2020-03-12 19:25:20 +00:00
parent 2ac227875f
commit 2cf681d7d7
10 changed files with 784 additions and 24 deletions
--- a/server/AyaNova/ControllerHelpers/Authorized.cs
+++ b/server/AyaNova/ControllerHelpers/Authorized.cs
@@ -39,6 +39,40 @@ namespace AyaNova.Api.ControllerHelpers



+        /// <summary>
+        /// READ FULL RECORD (not just name and id)
+        /// </summary>
+        /// <param name="HttpContextItems"></param>
+        /// <param name="objectType"></param>
+        /// <returns></returns>
+        internal static bool HasSelectRole(IDictionary<object, object> HttpContextItems, AyaType objectType)
+        {
+            AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
+            return HasSelectRole(currentUserRoles, objectType);
+        }
+
+        /// <summary>
+        /// SELECT BY NAME
+        /// </summary>
+        /// <param name="currentUserRoles"></param>
+        /// <param name="objectType"></param>
+        /// <returns></returns>
+        internal static bool HasSelectRole(AuthorizationRoles currentUserRoles, AyaType objectType)
+        {
+            //NOTE: this assumes that if you can change you can read
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
+                return true;
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).ReadFullRecord))
+                return true;
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Select))
+                return true;
+
+            return false;
+        }
+
+
        /// <summary>
        /// READ FULL RECORD (not just name and id)
        /// </summary>