admin/raven
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Browse Source
This commit is contained in:
John Cardinal
2019-05-16 22:28:28 +00:00
parent acc40671a0
commit 8fe776a3ac
21 changed files with 137 additions and 149 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
server/AyaNova/ControllerHelpers/Authorized.cs
View File

@@ -43,10 +43,10 @@ namespace AyaNova.Api.ControllerHelpers
/// <param name="HttpContextItems"></param>
/// <param name="objectType"></param>
/// <returns></returns>
internal static bool IsAuthorizedToReadFullRecord(IDictionary<object, object> HttpContextItems, AyaType objectType)
internal static bool HasReadFullRole(IDictionary<object, object> HttpContextItems, AyaType objectType)
{
AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
return IsAuthorizedToReadFullRecord(currentUserRoles, objectType);
return HasReadFullRole(currentUserRoles, objectType);
}
/// <summary>
@@ -55,7 +55,7 @@ namespace AyaNova.Api.ControllerHelpers
/// <param name="currentUserRoles"></param>
/// <param name="objectType"></param>
/// <returns></returns>
internal static bool IsAuthorizedToReadFullRecord(AuthorizationRoles currentUserRoles, AyaType objectType)
internal static bool HasReadFullRole(AuthorizationRoles currentUserRoles, AyaType objectType)
{
//NOTE: this assumes that if you can change you can read
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
@@ -75,10 +75,10 @@ namespace AyaNova.Api.ControllerHelpers
/// <param name="HttpContextItems"></param>
/// <param name="objectType"></param>
/// <returns></returns>
internal static bool IsAuthorizedToCreate(IDictionary<object, object> HttpContextItems, AyaType objectType)
internal static bool HasCreateRole(IDictionary<object, object> HttpContextItems, AyaType objectType)
{
AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
return IsAuthorizedToCreate(currentUserRoles, objectType);
return HasCreateRole(currentUserRoles, objectType);
}
/// <summary>
@@ -87,14 +87,11 @@ namespace AyaNova.Api.ControllerHelpers
/// <param name="currentUserRoles"></param>
/// <param name="objectType"></param>
/// <returns></returns>
internal static bool IsAuthorizedToCreate(AuthorizationRoles currentUserRoles, AyaType objectType)
internal static bool HasCreateRole(AuthorizationRoles currentUserRoles, AyaType objectType)
{
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
return true;
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).EditOwn))
return true;
return false;
}
@@ -107,13 +104,13 @@ namespace AyaNova.Api.ControllerHelpers
/// </summary>
/// <param name="HttpContextItems"></param>
/// <param name="objectType"></param>
/// <param name="ownerId"></param>
/// <returns></returns>
internal static bool IsAuthorizedToModify(IDictionary<object, object> HttpContextItems, AyaType objectType, long ownerId = -1)
internal static bool HasModifyRole(IDictionary<object, object> HttpContextItems, AyaType objectType)
{
AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
long currentUserId = UserIdFromContext.Id(HttpContextItems);
return IsAuthorizedToModify(currentUserRoles, currentUserId, objectType, ownerId);
return HasModifyRole(currentUserRoles, objectType);
}
@@ -121,19 +118,12 @@ namespace AyaNova.Api.ControllerHelpers
/// MODIFY
/// </summary>
/// <param name="currentUserRoles"></param>
/// <param name="currentUserId"></param>
/// <param name="objectType"></param>
/// <param name="ownerId"></param>
/// <returns></returns>
internal static bool IsAuthorizedToModify(AuthorizationRoles currentUserRoles, long currentUserId, AyaType objectType, long ownerId = -1)
internal static bool HasModifyRole(AuthorizationRoles currentUserRoles, AyaType objectType)
{
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
return true;
if (ownerId != -1)
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).EditOwn) && ownerId == currentUserId)
return true;
return false;
}
@@ -145,34 +135,29 @@ namespace AyaNova.Api.ControllerHelpers
/// </summary>
/// <param name="HttpContextItems"></param>
/// <param name="objectType"></param>
/// <param name="ownerId"></param>
/// <returns></returns>
//For now just going to treat as a modify, but for maximum flexibility keeping this as a separate method in case we change our minds in future
internal static bool IsAuthorizedToDelete(IDictionary<object, object> HttpContextItems, AyaType objectType, long ownerId = 1)
internal static bool HasDeleteRole(IDictionary<object, object> HttpContextItems, AyaType objectType)
{
AuthorizationRoles currentUserRoles = UserRolesFromContext.Roles(HttpContextItems);
long currentUserId = UserIdFromContext.Id(HttpContextItems);
return IsAuthorizedToDelete(currentUserRoles, currentUserId, objectType, ownerId);
return HasDeleteRole(currentUserRoles, objectType);
}
/// <summary>
/// DELETE
/// </summary>
/// <param name="currentUserRoles"></param>
/// <param name="currentUserId"></param>
/// <param name="objectType"></param>
/// <param name="ownerId"></param>
/// <param name="currentUserRoles"></param>
/// <param name="objectType"></param>
/// <returns></returns>
//For now just going to treat as a modify, but for maximum flexibility keeping this as a separate method in case we change our minds in future
internal static bool IsAuthorizedToDelete(AuthorizationRoles currentUserRoles, long currentUserId, AyaType objectType, long ownerId = 1)
internal static bool HasDeleteRole(AuthorizationRoles currentUserRoles, AyaType objectType)
{
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).Change))
return true;
if (currentUserRoles.HasAnyFlags(BizRoles.GetRoleSet(objectType).EditOwn) && ownerId == currentUserId)
return true;
return false;
}