public static People FilterPeopleToMatchAuthority(People people, Authority authority, int gracePeriod)
{
// First: If sysadmin, return the whole list uncensored.
if (IsSystemAdministrator(authority))
{
return(people);
}
SwarmDb databaseRead = SwarmDb.GetDatabaseForReading();
if (gracePeriod == -1)
{
gracePeriod = Membership.GracePeriod;
}
Dictionary <int, List <BasicMembership> > membershipTable =
databaseRead.GetMembershipsForPeople(people.Identities, gracePeriod);
Dictionary <int, int> geographyTable = databaseRead.GetPeopleGeographies(people.Identities);
Dictionary <int, Person> clearedPeople = new Dictionary <int, Person>();
// TODO: Add org admin role, able to see previous members that aren't anonymized yet
// Clear by organization roles
foreach (BasicPersonRole role in authority.OrganizationPersonRoles)
{
Dictionary <int, BasicOrganization> clearedOrganizations =
OrganizationCache.GetOrganizationHashtable(role.OrganizationId);
foreach (Person person in people)
{
// Is the organization cleared in this officer's role for this to-be-viewed member?
if (membershipTable.ContainsKey(person.Identity))
{
foreach (BasicMembership membership in membershipTable[person.Identity])
{
if (clearedOrganizations.ContainsKey(membership.OrganizationId)
&&
authority.HasPermission(Permission.CanSeePeople, membership.OrganizationId,
person.GeographyId, Flag.Default))
{
if (membership.Active ||
(membership.Expires > DateTime.Now.AddDays(-gracePeriod) &&
membership.Expires.AddDays(1) > membership.DateTerminated
&&
authority.HasPermission(Permission.CanSeeExpiredDuringGracePeriod,
membership.OrganizationId, person.GeographyId, Flag.Default)))
{
clearedPeople[person.Identity] = person;
break;
}
}
}
}
/* -- commented out. This means "does the current authority have Org Admin privileges over Person"?
* else if (CanSeeNonMembers)
* { //person isn't member anywhere
* clearedPeople[person.Identity] = person;
* }*/
}
}
// Clear by node roles:
//
// For each node role, check if each member is in a cleared geography AND a cleared organization.
// If so, permit view of this member. (A person in a branch of a geographical area for organizations X and Z
// should see only people of those organizations only on those nodes.)
foreach (BasicPersonRole role in authority.LocalPersonRoles)
{
Dictionary <int, BasicGeography> clearedGeographies =
GeographyCache.GetGeographyHashtable(role.GeographyId);
Dictionary <int, BasicOrganization> clearedOrganizations =
OrganizationCache.GetOrganizationHashtable(role.OrganizationId);
foreach (Person person in people)
{
// Is the node AND the organization cleared in this officer's role for this to-be-viewed member?
if (membershipTable.ContainsKey(person.Identity))
{
foreach (BasicMembership membership in membershipTable[person.Identity])
{
int organizationClear = 0;
int geographyClear = 0;
if (clearedOrganizations.ContainsKey(membership.OrganizationId))
{
organizationClear = membership.OrganizationId;
if (clearedGeographies.ContainsKey(geographyTable[person.Identity]))
{
geographyClear = geographyTable[person.Identity];
}
if (organizationClear > 0 &&
geographyClear > 0
&&
authority.HasPermission(Permission.CanSeePeople, organizationClear, geographyClear,
Flag.Default))
{
if (membership.Active ||
(membership.Expires > DateTime.Now.AddDays(-gracePeriod) &&
membership.Expires.AddDays(1) > membership.DateTerminated
&&
authority.HasPermission(Permission.CanSeeExpiredDuringGracePeriod,
membership.OrganizationId, person.GeographyId, Flag.Default)))
{
clearedPeople[person.Identity] = person;
break;
}
}
}
}
}
}
}
// End: Assemble an array of the resulting cleared people
People result = new People();
foreach (Person clearedPerson in clearedPeople.Values)
{
result.Add(clearedPerson);
}
return(result);
}
