Class Sentry

Inheritance

Object

Sentry

Sentry<TMainTable>

Implements

ICloneable

Namespace: SuperOffice.CRM.Security

Assembly: SoDataBase.dll

Syntax

public abstract class Sentry : Object, ICloneable

Constructors

Sentry(SentryQueryInfo)

Declaration

protected Sentry(SentryQueryInfo coveredTables)

Parameters

Type	Name	Description
SentryQueryInfo	coveredTables

Fields

_fieldRights

Holds the result of the field rights computations. The dictionary key is the field id, the dictionary value is the resulting FieldRight rights object. The rights objects are shared among many instances -- they are copy-on-write. Key = field number (from conceptual dictionary) Value = FieldRight. Usually gotten from the SuperOffice.CRM.Security.RightsFactory.

Declaration

protected FieldRights _fieldRights

Field Value

Type	Description
FieldRights

_lookups

Contains the list of row data providers that the sentry can consult.

Declaration

protected LookupCollection _lookups

Field Value

Type	Description
LookupCollection

_tableRights

Holds the result of the table rights computations. Tells us if we can add/read/update/delete the row. This is a bit-flag, so more than one right may be set. Key = table number (from conceptual dictionary) Value = Tableright. Usually gotten from the SuperOffice.CRM.Security.RightsFactory.

Declaration

protected TableRights _tableRights

Field Value

Type	Description
TableRights

kFieldRights

Declaration

protected const string kFieldRights = "Rights"

Field Value

Type	Description
String

kTableRights

Declaration

protected const string kTableRights = "Rights"

Field Value

Type	Description
String

Properties

AssociateId

Returns the associate id based on the row provided to the sentry. This method must be overridden by the sub-class.

Declaration

public abstract int AssociateId { get; }

Property Value

Type	Description
Int32

GroupId

Returns the group id of the associate based on the row provided to the sentry. This method must be overridden by the sub-class. If the row does not contain the group id of the associate, then the function must look up the appropriate group id in the associate table.

TODO CM: add multi-db aware caching mechanism for associate->usergroup mapping

Declaration

public virtual int GroupId { get; }

Property Value

Type	Description
Int32

IsGhostRow

Returns whether the primary key field is a ghost

Declaration

public abstract bool IsGhostRow { get; }

Property Value

Type	Description
Boolean

IsNew

Has the row been saved to teh database yet.

Declaration

public abstract bool IsNew { get; }

Property Value

Type	Description
Boolean

Lookups

Contains the list of row data providers that the sentry can consult.

Declaration

public LookupCollection Lookups { get; }

Property Value

Type	Description
LookupCollection

MainTable

Get main table for the sentry.

Declaration

public TableInfo MainTable { get; }

Property Value

Type	Description
TableInfo

Parent

Get the sentry collection that teh sentry belongs to.

Declaration

public SentryCollection Parent { get; }

Property Value

Type	Description
SentryCollection

Registered

When was the item first created. Returns the current time if the field is not set (i.e. if the record has not been saved yet).

Declaration

public virtual DateTime Registered { get; }

Property Value

Type	Description
DateTime

RegisteredAssociateId

Who created the item.

Declaration

public virtual int RegisteredAssociateId { get; }

Property Value

Type	Description
Int32

RegisteredAssociateIdField

The field that holds the associate id of teh user first creating the item.

Declaration

public abstract FieldInfo RegisteredAssociateIdField { get; }

Property Value

Type	Description
FieldInfo

RegisteredField

The field that holds information about when the item was first created.

Declaration

public abstract FieldInfo RegisteredField { get; }

Property Value

Type	Description
FieldInfo

RowId

Returns the primary key id based on the row provided to the sentry. This method must be overridden by the sub-class.

Declaration

public abstract int RowId { get; }

Property Value

Type	Description
Int32

SentryQueryInfo

Returns an array of the table-ids of the tables this sentry covers

Declaration

public SentryQueryInfo SentryQueryInfo { get; }

Property Value

Type	Description
SentryQueryInfo

Methods

AnalyzeQuery(PrivateSelect)

Declaration

public abstract void AnalyzeQuery(PrivateSelect sql)

Parameters

Type	Name	Description
PrivateSelect	sql

BeginIgnoreRowSentry()

Declaration

public static IDisposable BeginIgnoreRowSentry()

Returns

Type	Description
IDisposable

BeginIgnoreSentry()

Declaration

public static IDisposable BeginIgnoreSentry()

Returns

Type	Description
IDisposable

CanCoverTable(TableInfo)

Declaration

public abstract bool CanCoverTable(TableInfo table)

Parameters

Type	Name	Description
TableInfo	table

Returns

Type	Description
Boolean

CanFieldDo(FieldInfo, EFieldRight, Boolean)

Determine if the current user has the required access rights to a field belonging to the row this sentry is protecting.

Note that the field does not have to be on the table

Declaration

public virtual bool CanFieldDo(FieldInfo field, EFieldRight rights, bool allOfRights)

Parameters

Type	Name	Description
FieldInfo	field	SODBIF id of field we want to know about
EFieldRight	rights	Rights we want to have to field
Boolean	allOfRights	True if all the rights must be present

Returns

Type	Description
Boolean	True if we have some (allOfRights=False) or all (allOfRights=True) of the rights to the field.

CanTableDo(TableInfo, ETableRight, Boolean)

Determine if the current user has the required access rights to the row this sentry is protecting.

Declaration

public virtual bool CanTableDo(TableInfo table, ETableRight rights, bool allOfRights)

Parameters

Type	Name	Description
TableInfo	table
ETableRight	rights	one or more of the ETableRight values combined as bitflags
Boolean	allOfRights	if true, then all of the rights must be available for the result to be true. Otherwise any of the rights must be available for the result to be true

Returns

Type	Description
Boolean	True if the user has the required access rights to the table.

Examples

ContactRow c = new ContactRow.IdxContactId( 1234 ); bool canModify = c.Sentry.CanTableDo( c.TableInfo, ETableRight.Insert and ETableRight.Update, false );

ClearRights()

Clears out old results from data. Called every time a row is read.

Declaration

public void ClearRights()

CreateSentries(Select)

Declaration

public static SentryCollection CreateSentries(Select sql)

Parameters

Type	Name	Description
Select	sql

Returns

Type	Description
SentryCollection

CreateSentry(TableInfo)

Sentry Factory function. Given a table-info, finds the appropriate sentry type (if possible) and creates a new instance.

The sentry must afterwards be populated with lookup interfaces to read the row.

Declaration

public static Sentry CreateSentry(TableInfo tableInfo)

Parameters

Type	Name	Description
TableInfo	tableInfo	The table we want covered: Contact, Person, Appointment, Sale, Project, Selection, Relation are suitable TableInfo types.

Returns

Type	Description
Sentry	A sentry of the proper sub-class. Returns a ContactSentry if given a Contact.ContactId and a Contact.AssociateId field.

DemandPlugins()

Demand that all required sentry plugins are present. See UserPreferenceStrings.SentryAddonNames and SentryPluginAttribute for further details. Called by NetServer during user authentication.

Declaration

public static void DemandPlugins()

Remarks

These user-preferences all mean the same thing:

[section] key = val

[SentryAddonNames] prog.id = prog.id
[SentryAddonNames] 1 = prog.id
[SentryAddonNames] foo bar = prog.id

They all mean that the config file must load a sentry plug-in that declares itself as the "prog.id" plug-in. If the plug-in with this prog.id attribute is not loaded according to the current plug-in configuration, an exception will be thrown.

To disable a sentry preference, change its value to 0 or to blank.

Exceptions

Type	Condition
SoSentryException	Thrown if there are any sentry plugins missing and Sentry is enabled.

GetDateTimeField(FieldInfo)

Get the value of a field, as a DateTime. The first lookup that returns a valid value is used.

Declaration

public DateTime GetDateTimeField(FieldInfo field)

Parameters

Type	Name	Description
FieldInfo	field	Field specification

Returns

Type	Description
DateTime	DateTime value, or DateTime.MinValue if not found

GetFieldRight(FieldInfo)

Returns the fieldright for the given table.

Declaration

public FieldRight GetFieldRight(FieldInfo field)

Parameters

Type	Name	Description
FieldInfo	field

Returns

Type	Description
FieldRight	Returns a new fieldright with full rights if the field is not covered by this sentry.

GetGroupFromAssociate(Int32)

Get the group that an associate belongs to.

Declaration

protected int GetGroupFromAssociate(int assocId)

Parameters

Type	Name	Description
Int32	assocId	The associate id to check group for.

Returns

Type	Description
Int32	Group id of the group that the associate belongs to.

Remarks

This value can be cached.

Most calculations actually only requires to find out wetter the associate belongs to a group or not. Future implementations can take advantage of this and make this method obsolete.

GetIntField(FieldInfo[])

Get the value of a field, as an int. The first lookup that returns a valid value is used.

Declaration

public int GetIntField(params FieldInfo[] fields)

Parameters

Type	Name	Description
FieldInfo[]	fields	Field specification

Returns

Type	Description
Int32	Value, or 0 if none was found

GetIsGhostField(FieldInfo)

Determine whether the given field is a ghost field. It is sufficient that one lookup has a non-ghost, to return false

Declaration

public bool GetIsGhostField(FieldInfo field)

Parameters

Type	Name	Description
FieldInfo	field	Field specification

Returns

Type	Description
Boolean	true if a) no lookup had the field, or b) all lookups that had the field, returned true (ghost)

GetMainRight()

Declaration

public abstract ETableRight GetMainRight()

Returns

Type	Description
ETableRight

GetPersistedIntField(FieldInfo[])

Get the persisted value of a field, as an int. The first lookup that returns a valid value is used.

Declaration

public int GetPersistedIntField(params FieldInfo[] fields)

Parameters

Type	Name	Description
FieldInfo[]	fields	Field specification

Returns

Type	Description
Int32	Value, or 0 if none was found

GetRecordOwnershipIndex()

Return the sort of relationship between the current user and the Sentry's user and group.

Declaration

public virtual EOwnershipIndex GetRecordOwnershipIndex()

Returns

Type	Description
EOwnershipIndex	Relationship to the item.

GetRecordOwnershipIndex(Int32, Int32)

Return the sort of relationship between the current user and the given user and group. Use a cached value if possible

Declaration

public static EOwnershipIndex GetRecordOwnershipIndex(int assocId, int groupId)

Parameters

Type	Name	Description
Int32	assocId	The associate id of the owner of the record being guarded.
Int32	groupId	The user-group that the associate id is part of.

Returns

Type	Description
EOwnershipIndex	Relationship to the item.

GetRowSentry()

Create a copy of the Sentry holding the right instances of table and field infos.

Declaration

public abstract Sentry GetRowSentry()

Returns

Type	Description
Sentry	New instance of the Sentry.

GetStringField(FieldInfo)

Get the value of a field, as a string. The first lookup that returns a valid value is used.

Declaration

public string GetStringField(FieldInfo field)

Parameters

Type	Name	Description
FieldInfo	field	Field specification

Returns

Type	Description
String	string value, or empty string if not found

GetTableRight(TableInfo)

Returns the tableright for the given table. The table right contains the rights mask and a reason why some rights are restricted.

Declaration

public TableRight GetTableRight(TableInfo table)

Parameters

Type	Name	Description
TableInfo	table

Returns

Type	Description
TableRight	Will return a new tableright with full rights if the table is not covered by this sentry.

IgnoreRowSentry()

Declaration

public static bool IgnoreRowSentry()

Returns

Type	Description
Boolean

IgnoreSentry()

Are we currently in an 'IgnoreSentry' state? This is the place to get the answer; do not try to directly compute it - just call this method

Declaration

public static bool IgnoreSentry()

Returns

Type	Description
Boolean	true if sentry should currently be ignored

Remarks

IgnoreSentry can be set in at least two different ways: On the SoPrincipal and on the ThreadManager. Any one of them can trigger the state.

IsAssociatesOwnerContact(Int32, Int32)

Check if a contact is the owner of an associate

Declaration

protected bool IsAssociatesOwnerContact(int assocId, int contactId)

Parameters

Type	Name	Description
Int32	assocId	Id of the associate
Int32	contactId	Id of the contact we want to verify

Returns

Type	Description
Boolean	True if the contact id is the owner of the associate

IsContactCurrentDatabaseOwner(Int32)

Is the contact the owner of the current database.

Declaration

protected bool IsContactCurrentDatabaseOwner(int contactId)

Parameters

Type	Name	Description
Int32	contactId	Primary key of the contect to check.

Returns

Type	Description
Boolean	True if the contact is the owner of the current database

IsContactDatabaseOwner(Int32)

Is the contact one of the contacts owning the database?

Declaration

protected bool IsContactDatabaseOwner(int contact_id)

Parameters

Type	Name	Description
Int32	contact_id	Id of contact to check if is one of teh owner contacts.

Returns

Type	Description
Boolean	True of the contact is one of the owner contacts.

Remarks

This value can be cached.

IsContactEmployeeUserOwner(Int32)

Is the contact owner of an associate (employee users)

Declaration

protected bool IsContactEmployeeUserOwner(int contactId)

Parameters

Type	Name	Description
Int32	contactId	Id of contact to check if is one of the.

Returns

Type	Description
Boolean	True of the contact is one of the owner contacts.

Remarks

This value can be cached.

IsContactLicenseOwner(Int32)

Is the contact owner of central database and the license?

Declaration

protected bool IsContactLicenseOwner(int contactId)

Parameters

Type	Name	Description
Int32	contactId	Primary key of the contect to check.

Returns

Type	Description
Boolean	True if the contact is hte owner of central database and the license.

IsContactSatelliteOwner(Int32)

Is the contact an owner of a satelite?

Declaration

protected bool IsContactSatelliteOwner(int contact_id)

Parameters

Type	Name	Description
Int32	contact_id	Id of contact to check if it owns a satelite.

Returns

Type	Description
Boolean	True if the contact owns a satelite.

Remarks

This value can be cached.

IsFieldCovered(FieldInfo)

Returns true if the sentry has a definite opinion about the field. To find out what the opinion is, you need to use CanFieldDo(FieldInfo, EFieldRight, Boolean).

Declaration

public virtual bool IsFieldCovered(FieldInfo field)

Parameters

Type	Name	Description
FieldInfo	field	The field we are wondering about

Returns

Type	Description
Boolean

IsPersonAssociate(Int32, Boolean)

Check if a person is an associate (e.g. user).

Declaration

protected bool IsPersonAssociate(int personId, bool includeExternalUsers)

Parameters

Type	Name	Description
Int32	personId	Id of person to check if it is an associate (e.g. user).
Boolean	includeExternalUsers	If includeExternalUsers is false, external users will not be regarded as associates.

Returns

Type	Description
Boolean	True if the person is an associate (e.g. user).

IsTableCovered(TableInfo)

Returns true if the sentry has an opinion about the table in question.

Declaration

public abstract bool IsTableCovered(TableInfo table)

Parameters

Type	Name	Description
TableInfo	table

Returns

Type	Description
Boolean

IterateLookups(LookupCollection)

Iterate over the lookup collection

Declaration

protected IEnumerable<object> IterateLookups(LookupCollection lookup)

Parameters

Type	Name	Description
LookupCollection	lookup

Returns

Type	Description
IEnumerable<Object>

MakeFieldFromTableRight(TableRight)

Returns the field rights for all the fields in the given table, derived from the given tableRight.

Declaration

protected FieldRight MakeFieldFromTableRight(TableRight tableRight)

Parameters

Type	Name	Description
TableRight	tableRight	The tableRight determines the field right returned. A select table right implies a read fieldright. An Insert or Update tableright will imply a write fieldright, depending on the record id.

Returns

Type	Description
FieldRight

MakeFieldFromTableRight(TableRight, ETableRight)

Returns the field rights for all the fields in the given table, derived from the current tableRight, minus the given tableRight.

Declaration

protected FieldRight MakeFieldFromTableRight(TableRight tableRight, ETableRight allowOnly)

Parameters

Type	Name	Description
TableRight	tableRight	The tableRight determines the field right returned. A select table right implies a read fieldright. An Insert or Update tableright will imply a write fieldright.
ETableRight	allowOnly	If set, this tableRight is the one that triggers write-access when determining the fieldright returned. Useful for getting rid of write permissions when you want to force a read-only situation.

Returns

Type	Description
FieldRight

MakeFieldFromTableRight(ETableRight)

Declaration

protected EFieldRight MakeFieldFromTableRight(ETableRight tableRight)

Parameters

Type	Name	Description
ETableRight	tableRight

Returns

Type	Description
EFieldRight

MapTableToFieldRights(TableInfo, TableRight, FieldInfo[])

Adds the field rights for all the fields in the given table, derived from the given tableRight. i.e. an Update tableright will give write permission on the fields.

Declaration

protected void MapTableToFieldRights(TableInfo tableInfo, TableRight tableRight, FieldInfo[] fieldInfos = null)

Parameters

Type	Name	Description
TableInfo	tableInfo	All the fields in this table are added to the fieldrights list
TableRight	tableRight	These tablerights are used when computing the fieldrights
FieldInfo[]	fieldInfos

Remarks

This function is used for creating the base fieldrights in SuperComputeFieldRights. The ComputeFieldRights function will invariably tweak these rights slightly.

SetAllTableRights(ETableRight, String)

Copies the given right and reason into all the tablerights, except for the main table. The main table can have different rights than the dependent tables.

Declaration

protected abstract void SetAllTableRights(ETableRight right, string reason)

Parameters

Type	Name	Description
ETableRight	right
String	reason

SuperComputeDerivedTableRights()

Declaration

protected abstract void SuperComputeDerivedTableRights()

SuperComputeFieldRights()

Declaration

protected abstract void SuperComputeFieldRights()

SuperComputeTableRights()

Declaration

protected abstract void SuperComputeTableRights()

Implements

System.ICloneable

Extension Methods

EnumUtil.MapEnums<From, To>(From)

Converters.MapEnums<From, To>(From)