public async Task <ActionResult <GameAction> > PostGameAction([FromBody] ModeratorAction moderatorAction)
{
_context.Actions.Add(moderatorAction);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetGameAction", new { id = moderatorAction.Id }, moderatorAction));
}
public static bool HasPermission(IPrincipal user, string subverse, ModeratorAction action, IEnumerable <Data.Models.SubverseModerator> modList = null)
{
if (user.IsInAnyRole(new[] { UserRole.GlobalAdmin, UserRole.Admin, UserRole.DelegateAdmin }))
{
return(true);
}
var userName = user.Identity.Name;
bool result = false;
if (!String.IsNullOrEmpty(userName) && !String.IsNullOrEmpty(subverse))
{
var r = GetModerators(subverse, modList);
if (r != null && r.Any())
{
result = r.Any(x =>
x.UserName.ToLower() == userName.ToLower() &&
HasPermission((ModeratorLevel)x.Power, action));
}
//if they don't have permissions check if global janitor and request is for janitor role
if (!result)
{
if (user.IsInAnyRole(new[] { UserRole.GlobalJanitor }))
{
result = HasPermission(ModeratorLevel.Janitor, action);
}
}
}
return(result);
}
public static bool HasPermission(ModeratorLevel level, ModeratorAction action)
{
bool result = false;
var levelEvaluator = new Func <ModeratorLevel, IEnumerable <ModeratorLevel>, bool>((currentLevel, allowedLevels) =>
{
bool allowed = false;
if (allowedLevels != null && allowedLevels.Any())
{
allowed = allowedLevels.Any(x => currentLevel == x);
}
return(allowed);
});
switch (action)
{
case ModeratorAction.InviteMods:
case ModeratorAction.RemoveMods:
case ModeratorAction.ModifySettings:
case ModeratorAction.AssignStickies:
result = levelEvaluator(level, new ModeratorLevel[] { ModeratorLevel.Owner, ModeratorLevel.Moderator });
break;
case ModeratorAction.DeleteComments:
case ModeratorAction.DeletePosts:
case ModeratorAction.Banning:
case ModeratorAction.DistinguishContent:
case ModeratorAction.AssignFlair:
case ModeratorAction.ReadMail:
case ModeratorAction.SendMail:
case ModeratorAction.AccessReports:
case ModeratorAction.MarkReports:
result = levelEvaluator(level, new ModeratorLevel[] { ModeratorLevel.Owner, ModeratorLevel.Moderator, ModeratorLevel.Janitor });
break;
case ModeratorAction.ModifyCSS:
case ModeratorAction.ModifyFlair:
result = levelEvaluator(level, new ModeratorLevel[] { ModeratorLevel.Owner, ModeratorLevel.Moderator, ModeratorLevel.Designer });
break;
case ModeratorAction.DeleteMail: //mod mail should not be deleted
default:
result = false;
break;
}
return(result);
}
public static bool HasPermission(string userName, string subverse, ModeratorAction action, IEnumerable <Data.Models.SubverseModerator> modList = null)
{
bool result = false;
if (!String.IsNullOrEmpty(userName) && !String.IsNullOrEmpty(subverse))
{
var r = GetModerators(subverse, modList);
if (r != null && r.Any())
{
result = r.Any(x =>
x.UserName.Equals(userName, StringComparison.OrdinalIgnoreCase) &&
HasPermission((ModeratorLevel)x.Power, action));
}
}
return(result);
}
