/// <summary> /// From the info provided, return the companyLocationGroup information along with the authorization on that element. /// For now we will assume: 1. Company Owner can do everything. 2. The employee can read, but not edit. 3. Everyone else is forbidden. /// </summary> /// <param name="professionalUserId"></param> /// <param name="companyLocationGroupId"></param> /// <param name="authState"></param> /// <param name="isCompanyOwner"></param> /// <returns></returns> public CompanyLocationGroup GetAuthorization_ForACompanyLocationGroup(Guid professionalUserId, Guid companyLocationGroupId, out AuthorizationState authState, out bool isCompanyOwner) { authState = AuthorizationState.NotAllowed; isCompanyOwner = false; Company company; CompanyLocationGroup companyLocationGroup = null; company = _companyQueries.GetCompanyFromOwnerUserGuid(professionalUserId.ToString()); if (company != null) { // Owner - If it's the company owner, they have full rights. companyLocationGroup = _unitOfWork.CompanyLocationGroupsRepository.Get(i => i.CompanyLocationGroupId == companyLocationGroupId, includeProperties: "Company,CompanyLocations").FirstOrDefault(); if (companyLocationGroup == null) { companyLocationGroup = null; authState = AuthorizationState.CreateReadUpdate; } else if (companyLocationGroup != null && companyLocationGroup.Company != null && companyLocationGroup.Company.CompanyId == company.CompanyId) { isCompanyOwner = true; authState = AuthorizationState.CreateReadUpdate; } else { companyLocationGroup = null; authState = AuthorizationState.NotAllowed; } } else { // Employee - If it's an employee, they can view. company = _companyQueries.GetCompanyAndThisEmployeeFromEmployeeProfessionalUserId(professionalUserId.ToString()); if (company != null) { companyLocationGroup = _unitOfWork.CompanyLocationGroupsRepository.Get(i => i.CompanyLocationGroupId == companyLocationGroupId, includeProperties: "Company,CompanyLocations").FirstOrDefault(); if (companyLocationGroup != null && companyLocationGroup.Company != null && companyLocationGroup.Company.CompanyId == company.CompanyId) { authState = AuthorizationState.ReadOnly; } else { companyLocationGroup = null; authState = AuthorizationState.NotAllowed; } } } // If it's anyone else, they can bugger off! return(companyLocationGroup); }