C# (CSharp) ICompanyQueries.GetCompanyAndThisEmployeeFromEmployeeProfessionalUserId Examples

Example #1

File: AccessQueries.cs Project: HockeyJustin/MultiTenantAppointmentsMvc

        /// <summary>
        /// From the info provided, return the companyLocationGroup information along with the authorization on that element.
        /// For now we will assume: 1. Company Owner can do everything. 2. The employee can read, but not edit. 3. Everyone else is forbidden.
        /// </summary>
        /// <param name="professionalUserId"></param>
        /// <param name="companyLocationGroupId"></param>
        /// <param name="authState"></param>
        /// <param name="isCompanyOwner"></param>
        /// <returns></returns>
        public CompanyLocationGroup GetAuthorization_ForACompanyLocationGroup(Guid professionalUserId, Guid companyLocationGroupId, out AuthorizationState authState, out bool isCompanyOwner)
        {
            authState      = AuthorizationState.NotAllowed;
            isCompanyOwner = false;
            Company company;
            CompanyLocationGroup companyLocationGroup = null;

            company = _companyQueries.GetCompanyFromOwnerUserGuid(professionalUserId.ToString());

            if (company != null)
            {
                // Owner - If it's the company owner, they have full rights.
                companyLocationGroup = _unitOfWork.CompanyLocationGroupsRepository.Get(i => i.CompanyLocationGroupId == companyLocationGroupId, includeProperties: "Company,CompanyLocations").FirstOrDefault();
                if (companyLocationGroup == null)
                {
                    companyLocationGroup = null;
                    authState            = AuthorizationState.CreateReadUpdate;
                }
                else if (companyLocationGroup != null && companyLocationGroup.Company != null && companyLocationGroup.Company.CompanyId == company.CompanyId)
                {
                    isCompanyOwner = true;
                    authState      = AuthorizationState.CreateReadUpdate;
                }
                else
                {
                    companyLocationGroup = null;
                    authState            = AuthorizationState.NotAllowed;
                }
            }
            else
            {
                // Employee - If it's an employee, they can view.
                company = _companyQueries.GetCompanyAndThisEmployeeFromEmployeeProfessionalUserId(professionalUserId.ToString());
                if (company != null)
                {
                    companyLocationGroup = _unitOfWork.CompanyLocationGroupsRepository.Get(i => i.CompanyLocationGroupId == companyLocationGroupId, includeProperties: "Company,CompanyLocations").FirstOrDefault();
                    if (companyLocationGroup != null && companyLocationGroup.Company != null && companyLocationGroup.Company.CompanyId == company.CompanyId)
                    {
                        authState = AuthorizationState.ReadOnly;
                    }
                    else
                    {
                        companyLocationGroup = null;
                        authState            = AuthorizationState.NotAllowed;
                    }
                }
            }

            // If it's anyone else, they can bugger off!
            return(companyLocationGroup);
        }