/// <summary> /// Проверяет является ли userId последним админом /// Если является, то бросается эксепшн NeedAdminException /// </summary> /// <exception cref="NeedAdminException"></exception> /// <returns>Настройки пользователя в организации</returns> private IOrganizationUser CheckLastAdmin(int organizationId, int userId) { List <IOrganizationUser> list = Repository.Organizations.GetOrganizationUsers(organizationId).ToList(); IOrganizationUser user = list.First(x => x.UserId == userId); EmployeeRole role = user.GetUserRole(); if (role.HasTheFlag(EmployeeRole.Administrator)) { int count = list.Count(x => x.GetUserRole().HasTheFlag(EmployeeRole.Administrator)); if (count < 2) { throw new NeedAdminException("В организации должен быть хотя бы один администратор"); } } return(user); }
/// <summary> /// Проверка прав в организации /// </summary> private ResultType?НasAccessToOrganization(ActionExecutingContext filterContext) { OrganizationPermissionAttribute attribute = (OrganizationPermissionAttribute)filterContext .ActionDescriptor .GetCustomAttributes(typeof(OrganizationPermissionAttribute), false) .FirstOrDefault(); if (attribute != null) { int?organizationId = (int?)filterContext.ActionParameters[attribute.IdParamName]; if (organizationId.HasValue) { ViewData.Add("CurrentOrganizationId", organizationId.Value); EmployeeSettings employeeSettings = Utility.Organizations .GetUserSettings(organizationId.Value, Utility.Authentication.UserId); if (employeeSettings == null) { return(attribute.ResultType); } EmployeeRole userRole = employeeSettings.Settings.GetUserRole(); ViewData.Add("RoleInOrganization", userRole); bool hasAccess = false; foreach (EmployeeRole roles in attribute.Roles) { hasAccess |= userRole.HasTheFlag(roles); if (hasAccess) { break; } } return(hasAccess ? (ResultType?)null : attribute.ResultType); } } return(null); }