2018-06-28 23:41:48 +00:00
commit 515bd37952
256 changed files with 29890 additions and 0 deletions
--- a/server/AyaNova/ControllerHelpers/Authorized.cs
+++ b/server/AyaNova/ControllerHelpers/Authorized.cs
@@ -0,0 +1,121 @@
+using EnumsNET;
+using System.Collections.Generic;
+using AyaNova.Biz;
+
+
+namespace AyaNova.Api.ControllerHelpers
+{
+
+
+    internal static class Authorized
+    {
+
+        /// <summary>
+        /// User has any ops role limited or full
+        /// </summary>
+        /// <param name="HttpContextItems"></param>   
+        /// <param name="CheckRoles"></param>    
+        /// <returns></returns>       
+        internal static bool HasAnyRole(IDictionary<object, object> HttpContextItems, AuthorizationRoles CheckRoles)
+        {
+            AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
+            if (currentUserRoles.HasAnyFlags(CheckRoles))
+                return true;
+            return false;
+        }
+
+
+
+        /// <summary>
+        /// READ / GENERAL ACCESS
+        /// </summary>
+        /// <param name="HttpContextItems"></param>
+        /// <param name="objectType"></param>
+        /// <returns></returns>
+        internal static bool IsAuthorizedToRead(IDictionary<object, object> HttpContextItems, AyaType objectType)
+        {
+            AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
+
+            //NOTE: this assumes that if you can change you can read
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
+                return true;
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Read))
+                return true;
+
+            return false;
+
+
+        }
+
+        /// <summary>
+        /// CREATE
+        /// </summary>
+        /// <param name="HttpContextItems"></param>
+        /// <param name="objectType"></param>
+        /// <returns></returns>
+        internal static bool IsAuthorizedToCreate(IDictionary<object, object> HttpContextItems, AyaType objectType)
+        {
+            AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
+                return true;
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).EditOwn))
+                return true;
+
+            return false;
+        }
+
+
+        /// <summary>
+        /// MODIFY
+        /// </summary>
+        /// <param name="HttpContextItems"></param>
+        /// <param name="objectType"></param>
+        /// <param name="ownerId"></param>
+        /// <returns></returns>
+        internal static bool IsAuthorizedToModify(IDictionary<object, object> HttpContextItems, AyaType objectType, long ownerId = -1)
+        {
+            AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
+            long currentUserId = UserIdFromContext.Id(HttpContextItems);
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
+                return true;
+            if (ownerId != -1)
+                if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).EditOwn) && ownerId == currentUserId)
+                    return true;
+
+            return false;
+        }
+
+
+
+
+        /// <summary>
+        /// DELETE
+        /// </summary>
+        /// <param name="HttpContextItems"></param>
+        /// <param name="objectType"></param>
+        /// <param name="ownerId"></param>
+        /// <returns></returns>
+        //For now just going to treat as a modify, but for maximum flexibility keeping this as a separate method in case we change our minds in future
+        internal static bool IsAuthorizedToDelete(IDictionary<object, object> HttpContextItems, AyaType objectType, long ownerId = 1)
+        {
+            AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
+            long currentUserId = UserIdFromContext.Id(HttpContextItems);
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
+                return true;
+
+            if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).EditOwn) && ownerId == currentUserId)
+                return true;
+
+            return false;
+        }
+
+
+
+    }
+
+
+}//eons