Beispiel #1
0
        private SelfReportedLoanListModel RemoveInvalidLoansFromList(SelfReportedLoanListModel srList)
        {
            //get Id of the member currently logged-in
            SiteMember sm           = IntegrationLoader.LoadDependency <ISiteMembership>("siteMembership").GetMember();
            string     individualId = "";

            if (sm != null && sm.Profile != null && sm.Profile.Id != null)
            {
                individualId = sm.Profile.Id.ToString();
                _log.Debug(string.Format("SiteMember.Profile.Id = {0}", individualId));
            }

            List <string> invalidLoanIdList = new List <string>();

            //get list of current SRL's for the member logged-in
            if (!string.IsNullOrEmpty(individualId))
            {
                SelfReportedLoanListModel srListFromDB = GetSelfReportedLoans(individualId);
                foreach (SelfReportedLoanModel srl in srList.Loans)
                {
                    if (!string.IsNullOrEmpty(srl.LoanSelfReportedEntryId) && srListFromDB != null)//only care about loans being updated here.
                    {
                        bool foundValidLoan = false;
                        foreach (SelfReportedLoanModel srlFromDB in srListFromDB.Loans)
                        {
                            if (srl.LoanSelfReportedEntryId == srlFromDB.LoanSelfReportedEntryId)
                            {
                                foundValidLoan = true;
                                break;
                            }
                        }

                        // if a loan attempting to be updated by user isn't in DB, then user is tampering. Remove that loan from the update list.
                        if (!foundValidLoan)
                        {
                            invalidLoanIdList.Add(srl.LoanSelfReportedEntryId);
                            _log.Warn(string.Format("User attempted to save loan information that did not belong to them. User = {0}, LoanSelfReportedEntryId = {1}",
                                                    individualId, srl.LoanSelfReportedEntryId));
                        }
                    }
                }

                foreach (string str in invalidLoanIdList)
                {
                    SelfReportedLoanModel srl = srList.Loans.Find(l => l.LoanSelfReportedEntryId == str);
                    if (srl != null)
                    {
                        srList.Loans.Remove(srl);
                    }
                }
            }

            return(srList);
        }