private ISofAUserDTO AddAdmin(int theaterId, ISofAUser user, ISofAUserRole role) { var theater = UnitOfWork.Theaters.Get(theaterId); if (theater != null) { user.ISofAUserRole = role; user.AdminOfTheaterId = theater.TheaterId; UnitOfWork.Users.UpdateUser(user); UnitOfWork.SaveChanges(); return(new ISofAUserDTO(user)); } return(null); }
/// <summary> /// Determines whether access for this particular request is authorized. This method uses the user <see cref="IPrincipal"/> /// returned via <see cref="HttpRequestContext.Principal"/>. Authorization is denied if the user is not authenticated, /// the user is not in the authorized group of <see cref="Users"/> (if defined), or if the user is not in any of the authorized /// <see cref="Roles"/> (if defined). /// </summary> /// <param name="actionContext">The context.</param> /// <returns><c>true</c> if access is authorized; otherwise <c>false</c>.</returns> protected virtual bool IsAuthorized(HttpActionContext actionContext) { ClaimsPrincipal user = (ClaimsPrincipal)actionContext.ControllerContext.RequestContext.Principal; if (user == null || user.Identity == null || !user.Identity.IsAuthenticated) { return(false); } if (_role == ISofAUserRole.User) { return(true); } ISofAUserRole userRole = (ISofAUserRole)int.Parse(user.FindFirst(ISofAClaimTypes.ISofAUserRole).Value); if (userRole == ISofAUserRole.SysAdmin) { return(true); } if (_role == ISofAUserRole.SysAdmin) { return(false); } int theaterId = Convert.ToInt32(actionContext.ControllerContext.RouteData.Values["theaterId"]); int userAdminOf = int.Parse(user.FindFirst(ISofAClaimTypes.ISofAAdminOf).Value); if ((int)userRole >= (int)_role && userAdminOf == theaterId) { return(true); } return(false); }
private IEnumerable <ISofAUserDTO> GetAdmins(ISofAUserRole role, int theaterId) { return(UnitOfWork.Users .Find(x => x.ISofAUserRole == role && x.AdminOfTheaterId == theaterId) .Select(x => new ISofAUserDTO(x))); }