public async Task <IEnumerable <NotificationDto> > GetUserNotificationsAsync(string username)
{
var notifications = new List <NotificationDto>();
var memberships = _breweryRepository.GetMemberships(username);
foreach (var membership in memberships)
{
if (!membership.Confirmed)
{
var notification = new NotificationDto
{
NotificationId = membership.BreweryId,
Type = "New Membership",
Message = "Added to a new brewery"
};
notifications.Add(notification);
}
}
var userBeers = await _userRepository.GetAllUserBeersAsync(username);
foreach (var userBeer in userBeers)
{
if (!userBeer.Confirmed)
{
var notification = new NotificationDto
{
NotificationId = userBeer.BeerId,
Type = "New Beer",
Message = "Added to a new beer"
};
notifications.Add(notification);
}
}
return(notifications);
}
public IEnumerable <BreweryMember> GetMemberships(string username)
{
//var breweryMemberDtos = _breweryElasticsearch.GetMemberships(username);
//if (breweryMemberDtos != null) return breweryMemberDtos;
return(_breweryRepository.GetMemberships(username));
}
public override bool CheckAccess(AuthorizationContext context)
{
var beerService = new BeerService(_beerElasticsearch, _beerRepository);
if (!context.Principal.Identity.IsAuthenticated)
{
return(false);
}
var username = context.Principal.Identity.Name;
var memberships = _breweryRepository.GetMemberships(username);
//User auth
if ((context.Action.Any((c => c.Value == "Put")) || context.Action.Any(c => c.Value == "Upload") || context.Action.Any(c => c.Value == "Resend")) &&
context.Resource.Any(c => c.Value == "User") && context.Principal.HasClaim(ClaimTypes.Role, "User") && username == context.Resource[1].Value)
{
return(true);
}
// new Beer post auth
if (context.Action.Any(c => c.Value.Equals("Post")) && context.Resource.Any(c => c.Value.Equals("Beer")) && context.Principal.HasClaim(ClaimTypes.Role, "User"))
{
return(true);
}
// New brewery post auth
if (context.Action.Any(c => c.Value.Equals("Post")) && context.Resource.Any(c => c.Value.Equals("Brewery")) && context.Principal.HasClaim(ClaimTypes.Role, "User"))
{
return(true);
}
// Update beer auth: Brewer of beer or brewery memeber with role admin are allowed to change beer.
if ((context.Action.Any(c => c.Value.Equals("Put")) || context.Action.Any(c => c.Value.Equals("Delete"))) && context.Resource.Any(c => c.Value.Equals("BeerId")))
{
int beerId;
var success = int.TryParse(context.Resource[1].Value, out beerId);
if (success && beerService.GetAllUserBeer(username).Any(b => b.Id.Equals(beerId)))
{
return(true);
}
if (memberships.Where(m => m.Role.Equals("Admin"))
.Any(b => beerService.GetAllBreweryBeers(b.BreweryId).Any(beer => beer.Id == beerId)))
{
return(true);
}
}
if ((context.Action.Any(c => c.Value == "Delete" || c.Value == "Post" || c.Value == "Put" || c.Value == "Upload")) &&
context.Resource.Any(c => c.Value.Equals("BreweryId")))
{
int breweryId;
var success = int.TryParse(context.Resource.Last().Value, out breweryId);
if (success && memberships.Any(m => m.Role != null && m.Role.Equals("Admin") && m.BreweryId == breweryId))
{
return(true);
}
if (success)
{
var members = _breweryRepository.GetMembers(breweryId);
if (!members.Any() && context.Principal.HasClaim(ClaimTypes.Role, "Admin"))
{
return(true);
}
}
}
if (context.Action.Any(c => c.Value.Equals("Post")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") &&
context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") ||
r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") ||
r.Value.Equals("Glass")))
{
return(true);
}
if (context.Action.Any(c => c.Value.Equals("Delete")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") &&
context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") ||
r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") ||
r.Value.Equals("Glass")))
{
return(true);
}
if (context.Action.Any(c => c.Value.Equals("Put")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") &&
context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") ||
r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") ||
r.Value.Equals("Glass")))
{
return(true);
}
if (context.Action.Any(c => c.Value.Equals("Reindex")) && context.Principal.HasClaim(ClaimTypes.Role, "Admin") &&
context.Resource.Any(r => r.Value.Equals("Hop") || r.Value.Equals("Yeast") || r.Value.Equals("Fermentable") ||
r.Value.Equals("Other") || r.Value.Equals("Supplier") || r.Value.Equals("Origin") || r.Value.Equals("BeerStyle") ||
r.Value.Equals("Glass") || r.Value.Equals("User") || r.Value.Equals("Beer")))
{
return(true);
}
return(false);
}
