public async Task <IEnumerable <NotificationDto> > GetUserNotificationsAsync(string username) { var notifications = new List <NotificationDto>(); var memberships = _breweryRepository.GetMemberships(username); foreach (var membership in memberships) { if (!membership.Confirmed) { var notification = new NotificationDto { NotificationId = membership.BreweryId, Type = "New Membership", Message = "Added to a new brewery" }; notifications.Add(notification); } } var userBeers = await _userRepository.GetAllUserBeersAsync(username); foreach (var userBeer in userBeers) { if (!userBeer.Confirmed) { var notification = new NotificationDto { NotificationId = userBeer.BeerId, Type = "New Beer", Message = "Added to a new beer" }; notifications.Add(notification); } } return(notifications); }
public IEnumerable <BreweryMember> GetMemberships(string username) { //var breweryMemberDtos = _breweryElasticsearch.GetMemberships(username); //if (breweryMemberDtos != null) return breweryMemberDtos; return(_breweryRepository.GetMemberships(username)); }
public override bool CheckAccess(AuthorizationContext context) { var beerService = new BeerService(_beerElasticsearch, _beerRepository); if (!context.Principal.Identity.IsAuthenticated) { return(false); } var username = context.Principal.Identity.Name; var memberships = _breweryRepository.GetMemberships(username); //User auth if ((context.Action.Any((c => c.Value == "Put")) || context.Action.Any(c => c.Value == "Upload") || context.Action.Any(c => c.Value == "Resend")) && context.Resource.Any(c => c.Value == "User") && context.Principal.HasClaim(ClaimTypes.Role, "User") && username == context.Resource[1].Value) { return(true); } // new Beer post auth if (context.Action.Any(c => c.Value.Equals("Post")) && context.Resource.Any(c => c.Value.Equals("Beer")) && context.Principal.HasClaim(ClaimTypes.Role, "User")) { return(true); } // New brewery post auth if (context.Action.Any(c => c.Value.Equals("Post")) && context.Resource.Any(c => c.Value.Equals("Brewery")) && context.Principal.HasClaim(ClaimTypes.Role, "User")) { return(true); } // Update beer auth: Brewer of beer or brewery memeber with role admin are allowed to change beer. if ((context.Action.Any(c => c.Value.Equals("Put")) || context.Action.Any(c => c.Value.Equals("Delete"))) && context.Resource.Any(c => c.Value.Equals("BeerId"))) { int beerId; var success = int.TryParse(context.Resource[1].Value, out beerId); if (success && beerService.GetAllUserBeer(username).Any(b => b.Id.Equals(beerId))) { return(true); } if (memberships.Where(m => m.Role.Equals("Admin")) .Any(b => beerService.GetAllBreweryBeers(b.BreweryId).Any(beer => beer.Id == beerId))) { return(true); } } if ((context.Action.Any(c => c.Value == "Delete" || c.Value == "Post" || c.Value == "Put" || c.Value == "Upload")) && context.Resource.Any(c => c.Value.Equals("BreweryId"))) { int breweryId; var success = int.TryParse(context.Resource.Last().Value, out breweryId); if (success && memberships.Any(m => m.Role != null && m.Role.Equals("Admin") && m.BreweryId == breweryId)) { return(true); } if (success) { var members = _breweryRepository.GetMembers(breweryId); if (!members.Any() && context.Principal.HasClaim(ClaimTypes.Role, "Admin")) { return(true); } } } if (context.Action.Any(c => c.Value.Equals("Post")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") && context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") || r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") || r.Value.Equals("Glass"))) { return(true); } if (context.Action.Any(c => c.Value.Equals("Delete")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") && context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") || r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") || r.Value.Equals("Glass"))) { return(true); } if (context.Action.Any(c => c.Value.Equals("Put")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") && context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") || r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") || r.Value.Equals("Glass"))) { return(true); } if (context.Action.Any(c => c.Value.Equals("Reindex")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") && context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") || r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") || r.Value.Equals("Glass") || r.Value.Equals("User") || r.Value.Equals("Beer"))) { return(true); } return(false); }