private void VerifyCredentialsForUserBlock(string token)
{
User executingUser = UserUtillities.GetExecutingUserIfLoggedIn(token, _sessionRepository);
if (!_permissionManager.HasPermission(executingUser, Action.BlockUser))
{
throw new ForbiddenAccessException();
}
}
public LoggedUserDto Logout(string token)
{
Session session = UserUtillities.GetCurrentSession(token, _sessionRepository);
_userManager.ValidateSession(session);
_sessionRepository.Delete(session);
return(_objectMapper.Map <LoggedUserDto>(session));
}
public List <ActionDto> GetActionsOf(string token)
{
User executingUser = UserUtillities.GetExecutingUserIfLoggedIn(token, _sessionRepository);
return(_objectMapper.Map <List <ActionDto> >(executingUser.PermittedActions));
}
