public virtual AccessibleStudents GetAccessibleStudents(int? educationOrganization, bool isSearch) { //If an education organization is not provided, then the user MUST have a state level claim. if (educationOrganization == null && !isSearch) { return new AccessibleStudents { CanAccessAllStudents = currentUserClaimInterrogator.HasClaimForStateAgency(EdFiClaimTypes.ViewAllStudents), StudentUSIs = new HashSet<long>() }; } if (isSearch && currentUserClaimInterrogator.HasClaimForStateAgency(EdFiClaimTypes.ViewAllStudents)) { return new AccessibleStudents { CanAccessAllStudents = true, StudentUSIs = new HashSet<long>() }; } //If this isn't a search, the request is siloed to the current LEA, if they have ViewAllSudents for the LEA mark that they can see them all. if (!isSearch && currentUserClaimInterrogator.HasClaimForLocalEducationAgencyWithinEducationOrganizationHierarchy(EdFiClaimTypes.ViewAllStudents, (int)educationOrganization)) { // they can see all students var result = new AccessibleStudents { CanAccessAllStudents = true, StudentUSIs = new HashSet<long>() }; return result; } if ( //Regular calls, check context !isSearch && (currentUserClaimInterrogator.HasClaimWithinEducationOrganizationHierarchy(EdFiClaimTypes.ViewAllStudents, (int)educationOrganization) || currentUserClaimInterrogator.HasClaimWithinEducationOrganizationHierarchy(EdFiClaimTypes.ViewMyStudents, (int)educationOrganization)) //Search specific, check all associated edOrgs. TODO: Verify performance of multi LEA searches. WE CHANGED TO HASHSET<int> for faster performance. || (isSearch && (currentUserClaimInterrogator.HasClaimForSearch(EdFiClaimTypes.ViewAllStudents) || currentUserClaimInterrogator.HasClaimForSearch(EdFiClaimTypes.ViewMyStudents)))) { var result = new AccessibleStudents { CanAccessAllStudents = false, //StudentUSIs = authorizationInformationProvider.GetPrincipalStudentUSIs(UserInformation.Current.StaffUSI).ToArray(), //Returns all student usi's available to the user at any school they have approporiate claims associations for. StudentUSIs = authorizationInformationProvider.GetAllStaffStudentUSIs(UserInformation.Current.StaffUSI), }; return result; } return new AccessibleStudents { CanAccessAllStudents = false, StudentUSIs = new HashSet<long>() }; }
public StudentFilter(AccessibleStudents accessibleStudents) { this.accessibleStudents = accessibleStudents; }