightName" DataValueField="rightsID" Height="150px" Width="150px"></asp:ListBox><asp:ObjectDataSource - ID="RoleRightsDataSource" runat="server" OldValuesParameterFormatString="original_{0}" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_roleRightTableAdapter"> - <SelectParameters> - <asp:SessionParameter Name="roleID" SessionField="roleID" Type="Int32" /> - <asp:Parameter DefaultValue="true" Name="active" Type="Boolean" /> - </SelectParameters> - </asp:ObjectDataSource> + DataTextField="rightName" DataValueField="rightsID" Height="150px" Width="150px"> + </asp:ListBox><asp:ObjectDataSource ID="RoleRightsDataSource" runat="server" OldValuesParameterFormatString="original_{0}" + SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_roleRightTableAdapter"> + <SelectParameters> + <asp:SessionParameter Name="roleID" SessionField="roleID" Type="Int32" /> + <asp:Parameter DefaultValue="true" Name="active" Type="Boolean" /> + </SelectParameters> + </asp:ObjectDataSource> </td> </tr> <tr> @@ -58,11 +58,11 @@ </tr> <tr> <td align="left" colspan="6"> - <asp:LinkButton ID="New" runat="server" CommandName="new">New</asp:LinkButton> - | - <asp:LinkButton ID="Edit" runat="server" CommandName="edit">Edit</asp:LinkButton> - | - <asp:LinkButton ID="Delete" runat="server" CommandName="deleteCmd" OnCommand="deleteCmd">Delete</asp:LinkButton></td> + <asp:LinkButton ID="New" runat="server" CommandName="new" OnInit="New_Init">New</asp:LinkButton><asp:Label + ID="newLbl" runat="server" Text=" | "></asp:Label><asp:LinkButton + ID="Edit" runat="server" CommandName="edit" OnInit="Edit_Init">Edit</asp:LinkButton><asp:Label ID="deleteLbl" + runat="server" Text=" | "></asp:Label><asp:LinkButton ID="Delete" + runat="server" CommandName="deleteCmd" OnCommand="deleteCmd" OnLoad="Delete_Load">Delete</asp:LinkButton></td> </tr> </table> </div> @@ -71,7 +71,8 @@ </div> </ItemTemplate> <EditItemTemplate> - <asp:RequiredFieldValidator ID="nameValidator" runat="server" ErrorMessage="You must enter a role name." ControlToValidate="nameBox"></asp:RequiredFieldValidator> + <asp:RequiredFieldValidator ID="nameValidator" runat="server" ErrorMessage="You must enter a role name." + ControlToValidate="nameBox"></asp:RequiredFieldValidator> <div class="xsnazzy"> <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"> </b></b> @@ -80,7 +81,7 @@ <tr> <td align="left" colspan="6"> <strong>Name:</strong> - <asp:TextBox ID="nameBox" runat="server" Text='<%# Bind("roleName") %>' Width="70%"></asp:TextBox></td> + <asp:TextBox ID="nameBox" runat="server" Text='<%# Bind("roleName") %>' Width="70%" OnInit="nameBox_Init"></asp:TextBox></td> </tr> <tr> <td class="hr" colspan="6"> @@ -90,7 +91,8 @@ <td align="left" colspan="6" valign="top"> <strong>Description:</strong><br /> <FTB:FreeTextBox ID="descriptionBox" runat="server" SupportFolder="~/aspnet_client/FreeTextBox/" - Width="100%" Text='<%# Bind("roleDescription") %>' Height="200px" EnableHtmlMode="true" DisableIEBackButton="False"> + Width="100%" Text='<%# Bind("roleDescription") %>' Height="200px" EnableHtmlMode="true" + DisableIEBackButton="False" OnInit="descriptionBox_Init"> </FTB:FreeTextBox> </td> </tr> @@ -100,22 +102,21 @@ </tr> <tr> <td colspan="2" align="left" valign="top" width="33%"> - <strong>Products: <asp:DropDownList ID="productList" runat="server" DataSourceID="ProductDataSource" - DataTextField="name" DataValueField="productID" AutoPostBack="True" OnDataBound="productListEdit_DataBound" - OnSelectedIndexChanged="productList_SelectedIndexChanged"> + <strong>Products: <asp:DropDownList ID="productList" runat="server" AutoPostBack="True" + OnSelectedIndexChanged="productList_SelectedIndexChanged" OnInit="productList_Init"> </asp:DropDownList></strong> </td> <td colspan="2" align="left" valign="top" width="33%"> <strong>Users:<br /> </strong> - <asp:ListBox ID="userList" runat="server" DataSourceID="UserDataSource" DataTextField="fullName" - DataValueField="userID" SelectionMode="Multiple" OnDataBound="userList_DataBound" Height="150px" - Width="150px"></asp:ListBox></td> + <asp:ListBox ID="userList" runat="server" SelectionMode="Multiple" + Height="150px" Width="150px" OnInit="userList_Init"></asp:ListBox></td> <td colspan="2" align="left" valign="top" width="34%"> <strong>Rights:<br /> - <asp:LinkButton ID="newRight" runat="server" CommandName="newRight" OnCommand="newRight" OnInit="newRight_Init">New Right</asp:LinkButton><br /> + <asp:LinkButton ID="newRight" runat="server" CommandName="newRight" OnCommand="newRight" + OnInit="newRight_Init">New Right</asp:LinkButton><br /> </strong> <asp:ListBox ID="rightsList" runat="server" DataSourceID="RightsDataSource" DataTextField="rightsName" DataValueField="rightsID" SelectionMode="Multiple" - Height="150px" OnDataBound="rightsList_DataBound" Width="150px"></asp:ListBox> + Height="150px" OnDataBound="rightsList_DataBound" Width="150px" OnInit="rightsList_Init"></asp:ListBox> </td> </tr> <tr> @@ -139,7 +140,8 @@ </div> </EditItemTemplate> <InsertItemTemplate> - <asp:RequiredFieldValidator ID="nameValidator" runat="server" ErrorMessage="You must enter a role name." ControlToValidate="nameBox"></asp:RequiredFieldValidator> + <asp:RequiredFieldValidator ID="nameValidator" runat="server" ErrorMessage="You must enter a role name." + ControlToValidate="nameBox"></asp:RequiredFieldValidator> <div class="xsnazzy"> <b class="xtop"><b class="xb1"></b><b class="xb2"></b><b class="xb3"></b><b class="xb4"> </b></b> @@ -169,21 +171,20 @@ <tr> <td colspan="2" align="left" valign="top" width="33%"> <strong>Products: </strong><asp:DropDownList ID="productList" runat="server" - DataSourceID="ProductDataSource" DataTextField="name" DataValueField="productID" - AutoPostBack="True" OnDataBound="productListInsert_DataBound" OnSelectedIndexChanged="productList_SelectedIndexChanged"> + AutoPostBack="True" OnSelectedIndexChanged="productList_SelectedIndexChanged" OnInit="productList_Init"> </asp:DropDownList> </td> <td colspan="2" align="left" valign="top" width="33%"> <strong>Users:<br /> </strong> - <asp:ListBox ID="userList" runat="server" DataSourceID="UserDataSource" DataTextField="fullName" - DataValueField="userID" SelectionMode="Multiple" OnDataBound="userList_DataBound" Height="150px" - Width="150px"></asp:ListBox></td> + <asp:ListBox ID="userList" runat="server" SelectionMode="Multiple" + Height="150px" Width="150px"></asp:ListBox></td> <td colspan="2" align="left" valign="top" width="34%"> <strong>Rights: <asp:LinkButton ID="newRight" runat="server" CommandName="newRight" OnCommand="newRight">New Right</asp:LinkButton><br /> </strong> <asp:ListBox ID="rightsList" runat="server" DataSourceID="RightsDataSource" - DataTextField="rightsName" DataValueField="rightsID" SelectionMode="Multiple" Height="150px" Width="150px"></asp:ListBox> + DataTextField="rightsName" DataValueField="rightsID" SelectionMode="Multiple" + Height="150px" Width="150px"></asp:ListBox> </td> </tr> <tr> @@ -206,9 +207,9 @@ </div> </InsertItemTemplate> </asp:FormView> -<asp:ObjectDataSource ID="RoleDataSource" runat="server" InsertMethod="Insert" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_roleTableAdapter" - UpdateMethod="Update"> +<asp:ObjectDataSource ID="RoleDataSource" runat="server" InsertMethod="Insert" SelectMethod="GetData" + TypeName="tcdbDataSetTableAdapters.db_roleTableAdapter" UpdateMethod="Update" + OldValuesParameterFormatString="original_{0}"> <UpdateParameters> <asp:Parameter Name="roleID" Type="Int32" /> <asp:Parameter Name="roleName" Type="String" /> @@ -218,32 +219,29 @@ <SelectParameters> <asp:SessionParameter Name="roleID" SessionField="roleID" Type="Int32" /> <asp:Parameter Name="roleName" Type="String" /> - <asp:Parameter Name="active" Type="Boolean" DefaultValue="true" /> + <asp:SessionParameter DefaultValue="" Name="active" SessionField="active" Type="Boolean" /> </SelectParameters> <InsertParameters> <asp:Parameter Name="roleName" Type="String" /> <asp:Parameter Name="roleDescription" Type="String" /> </InsertParameters> </asp:ObjectDataSource> -<asp:ObjectDataSource ID="ProductDataSource" runat="server" OldValuesParameterFormatString="original_{0}" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_productsTableAdapter"> - <SelectParameters> - <asp:Parameter Name="active" Type="Boolean" DefaultValue="true" /> - <asp:Parameter Name="productID" Type="Int32" /> - </SelectParameters> -</asp:ObjectDataSource> -<asp:ObjectDataSource ID="UserDataSource" runat="server" OldValuesParameterFormatString="original_{0}" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_usersTableAdapter"> - <SelectParameters> - <asp:Parameter Name="username" Type="String" /> - <asp:Parameter Name="userID" Type="Int32" /> - </SelectParameters> -</asp:ObjectDataSource> <asp:ObjectDataSource ID="RightsDataSource" runat="server" OldValuesParameterFormatString="original_{0}" - SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_rightsTableAdapter"> + SelectMethod="GetData" TypeName="tcdbDataSetTableAdapters.db_rightsTableAdapter" + InsertMethod="Insert" UpdateMethod="Update"> <SelectParameters> <asp:Parameter Name="rightsID" Type="Int32" /> <asp:Parameter Name="rightsName" Type="String" /> - <asp:Parameter Name="active" Type="Boolean" DefaultValue="true" /> + <asp:SessionParameter DefaultValue="" Name="active" SessionField="active" Type="Boolean" /> </SelectParameters> + <UpdateParameters> + <asp:Parameter Name="rightsID" Type="Int32" /> + <asp:Parameter Name="rightsName" Type="String" /> + <asp:Parameter Name="rightsDescription" Type="String" /> + <asp:Parameter Name="active" Type="Boolean" /> + </UpdateParameters> + <InsertParameters> + <asp:Parameter Name="rightsName" Type="String" /> + <asp:Parameter Name="rightsDescription" Type="String" /> + </InsertParameters> </asp:ObjectDataSource> Modified: Website/Includes/Roles.ascx.cs =================================================================== --- Website/Includes/Roles.ascx.cs 2006-08-04 22:44:29 UTC (rev 274) +++ Website/Includes/Roles.ascx.cs 2006-08-05 19:00:23 UTC (rev 275) @@ -27,8 +27,6 @@ protected void Page_Load(object sender, EventArgs e) { - if (!m_user.ISAUTHENTICATED) { return; } - m_logg.Debug("Loading page Roles"); if (roleID == 0) { @@ -40,13 +38,21 @@ } } + // Get Role info + role = RightDB.GetRoleInfo(roleID); Session.Add("roleID", roleID); - role = RightDB.GetRoleInfo(roleID); + + // Check rights + if (!(m_user.HasRole(role.NAME) && m_user.HasRight("view_my_roles",Constants.PRODUCT_ANYID)) && + !m_user.HasRight("view_other_roles",Constants.PRODUCT_ANYID)) + Response.Redirect("~/Administration.aspx"); + + // Setup notes //Session.Add("tableName", "tcdb_role"); - if (mode == "new") + if (mode == "new" && m_user.HasRight("create_role",Constants.PRODUCT_ANYID)) FormView1.ChangeMode(FormViewMode.Insert); - else if (mode == "edit") + else if (mode == "edit" && (m_user.HasRight("edit_role",Constants.PRODUCT_ANYID) || m_user.HasRight("edit_role_users",Constants.PRODUCT_ANYID))) FormView1.ChangeMode(FormViewMode.Edit); } protected void updateUserRoleProducts() @@ -164,6 +170,7 @@ Response.Redirect("~/Administration.aspx"); } } + protected void userList_DataBound(object sender, EventArgs e) { Dictionary<String, ArrayList> ProductUsers = (Dictionary<String, ArrayList>)Session["ProductUsers"]; @@ -192,6 +199,7 @@ foreach (tcdbDataSet.db_roleRightRow row in roleRightTable) rightsList.Items.FindByValue(row.rightsID.ToString()).Selected = true; } + protected void addUsers(object sender, CommandEventArgs e) { updateUserRoleProducts(); @@ -200,6 +208,7 @@ { Response.Redirect("Right.aspx?mode=new&"+Constants.CODE_ROLE+"=" + roleID); } + protected void productList_SelectedIndexChanged(object sender, EventArgs e) { ListBox userList = (ListBox)FormView1.FindControl("userList"); @@ -215,7 +224,7 @@ // Get Product Users if (Session["ProductUsers"] == null) - updateProductUsers(productList, userList); + updateProductUsers(); Dictionary<String, ArrayList> ProductUsers = (Dictionary<String, ArrayList>)Session["ProductUsers"]; // update selected product @@ -235,20 +244,26 @@ Session["product"] = productList.SelectedValue; // Update userlist - userList.DataBind(); + userList_populate(); } - protected void updateProductUsers(DropDownList productList, ListBox userList) + protected void updateProductUsers() { // Init ProductUsers if (Session["ProductUsers"] == null) Session.Add("ProductUsers", new Dictionary<String, ArrayList>()); Dictionary<String, ArrayList> ProductUsers = (Dictionary<String, ArrayList>)Session["ProductUsers"]; + ProductUsers.Clear(); - ProductUsers.Clear(); - foreach (ListItem productItem in productList.Items) + if (FormView1.CurrentMode == FormViewMode.Insert) + return; + + tcdbDataSetTableAdapters.db_productsTableAdapter pAdapter = new tcdbDataSetTableAdapters.db_productsTableAdapter(); + tcdbDataSet.db_productsDataTable pTable = pAdapter.GetData(active, null); + + foreach (tcdbDataSet.db_productsRow pRow in pTable) { ArrayList users = new ArrayList(); - String productID = productItem.Value; + String productID = pRow.productID.ToString(); tcdbDataSetTableAdapters.db_roleProductUserTableAdapter roleProductUserAdapter = new tcdbDataSetTableAdapters.db_roleProductUserTableAdapter(); tcdbDataSet.db_roleProductUserDataTable roleProductUserTable = roleProductUserAdapter.GetData(roleID, Convert.ToInt32(productID), true); @@ -262,25 +277,7 @@ ProductUsers.Add(productID, users); } } - protected void productListEdit_DataBound(object sender, EventArgs e) - { - DropDownList productList = (DropDownList)sender; - ListBox userList = (ListBox)FormView1.FindControl("userList"); - updateProductUsers(productList, userList); - Session["product"] = productList.SelectedValue; - userList.DataBind(); - } - protected void productListInsert_DataBound(object sender, EventArgs e) - { - DropDownList productList = (DropDownList)sender; - ListBox userList = (ListBox)FormView1.FindControl("userList"); - - updateProductUsers(productList, userList); - if (productID_in != null) - productList.SelectedValue = productID_in; - Session["product"] = productList.SelectedValue; - } protected void ProductUserPanel_Init(object sender, EventArgs e) { Panel puPanel = (Panel)sender; @@ -324,4 +321,113 @@ if (!m_user.HasRight("dev_access")) btn.Visible = false; } + protected void New_Init(object sender, EventArgs e) + { + LinkButton newBtn = (LinkButton)sender; + Label newLbl = (Label)FormView1.FindControl("newLbl"); + + if (!m_user.HasRight("create_role",Constants.PRODUCT_ANYID)){ + newBtn.Visible = false; + newLbl.Visible = false; + } + } + protected void Edit_Init(object sender, EventArgs e) + { + LinkButton editBtn = (LinkButton)sender; + + if (!m_user.HasRight("edit_role",Constants.PRODUCT_ANYID) && !m_user.HasRight("edit_role_users",Constants.PRODUCT_ANYID)) + editBtn.Visible = false; + } + protected void Delete_Load(object sender, EventArgs e) + { + LinkButton deleteBtn = (LinkButton)sender; + Label deleteLbl = (Label)FormView1.FindControl("deleteLbl"); + updateProductUsers(); + Dictionary<String, ArrayList> Produ... [truncated message content] |
