protected async Task <IActionResult> RunBeingAsync(string beingId, Permission?sharePermission, Func <Being, Task <IActionResult> > handler)
{
Ensure.NotNullOrEmpty(beingId, "beingId");
Being entity = await db.Beings.FindAsync(beingId);
if (entity == null)
{
return(NotFound());
}
string userId = HttpContext.User.FindUserId();
if (entity.UserId != userId)
{
if (sharePermission == null)
{
return(Unauthorized());
}
else if (sharePermission == Permission.Read && !await shareStatus.IsBeingSharedForReadAsync(beingId, userId))
{
return(Unauthorized());
}
else if (sharePermission == Permission.Write && !await shareStatus.IsBeingSharedForWriteAsync(beingId, userId))
{
return(Unauthorized());
}
}
return(await handler(entity));
}
