How to restrict attachment upload on specific conditions.
Hi All,
I have a requirement to restrict the user from uploading or deleting attachments once a particular date is reached. I have tried to remove access rights for attachment object in a business process but still the user is able to upload attachments.
Like
Hello Balaka,
could you please let us know where exactly are you trying to prevent the user from uploading/deleting attachments?
Thank you.
Hi,
You can create a sub-process on the correspondent object to restrict adding new records or deleting records based on some conditions. For example here is the code I created for the AccountFile records:
1) Created a sub-process:
2) Specified the following code in the "Methods" tab of the subprocess:
namespace Terrasoft.Configuration { using DataContract = Terrasoft.Nui.ServiceModel.DataContract; using Newtonsoft.Json; using Newtonsoft.Json.Linq; using System; using System.Collections.Generic; using System.Collections.ObjectModel; using System.Data; using System.Drawing; using System.Globalization; using System.IO; using System.Linq; using Terrasoft.Common; using Terrasoft.Common.Json; using Terrasoft.Configuration; using Terrasoft.Core; using Terrasoft.Core.Configuration; using Terrasoft.Core.DB; using Terrasoft.Core.DcmProcess; using Terrasoft.Core.Entities; using Terrasoft.Core.Factories; using Terrasoft.Core.Process; using Terrasoft.Core.Process.Configuration; using Terrasoft.GlobalSearch.Indexing; using Terrasoft.UI.WebControls.Controls; using Terrasoft.UI.WebControls.Utilities.Json.Converters; #region Class: AccountFile_CustomEventsProcess public partial class AccountFile_CustomEventsProcess<TEntity> { #region Methods: Public public override void OnFileSaving() { DateTime currentDateTime = DateTime.Now; var accountId = Entity.GetTypedColumnValue<Guid>("AccountId"); var accountResultESQ = new EntitySchemaQuery(UserConnection.EntitySchemaManager, "Account"); accountResultESQ.UseAdminRights = true; accountResultESQ.AddColumn("Id"); accountResultESQ.AddColumn("UsrRestrictUploadDateTime"); accountResultESQ.CreateFilterWithParameters(FilterComparisonType.Equal, "Id", accountId); var accountResult = accountResultESQ.GetEntityCollection(UserConnection); var connectedAccountData = accountResult[0]; connectedAccountData.UseAdminRights = true; DateTime restrictDateTime = connectedAccountData.GetTypedColumnValue<DateTime>("UsrRestrictUploadDateTime"); int comparisonResult = DateTime.Compare(currentDateTime, restrictDateTime); if (comparisonResult < 0) { base.OnFileSaving(); } else { throw new Exception("Restricted!"); } } public virtual void OnFileDeleting() { DateTime currentDateTime = DateTime.Now; var accountId = Entity.GetTypedColumnValue<Guid>("AccountId"); var accountResultESQ = new EntitySchemaQuery(UserConnection.EntitySchemaManager, "Account"); accountResultESQ.UseAdminRights = true; accountResultESQ.AddColumn("Id"); accountResultESQ.AddColumn("UsrRestrictUploadDateTime"); accountResultESQ.CreateFilterWithParameters(FilterComparisonType.Equal, "Id", accountId); var accountResult = accountResultESQ.GetEntityCollection(UserConnection); var connectedAccountData = accountResult[0]; connectedAccountData.UseAdminRights = true; DateTime restrictDateTime = connectedAccountData.GetTypedColumnValue<DateTime>("UsrRestrictUploadDateTime"); int comparisonResult = DateTime.Compare(currentDateTime, restrictDateTime); if (comparisonResult < 0) { base.DeleteFileUsingFileApi(); } else { throw new Exception("Restricted!"); } } #endregion } #endregion }
The logic in the code will compare the date\time value specified in the UsrRestrictUploadDateTime column of the main account record where the "Account attachments" detail is located, and it the current date and time is greater than the UsrRestrictUploadDateTime column value then the save and delete will fail:
As for deleting the file: custom exception doesn't work here and the standard message is returned:
Didn't figure out why, but it won't let deleting a record anyway. Also if this logic should be applied to specific users then you will also need to create an additional logic of checking if the current user (information on the user can be received from UserConnection) can or cannot add\delete files.
Hope it helps.
Best regards,
Oscar
Oleg Drobina,
Hi Oscar,
Have you found any solution? on custom, the exception doesn't work on the deletion scenario above and the standard message is returned.
Let me know if you have any solutions.
Regards.