C# (CSharp) IAuthorizationHelper.SameInstitutionAndInstitutionScope Examples

Programming Language: C# (CSharp)

Method/Function: SameInstitutionAndInstitutionScope

Examples at hotexamples.com: 1

C# (CSharp) IAuthorizationHelper.SameInstitutionAndInstitutionScope - 1 examples found. These are the top rated real world C# (CSharp) examples of IAuthorizationHelper.SameInstitutionAndInstitutionScope extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

DoesUserHavePermission(30)

AuthorizeAsync(13)

SecurityTrimList(12)

GetUserFundingStreamPermissions(10)

Authorize(6)

GetRoles(6)

UserIsAllowed(3)

Received(3)

CheckPolicy(3)

GetNameIdentifier(2)

GetCurrentClientFromClaims(2)

GetCallerId(2)

DidNotReceive(2)

CheckIfUserIsBanned(2)

GetAccessToken(1)

GenerateJWT(1)

GetEffectivePermissionsForUser(1)

ClientExistsAndActive(1)

GetType(1)

CheckPermissionsAsync(1)

CheckLoginAsync(1)

SameInstitutionAndInstitutionScope(1)

UserExistsAndActive(1)

CheckAccessAysnc(1)

ValidatePrincipal(1)

Example #1

Show file

File: UserController.cs Project: niraymak/dex-backend

        public async Task <IActionResult> UpdateAccount(int userId, [FromBody] UserResource userResource)
        {
            if (userResource.InstitutionId != null)
            {
                int institutionId = userResource.InstitutionId.Value;
                if (institutionId < 1)
                {
                    ProblemDetails problem = new ProblemDetails
                    {
                        Title    = "Failed getting institution.",
                        Detail   = "The id of an institution can't be smaller than 1",
                        Instance = "7C50A0D7-459D-473B-9ADE-7FC5B7EEE39E"
                    };
                    return(BadRequest(problem));
                }

                Institution foundInstitution = await institutionService.FindAsync(institutionId);

                if (foundInstitution == null)
                {
                    ProblemDetails problem = new ProblemDetails
                    {
                        Title    = "Failed getting institution.",
                        Detail   = "The institution could not be found in the database.",
                        Instance = "6DECDE32-BE44-43B1-9DDD-4D14AE9CE731"
                    };
                    return(NotFound(problem));
                }
            }

            User userToUpdate = await userService.FindAsync(userId);

            if (userToUpdate == null)
            {
                ProblemDetails problem = new ProblemDetails
                {
                    Title    = "Failed getting the user account.",
                    Detail   = "The database does not contain a user with that user id.",
                    Instance = "EF4DA55A-C31A-4BC4-AE30-098DEB0D3457"
                };
                return(NotFound(problem));
            }

            User currentUser = await HttpContext.GetContextUser(userService)
                               .ConfigureAwait(false);

            bool hasFullAllowance = userService.UserHasScope(currentUser.IdentityId, nameof(Defaults.Scopes.UserWrite));

            // Has institution excluded allowance if it's your own account or if the user has the right scope for the same institution.
            // In the last case, the institution has to be the same.
            bool hasInstitutionExcludedAllowance = currentUser.Id == userId ||
                                                   await authorizationHelper.SameInstitutionAndInstitutionScope(currentUser,
                                                                                                                nameof(Defaults.Scopes.InstitutionUserWrite), userToUpdate.Id);

            if (!hasFullAllowance &&
                !hasInstitutionExcludedAllowance)
            {
                ProblemDetails problem = new ProblemDetails
                {
                    Title    = "Failed to edit the user.",
                    Detail   = "The user is not allowed to edit this user.",
                    Instance = "E28BEBC0-AE7C-49F5-BDDC-3C13972B75D0"
                };
                return(Unauthorized(problem));
            }

            // Roles that have the institution excluded allowance or it's own account can update everything except the institution id.
            if (hasInstitutionExcludedAllowance)
            {
                // Check if no institution is specified, and if an institution is specified, this institution can't be
                // updated. However, the institution can be null, because the data officer has enough rights to delete
                // a user from their institution.
                if (userResource.InstitutionId != null &&
                    userResource.InstitutionId != userToUpdate.InstitutionId)
                {
                    ProblemDetails problem = new ProblemDetails
                    {
                        Title    = "Failed to edit the user",
                        Detail   = "The user has not enough rights to update the institution id",
                        Instance = "DD72C521-1D06-4E11-A0E0-AAE515E7F900"
                    };
                    return(Unauthorized(problem));
                }
            }

            mapper.Map(userResource, userToUpdate);

            userService.Update(userToUpdate);
            userService.Save();

            return(Ok(mapper.Map <User, UserResourceResult>(userToUpdate)));
        }