server/AyaNova/ControllerHelpers/Authorized.cs

@@ -6,6 +6,8 @@ using AyaNova.Biz;
 namespace AyaNova.Api.ControllerHelpers
 {
 
+    //AUTHORIZATION ROLES: NOTE - this is only 'stage1' of generally checking rights, individual objects can also have business rules that affect access exactly as these roles do
+    //Most objects won't need more than this but some specialized ones will have further checks depending on biz rules
 
     internal static class Authorized
     {
@@ -104,13 +106,13 @@ namespace AyaNova.Api.ControllerHelpers
         /// </summary>
         /// <param name="HttpContextItems"></param>
         /// <param name="objectType"></param>
-       
+
         /// <returns></returns>
         internal static bool HasModifyRole(IDictionary<object, object> HttpContextItems, AyaType objectType)
         {
             AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
-            
-            return HasModifyRole(currentUserRoles,  objectType);
+
+            return HasModifyRole(currentUserRoles, objectType);
         }
 
 
@@ -157,7 +159,7 @@ namespace AyaNova.Api.ControllerHelpers
             if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
                 return true;
 
-            
+
             return false;
         }