public bool hasAccess(int id, string path, string method)
{
CustomUser user = _context.CustomUsers.Include(x => x.People).FirstOrDefault(u => u.Id == id);
if (user == null)
{
return(false);
}
if (activeDirectory.memberOf(user, "Personas.Admin"))
{
return(true);
}
Access access = _context.Accesses.FirstOrDefault(a => a.Path == path && a.Method == method);
if (access == null)
{
return(false);
}
RolhasAccess rolhasAccess =
_context.RolshaAccesses.FirstOrDefault(ra => ra.Accessid == access.Id);
if (rolhasAccess == null)
{
return(false);
}
return(true);
}
public IHttpActionResult AddAccess(int id, [FromBody] JObject credentials)
{
int accessid = 0;
if (credentials["AccessId"] == null)
{
return(BadRequest());
}
if (!Int32.TryParse(credentials["AccessId"].ToString(), out accessid))
{
return(BadRequest());
}
Rol rol = _context.Rols.FirstOrDefault(r => r.Id == id);
Access access = _context.Accesses.FirstOrDefault(a => a.Id == accessid);
if (rol == null || access == null)
{
return(NotFound());
}
RolhasAccess rha = _context.RolshaAccesses.FirstOrDefault(x => x.Accessid == accessid && x.Rolid == id);
if (rha != null)
{
return(Ok("El usuario ya tiene este acceso!"));
}
RolhasAccess rolhasAccess = new RolhasAccess();
rolhasAccess.Id = RolhasAccess.GetNextId(_context);
rolhasAccess.Accessid = accessid;
rolhasAccess.Rolid = id;
_context.RolshaAccesses.Add(rolhasAccess);
_context.SaveChanges();
return(Ok());
}
public IHttpActionResult DeleteAccess(int id, [FromUri] int AccessId)
{
var xss = AccessId;
if (AccessId == 0)
{
return(BadRequest());
}
Rol rol = _context.Rols.FirstOrDefault(r => r.Id == id);
Access access = _context.Accesses.FirstOrDefault(a => a.Id == AccessId);
if (rol == null || access == null)
{
return(NotFound());
}
RolhasAccess rha = _context.RolshaAccesses.FirstOrDefault(x => x.Accessid == AccessId && x.Rolid == id);
_context.RolshaAccesses.Remove(rha);
_context.SaveChanges();
return(Ok());
}
