private ISofAUserDTO AddAdmin(int theaterId, ISofAUser user, ISofAUserRole role)
{
var theater = UnitOfWork.Theaters.Get(theaterId);
if (theater != null)
{
user.ISofAUserRole = role;
user.AdminOfTheaterId = theater.TheaterId;
UnitOfWork.Users.UpdateUser(user);
UnitOfWork.SaveChanges();
return(new ISofAUserDTO(user));
}
return(null);
}
/// <summary>
/// Determines whether access for this particular request is authorized. This method uses the user <see cref="IPrincipal"/>
/// returned via <see cref="HttpRequestContext.Principal"/>. Authorization is denied if the user is not authenticated,
/// the user is not in the authorized group of <see cref="Users"/> (if defined), or if the user is not in any of the authorized
/// <see cref="Roles"/> (if defined).
/// </summary>
/// <param name="actionContext">The context.</param>
/// <returns><c>true</c> if access is authorized; otherwise <c>false</c>.</returns>
protected virtual bool IsAuthorized(HttpActionContext actionContext)
{
ClaimsPrincipal user = (ClaimsPrincipal)actionContext.ControllerContext.RequestContext.Principal;
if (user == null || user.Identity == null || !user.Identity.IsAuthenticated)
{
return(false);
}
if (_role == ISofAUserRole.User)
{
return(true);
}
ISofAUserRole userRole = (ISofAUserRole)int.Parse(user.FindFirst(ISofAClaimTypes.ISofAUserRole).Value);
if (userRole == ISofAUserRole.SysAdmin)
{
return(true);
}
if (_role == ISofAUserRole.SysAdmin)
{
return(false);
}
int theaterId = Convert.ToInt32(actionContext.ControllerContext.RouteData.Values["theaterId"]);
int userAdminOf = int.Parse(user.FindFirst(ISofAClaimTypes.ISofAAdminOf).Value);
if ((int)userRole >= (int)_role && userAdminOf == theaterId)
{
return(true);
}
return(false);
}
private IEnumerable <ISofAUserDTO> GetAdmins(ISofAUserRole role, int theaterId)
{
return(UnitOfWork.Users
.Find(x => x.ISofAUserRole == role && x.AdminOfTheaterId == theaterId)
.Select(x => new ISofAUserDTO(x)));
}
