Class Sentry
Implements
Inherited Members
Namespace: SuperOffice .CRM.Security
Assembly: SoDataBase.dll
Syntax
public abstract class Sentry : ICloneable
Constructors
Sentry(SentryQueryInfo)
Declaration
protected Sentry(SentryQueryInfo coveredTables)
Parameters
Type | Name | Description |
---|---|---|
Sentry |
coveredTables |
Fields
_fieldRights
Holds the result of the field rights computations.
The dictionary key is the field id, the dictionary value is the resulting Field
Declaration
protected FieldRights _fieldRights
Field Value
Type | Description |
---|---|
Field |
_lookups
Contains the list of row data providers that the sentry can consult.
Declaration
protected LookupCollection _lookups
Field Value
Type | Description |
---|---|
Lookup |
_tableRights
Holds the result of the table rights computations.
Tells us if we can add/read/update/delete the row.
This is a bit-flag, so more than one right may be set.
Key = table number (from conceptual dictionary)
Value = Tableright. Usually gotten from the Super
Declaration
protected TableRights _tableRights
Field Value
Type | Description |
---|---|
Table |
kFieldRights
Declaration
protected const string kFieldRights = "Rights"
Field Value
Type | Description |
---|---|
string |
kTableRights
Declaration
protected const string kTableRights = "Rights"
Field Value
Type | Description |
---|---|
string |
Properties
AssociateId
Returns the associate id based on the row provided to the sentry. This method must be overridden by the sub-class.
Declaration
public abstract int AssociateId { get; }
Property Value
Type | Description |
---|---|
int |
GroupId
Returns the group id of the associate based on the row provided to the sentry. This method must be overridden by the sub-class. If the row does not contain the group id of the associate, then the function must look up the appropriate group id in the associate table.
TODO CM: add multi-db aware caching mechanism for associate->usergroup mapping
Declaration
public virtual int GroupId { get; }
Property Value
Type | Description |
---|---|
int |
IsGhostRow
Returns whether the primary key field is a ghost
Declaration
public abstract bool IsGhostRow { get; }
Property Value
Type | Description |
---|---|
bool |
IsNew
Has the row been saved to teh database yet.
Declaration
public abstract bool IsNew { get; }
Property Value
Type | Description |
---|---|
bool |
Lookups
Contains the list of row data providers that the sentry can consult.
Declaration
public LookupCollection Lookups { get; }
Property Value
Type | Description |
---|---|
Lookup |
MainTable
Get main table for the sentry.
Declaration
public TableInfo MainTable { get; }
Property Value
Type | Description |
---|---|
Table |
Parent
Get the sentry collection that teh sentry belongs to.
Declaration
public SentryCollection Parent { get; }
Property Value
Type | Description |
---|---|
Sentry |
Registered
When was the item first created. Returns the current time if the field is not set (i.e. if the record has not been saved yet).
Declaration
public virtual DateTime Registered { get; }
Property Value
Type | Description |
---|---|
Date |
RegisteredAssociateId
Who created the item.
Declaration
public virtual int RegisteredAssociateId { get; }
Property Value
Type | Description |
---|---|
int |
RegisteredAssociateIdField
The field that holds the associate id of teh user first creating the item.
Declaration
public abstract FieldInfo RegisteredAssociateIdField { get; }
Property Value
Type | Description |
---|---|
Field |
RegisteredField
The field that holds information about when the item was first created.
Declaration
public abstract FieldInfo RegisteredField { get; }
Property Value
Type | Description |
---|---|
Field |
RowId
Returns the primary key id based on the row provided to the sentry. This method must be overridden by the sub-class.
Declaration
public abstract int RowId { get; }
Property Value
Type | Description |
---|---|
int |
SentryQueryInfo
Returns an array of the table-ids of the tables this sentry covers
Declaration
public SentryQueryInfo SentryQueryInfo { get; }
Property Value
Type | Description |
---|---|
Sentry |
Methods
AnalyzeQuery(PrivateSelect)
Declaration
public abstract void AnalyzeQuery(PrivateSelect sql)
Parameters
Type | Name | Description |
---|---|---|
Private |
sql |
BeginIgnoreRowSentry()
Declaration
public static IDisposable BeginIgnoreRowSentry()
Returns
Type | Description |
---|---|
IDisposable |
BeginIgnoreSentry()
Declaration
public static IDisposable BeginIgnoreSentry()
Returns
Type | Description |
---|---|
IDisposable |
CanCoverTable(TableInfo)
Declaration
public abstract bool CanCoverTable(TableInfo table)
Parameters
Type | Name | Description |
---|---|---|
Table |
table |
Returns
Type | Description |
---|---|
bool |
CanFieldDo(FieldInfo, EFieldRight, bool)
Determine if the current user has the required access rights to a field belonging to the row this sentry is protecting.
Note that the field does not have to be on the table
Declaration
public virtual bool CanFieldDo(FieldInfo field, EFieldRight rights, bool allOfRights)
Parameters
Type | Name | Description |
---|---|---|
Field |
field | SODBIF id of field we want to know about |
EField |
rights | Rights we want to have to field |
bool | allOfRights | True if all the rights must be present |
Returns
Type | Description |
---|---|
bool | True if we have some (allOfRights=False) or all (allOfRights=True) of the rights to the field. |
CanTableDo(TableInfo, ETableRight, bool)
Determine if the current user has the required access rights to the row this sentry is protecting.
Declaration
public virtual bool CanTableDo(TableInfo table, ETableRight rights, bool allOfRights)
Parameters
Type | Name | Description |
---|---|---|
Table |
table | |
ETable |
rights | one or more of the ETable |
bool | allOfRights | if true, then all of the rights must be available for the result to be true. Otherwise any of the rights must be available for the result to be true |
Returns
Type | Description |
---|---|
bool | True if the user has the required access rights to the table. |
Examples
ContactRow c = new ContactRow.IdxContactId( 1234 ); bool canModify = c.Sentry.CanTableDo( c.TableInfo, ETableRight.Insert and ETableRight.Update, false );
ClearRights()
Clears out old results from data. Called every time a row is read.
Declaration
public void ClearRights()
CreateSentries(Select)
Declaration
public static SentryCollection CreateSentries(Select sql)
Parameters
Type | Name | Description |
---|---|---|
Select | sql |
Returns
Type | Description |
---|---|
Sentry |
CreateSentry(TableInfo)
Sentry Factory function. Given a table-info, finds the appropriate sentry type (if possible) and creates a new instance.
The sentry must afterwards be populated with lookup interfaces to read the row.
Declaration
public static Sentry CreateSentry(TableInfo tableInfo)
Parameters
Type | Name | Description |
---|---|---|
Table |
tableInfo | The table we want covered: Contact, Person, Appointment, Sale, Project, Selection, Relation are suitable TableInfo types. |
Returns
Type | Description |
---|---|
Sentry | A sentry of the proper sub-class. Returns a ContactSentry if given a Contact.ContactId and a Contact.AssociateId field. |
DemandPlugins()
Demand that all required sentry plugins are present. See User
Declaration
public static void DemandPlugins()
Remarks
These user-preferences all mean the same thing:
[section] key = val[SentryAddonNames] prog.id = prog.id
[SentryAddonNames] 1 = prog.id
[SentryAddonNames] foo bar = prog.id
They all mean that the config file must load a sentry plug-in that declares itself as the "prog.id" plug-in. If the plug-in with this prog.id attribute is not loaded according to the current plug-in configuration, an exception will be thrown.
To disable a sentry preference, change its value to 0 or to blank.Exceptions
Type | Condition |
---|---|
So |
Thrown if there are any sentry plugins missing and Sentry is enabled. |
GetDateTimeField(FieldInfo)
Get the value of a field, as a DateTime. The first lookup that returns a valid value is used.
Declaration
public DateTime GetDateTimeField(FieldInfo field)
Parameters
Type | Name | Description |
---|---|---|
Field |
field | Field specification |
Returns
Type | Description |
---|---|
Date |
DateTime value, or DateTime.MinValue if not found |
GetFieldRight(FieldInfo)
Returns the fieldright for the given table.
Declaration
public FieldRight GetFieldRight(FieldInfo field)
Parameters
Type | Name | Description |
---|---|---|
Field |
field |
Returns
Type | Description |
---|---|
Field |
Returns a new fieldright with full rights if the field is not covered by this sentry. |
GetGroupFromAssociate(int)
Get the group that an associate belongs to.
Declaration
protected int GetGroupFromAssociate(int assocId)
Parameters
Type | Name | Description |
---|---|---|
int | assocId | The associate id to check group for. |
Returns
Type | Description |
---|---|
int | Group id of the group that the associate belongs to. |
Remarks
This value can be cached.
Most calculations actually only requires to find out wetter the associate belongs to a group or not. Future implementations can take advantage of this and make this method obsolete.
GetIntField(params FieldInfo[])
Get the value of a field, as an int. The first lookup that returns a valid value is used.
Declaration
public int GetIntField(params FieldInfo[] fields)
Parameters
Type | Name | Description |
---|---|---|
Field |
fields | Field specification |
Returns
Type | Description |
---|---|
int | Value, or 0 if none was found |
GetIsGhostField(FieldInfo)
Determine whether the given field is a ghost field. It is sufficient that one lookup has a non-ghost, to return false
Declaration
public bool GetIsGhostField(FieldInfo field)
Parameters
Type | Name | Description |
---|---|---|
Field |
field | Field specification |
Returns
Type | Description |
---|---|
bool | true if a) no lookup had the field, or b) all lookups that had the field, returned true (ghost) |
GetMainRight()
Declaration
public abstract ETableRight GetMainRight()
Returns
Type | Description |
---|---|
ETable |
GetPersistedIntField(params FieldInfo[])
Get the persisted value of a field, as an int. The first lookup that returns a valid value is used.
Declaration
public int GetPersistedIntField(params FieldInfo[] fields)
Parameters
Type | Name | Description |
---|---|---|
Field |
fields | Field specification |
Returns
Type | Description |
---|---|
int | Value, or 0 if none was found |
GetRecordOwnershipIndex()
Return the sort of relationship between the current user and the Sentry's user and group.
Declaration
public virtual EOwnershipIndex GetRecordOwnershipIndex()
Returns
Type | Description |
---|---|
EOwnership |
Relationship to the item. |
GetRecordOwnershipIndex(int, int)
Return the sort of relationship between the current user and the given user and group. Use a cached value if possible
Declaration
public static EOwnershipIndex GetRecordOwnershipIndex(int assocId, int groupId)
Parameters
Type | Name | Description |
---|---|---|
int | assocId | The associate id of the owner of the record being guarded. |
int | groupId | The user-group that the associate id is part of. |
Returns
Type | Description |
---|---|
EOwnership |
Relationship to the item. |
GetRowSentry()
Create a copy of the Sentry holding the right instances of table and field infos.
Declaration
public abstract Sentry GetRowSentry()
Returns
Type | Description |
---|---|
Sentry | New instance of the Sentry. |
GetStringField(FieldInfo)
Get the value of a field, as a string. The first lookup that returns a valid value is used.
Declaration
public string GetStringField(FieldInfo field)
Parameters
Type | Name | Description |
---|---|---|
Field |
field | Field specification |
Returns
Type | Description |
---|---|
string | string value, or empty string if not found |
GetTableRight(TableInfo)
Returns the tableright for the given table. The table right contains the rights mask and a reason why some rights are restricted.
Declaration
public TableRight GetTableRight(TableInfo table)
Parameters
Type | Name | Description |
---|---|---|
Table |
table |
Returns
Type | Description |
---|---|
Table |
Will return a new tableright with full rights if the table is not covered by this sentry. |
IgnoreRowSentry()
Declaration
public static bool IgnoreRowSentry()
Returns
Type | Description |
---|---|
bool |
IgnoreSentry()
Are we currently in an 'IgnoreSentry' state? This is the place to get the answer; do not try to directly compute it - just call this method
Declaration
public static bool IgnoreSentry()
Returns
Type | Description |
---|---|
bool | true if sentry should currently be ignored |
Remarks
IgnoreSentry can be set in at least two different ways: On the So
IsAssociatesOwnerContact(int, int)
Check if a contact is the owner of an associate
Declaration
protected bool IsAssociatesOwnerContact(int assocId, int contactId)
Parameters
Type | Name | Description |
---|---|---|
int | assocId | Id of the associate |
int | contactId | Id of the contact we want to verify |
Returns
Type | Description |
---|---|
bool | True if the contact id is the owner of the associate |
IsContactCurrentDatabaseOwner(int)
Is the contact the owner of the current database.
Declaration
protected bool IsContactCurrentDatabaseOwner(int contactId)
Parameters
Type | Name | Description |
---|---|---|
int | contactId | Primary key of the contect to check. |
Returns
Type | Description |
---|---|
bool | True if the contact is the owner of the current database |
IsContactDatabaseOwner(int)
Is the contact one of the contacts owning the database?
Declaration
protected bool IsContactDatabaseOwner(int contact_id)
Parameters
Type | Name | Description |
---|---|---|
int | contact_id | Id of contact to check if is one of teh owner contacts. |
Returns
Type | Description |
---|---|
bool | True of the contact is one of the owner contacts. |
Remarks
This value can be cached.
IsContactEmployeeUserOwner(int)
Is the contact owner of an associate (employee users)
Declaration
protected bool IsContactEmployeeUserOwner(int contactId)
Parameters
Type | Name | Description |
---|---|---|
int | contactId | Id of contact to check if is one of the. |
Returns
Type | Description |
---|---|
bool | True of the contact is one of the owner contacts. |
Remarks
This value can be cached.
IsContactLicenseOwner(int)
Is the contact owner of central database and the license?
Declaration
protected bool IsContactLicenseOwner(int contactId)
Parameters
Type | Name | Description |
---|---|---|
int | contactId | Primary key of the contect to check. |
Returns
Type | Description |
---|---|
bool | True if the contact is hte owner of central database and the license. |
IsContactSatelliteOwner(int)
Is the contact an owner of a satelite?
Declaration
protected bool IsContactSatelliteOwner(int contact_id)
Parameters
Type | Name | Description |
---|---|---|
int | contact_id | Id of contact to check if it owns a satelite. |
Returns
Type | Description |
---|---|
bool | True if the contact owns a satelite. |
Remarks
This value can be cached.
IsFieldCovered(FieldInfo)
Returns true if the sentry has a definite opinion about the field.
To find out what the opinion is, you need to use Can
Declaration
public virtual bool IsFieldCovered(FieldInfo field)
Parameters
Type | Name | Description |
---|---|---|
Field |
field | The field we are wondering about |
Returns
Type | Description |
---|---|
bool |
IsPersonAssociate(int, bool)
Check if a person is an associate (e.g. user).
Declaration
protected bool IsPersonAssociate(int personId, bool includeExternalUsers)
Parameters
Type | Name | Description |
---|---|---|
int | personId | Id of person to check if it is an associate (e.g. user). |
bool | includeExternalUsers | If includeExternalUsers is false, external users will not be regarded as associates. |
Returns
Type | Description |
---|---|
bool | True if the person is an associate (e.g. user). |
IsTableCovered(TableInfo)
Returns true if the sentry has an opinion about the table in question.
Declaration
public abstract bool IsTableCovered(TableInfo table)
Parameters
Type | Name | Description |
---|---|---|
Table |
table |
Returns
Type | Description |
---|---|
bool |
IterateLookups(LookupCollection)
Iterate over the lookup collection
Declaration
protected IEnumerable<object> IterateLookups(LookupCollection lookup)
Parameters
Type | Name | Description |
---|---|---|
Lookup |
lookup |
Returns
Type | Description |
---|---|
IEnumerable<object> |
MakeFieldFromTableRight(TableRight)
Returns the field rights for all the fields in the given table, derived from the given tableRight.
Declaration
protected FieldRight MakeFieldFromTableRight(TableRight tableRight)
Parameters
Type | Name | Description |
---|---|---|
Table |
tableRight | The tableRight determines the field right returned. A select table right implies a read fieldright. An Insert or Update tableright will imply a write fieldright, depending on the record id. |
Returns
Type | Description |
---|---|
Field |
MakeFieldFromTableRight(TableRight, ETableRight)
Returns the field rights for all the fields in the given table, derived from the current tableRight, minus the given tableRight.
Declaration
protected FieldRight MakeFieldFromTableRight(TableRight tableRight, ETableRight allowOnly)
Parameters
Type | Name | Description |
---|---|---|
Table |
tableRight | The tableRight determines the field right returned. A select table right implies a read fieldright. An Insert or Update tableright will imply a write fieldright. |
ETable |
allowOnly | If set, this tableRight is the one that triggers write-access when determining the fieldright returned. Useful for getting rid of write permissions when you want to force a read-only situation. |
Returns
Type | Description |
---|---|
Field |
MakeFieldFromTableRight(ETableRight)
Declaration
protected EFieldRight MakeFieldFromTableRight(ETableRight tableRight)
Parameters
Type | Name | Description |
---|---|---|
ETable |
tableRight |
Returns
Type | Description |
---|---|
EField |
MapTableToFieldRights(TableInfo, TableRight, FieldInfo[])
Adds the field rights for all the fields in the given table, derived from the given tableRight. i.e. an Update tableright will give write permission on the fields.
Declaration
protected void MapTableToFieldRights(TableInfo tableInfo, TableRight tableRight, FieldInfo[] fieldInfos = null)
Parameters
Type | Name | Description |
---|---|---|
Table |
tableInfo | All the fields in this table are added to the fieldrights list |
Table |
tableRight | These tablerights are used when computing the fieldrights |
Field |
fieldInfos |
Remarks
This function is used for creating the base fieldrights in SuperComputeFieldRights. The ComputeFieldRights function will invariably tweak these rights slightly.
SetAllTableRights(ETableRight, string)
Copies the given right and reason into all the tablerights, except for the main table. The main table can have different rights than the dependent tables.
Declaration
protected abstract void SetAllTableRights(ETableRight right, string reason)
Parameters
Type | Name | Description |
---|---|---|
ETable |
right | |
string | reason |
SuperComputeDerivedTableRights()
Declaration
protected abstract void SuperComputeDerivedTableRights()
SuperComputeFieldRights()
Declaration
protected abstract void SuperComputeFieldRights()
SuperComputeTableRights()
Declaration
protected abstract void SuperComputeTableRights()