public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType) { Person approver = _personRepo.GetOne(context.PersonId); if (approver == null) { throw new UnauthorizedAccessException("Approver not found"); } //check if person has authority to approve/reject OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value); if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value) { accessRequest.IsAccessRequested = false; _accessRequestRepo.Update(accessRequest); if (approvalActionType == ApprovalDecisionType.Approve) { _organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value); } } else { throw new UnauthorizedOperationException("User is not an administrator of this organization", EntityOperationType.Update); } }
public void ApproveAccessRequest(Guid personId, Guid organizationId, UserSecurityContext context, ApprovalDecisionType approvalActionType) { AccessRequest request = _accessRequestRepo.GetPendingAccessRequest(personId, organizationId); ApproveAccessRequest(request, context, approvalActionType); }
public void ApproveAccessRequest(Guid accessRequestId, UserSecurityContext context, ApprovalDecisionType approvalActionType = ApprovalDecisionType.Approve) { AccessRequest request = _accessRequestRepo.GetOne(accessRequestId); ApproveAccessRequest(request, context, approvalActionType); }
public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType) { Person approver = _personRepo.GetOne(context.PersonId); if (approver == null) { throw new UnauthorizedAccessException("Approver not found"); } // Check if Person has Authority to Approve/Reject OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value); if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value) { accessRequest.IsAccessRequested = false; _accessRequestRepo.Update(accessRequest); //TODO - Disabling as dbcontext is tracking the same ID, need to fix this. //_accessRequestRepo.SoftDelete(accessRequest.Id.Value); if (approvalActionType == ApprovalDecisionType.Approve) { _organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value); } } else { throw new UnauthorizedAccessException("User is not an Administrator of this Organization"); } }