public MemberMedical GetMedical(Guid id, bool showSensitive = false, string reason = "")
        {
            if (!(Permissions.IsUser || Permissions.IsSelf(id)))
            {
                ThrowAuthError();
            }

            var data     = db.Members.Where(f => f.Id == id).Select(f => f.MedicalInfo).SingleOrDefault();
            var contacts = db.Members.Where(f => f.Id == id).SelectMany(f => f.EmergencyContacts).ToArray();

            if (showSensitive)
            {
                if (!Permissions.IsSelf(id))
                {
                    if (string.IsNullOrWhiteSpace(reason))
                    {
                        ThrowSubmitErrors(new[] { new Web.Model.SubmitError {
                                                      Error = "Reason not specified", Property = "reason"
                                                  } });
                    }

                    Model.SensitiveInfoAccess infoAccess = new Model.SensitiveInfoAccess
                    {
                        Owner     = db.Members.Single(f => f.Id == id),
                        Action    = "Read Medical Information",
                        Actor     = (Permissions.UserId == Guid.Empty) ? User.Identity.Name : db.Members.Single(f => f.Id == Permissions.UserId).FullName,
                        Reason    = reason,
                        Timestamp = DateTime.Now,
                    };
                    db.SensitiveInfoLog.Add(infoAccess);
                    db.SaveChanges();
                }
            }

            return(new MemberMedical
            {
                IsSensitive = showSensitive,
                Allergies = data == null ? null : HiddenOrDecrypted(showSensitive, data.EncryptedAllergies),
                Medications = data == null ? null : HiddenOrDecrypted(showSensitive, data.EncryptedMedications),
                Disclosure = data == null ? null : HiddenOrDecrypted(showSensitive, data.EncryptedDisclosures),
                Contacts = contacts.Select(f =>
                {
                    if (showSensitive)
                    {
                        var contact = JsonConvert.DeserializeObject <Kcsar.Database.Model.EmergencyContactData>(EncryptionService.Unprotect(EncryptionService.MEMBER_SENSITIVE, f.EncryptedData));
                        return new EmergencyContact
                        {
                            IsSensitive = true,
                            Name = contact.Name,
                            Relation = contact.Relation,
                            Type = contact.Type,
                            Number = contact.Number,
                            Id = f.Id
                        };
                    }
                    else
                    {
                        return new EmergencyContact
                        {
                            IsSensitive = false,
                            Name = Strings.SensitiveText,
                            Type = null,
                        };
                    }
                })
            });
        }
 /// <summary>Appends sensitive info access to log. Does not call SaveChanges</summary>
 /// <param name="record"></param>
 public void RecordSensitiveAccess(SensitiveInfoAccess record)
 {
     this.SensitiveInfoLog.Add(record);
 }
        public MemberMedical GetMedical(Guid id, bool showSensitive = false, string reason = "")
        {
            if (!(Permissions.IsUser || Permissions.IsSelf(id))) ThrowAuthError();

              var data = db.Members.Where(f => f.Id == id).Select(f => f.MedicalInfo).SingleOrDefault();
              var contacts = db.Members.Where(f => f.Id == id).SelectMany(f => f.EmergencyContacts).ToArray();

              if (showSensitive)
              {
            if (!Permissions.IsSelf(id))
            {
              if (string.IsNullOrWhiteSpace(reason)) ThrowSubmitErrors(new[] { new Web.Model.SubmitError { Error = "Reason not specified", Property = "reason" } });

              Model.SensitiveInfoAccess infoAccess = new Model.SensitiveInfoAccess
              {
            Owner = db.Members.Single(f => f.Id == id),
            Action = "Read Medical Information",
            Actor = (Permissions.UserId == Guid.Empty) ? User.Identity.Name : db.Members.Single(f => f.Id == Permissions.UserId).FullName,
            Reason = reason,
            Timestamp = DateTime.Now,
              };
              db.SensitiveInfoLog.Add(infoAccess);
              db.SaveChanges();
            }
              }

              return new MemberMedical
              {
            IsSensitive = showSensitive,
            Allergies = data == null ? null : HiddenOrDecrypted(showSensitive, data.EncryptedAllergies),
            Medications = data == null ? null : HiddenOrDecrypted(showSensitive, data.EncryptedMedications),
            Disclosure = data == null ? null : HiddenOrDecrypted(showSensitive, data.EncryptedDisclosures),
            Contacts = contacts.Select(f =>
            {
              if (showSensitive)
              {
            var contact = JsonConvert.DeserializeObject<Kcsar.Database.Model.EmergencyContactData>(EncryptionService.Unprotect(EncryptionService.MEMBER_SENSITIVE, f.EncryptedData));
            return new EmergencyContact
            {
              IsSensitive = true,
              Name = contact.Name,
              Relation = contact.Relation,
              Type = contact.Type,
              Number = contact.Number,
              Id = f.Id
            };
              }
              else
              {
            return new EmergencyContact
            {
              IsSensitive = false,
              Name = Strings.SensitiveText,
              Type = null,
            };
              }
            })
              };
        }