Ejemplo n.º 1
0
        public async Task <bool> CheckUserCanEdit(long userId, int inspectionId)
        {
            var wsre = await _context.WSRE.FindAsync(inspectionId);

            var user = await _context.USER_TABLE.FindAsync(userId);

            if (wsre == null || user == null)
            {
                return(false);
            }
            var  jobsiteId = wsre.JobsiteId;
            bool hasAccess = AuthorizeUserAccess.verifyAccessToJobsite(userId, jobsiteId, false);

            if (!hasAccess)
            {
                return(false);
            }
            if (user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("inspector") ||
                user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("interpreter") ||
                user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("administrator") ||
                user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("super user"))
            {
                return(true);
            }
            return(false);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Checks if the given user id is allowed to view the given inspection.
        /// </summary>
        /// <param name="userId">The user Id to check the access for</param>
        /// <param name="inspectionId">The inspection Id to check the access for</param>
        /// <returns>True if user is allowed to access the inspection</returns>
        public async Task <bool> VerifyUserAccessToInspection(long userId, int inspectionId)
        {
            var wsre = await _context.WSRE.FindAsync(inspectionId);

            if (wsre == null)
            {
                return(false);
            }
            var jobsiteId = wsre.JobsiteId;

            return(AuthorizeUserAccess.verifyAccessToJobsite(userId, jobsiteId, false));
        }