private void CheckRole(DB db, UserRole leastRole)
{
if (CurrentUser == null)
throw new FaultException<AccessDeniedError>(new AccessDeniedError(), "Not authenticated");
// Fake system user need not refreshing
if (CurrentUser.Role != UserRole.System)
{
db.Users.Attach(CurrentUser);
db.Entry(CurrentUser).Reload();
}
if (CurrentUser.Role < leastRole)
throw new FaultException<AccessDeniedError>(new AccessDeniedError(), "Do not have the required role.");
}
