public async Task <IActionResult> ValidateInstantiation(string org, string app, [FromQuery] int partyId)
{
UserContext userContext = await _userHelper.GetUserContext(HttpContext);
UserProfile user = await _profile.GetUserProfile(userContext.UserId);
List <Party> partyList = await _authorization.GetPartyList(userContext.UserId);
Application application = _appResourcesService.GetApplication();
if (application == null)
{
return(NotFound("Application not found"));
}
PartyTypesAllowed partyTypesAllowed = application.PartyTypesAllowed;
Party partyUserRepresents = null;
// Check if the user can represent the supplied partyId
if (partyId != user.PartyId)
{
Party represents = InstantiationHelper.GetPartyByPartyId(partyList, partyId);
if (represents == null)
{
// the user does not represent the chosen party id, is not allowed to initiate
return(Ok(new InstantiationValidationResult
{
Valid = false,
Message = "The user does not represent the supplied party",
ValidParties = InstantiationHelper.FilterPartiesByAllowedPartyTypes(partyList, partyTypesAllowed)
}));
}
partyUserRepresents = represents;
}
if (partyUserRepresents == null)
{
// if not set, the user represents itself
partyUserRepresents = user.Party;
}
// Check if the application can be initiated with the party chosen
bool canInstantiate = InstantiationHelper.IsPartyAllowedToInstantiate(partyUserRepresents, partyTypesAllowed);
if (!canInstantiate)
{
return(Ok(new InstantiationValidationResult
{
Valid = false,
Message = "The supplied party is not allowed to instantiate the application",
ValidParties = InstantiationHelper.FilterPartiesByAllowedPartyTypes(partyList, partyTypesAllowed)
}));
}
return(Ok(new InstantiationValidationResult
{
Valid = true,
}));
}
/// <summary>
/// Checks if a party is allowed to initiate an application based on the applications AllowedPartyTypes
/// </summary>
/// <param name="party">The party to check</param>
/// <param name="partyTypesAllowed">The allowed party types</param>
/// <returns>True or false</returns>
public static bool IsPartyAllowedToInstantiate(Party party, PartyTypesAllowed partyTypesAllowed)
{
if (party == null)
{
return(false);
}
if (partyTypesAllowed == null || (!partyTypesAllowed.BankruptcyEstate && !partyTypesAllowed.Organisation && !partyTypesAllowed.Person && !partyTypesAllowed.SubUnit))
{
// if party types not set, all parties are allowed to initiate
return(true);
}
PartyType partyType = party.PartyTypeName;
bool isAllowed = false;
bool isSubUnit = party.UnitType != null && (SUB_UNIT_CODE.Equals(party.UnitType.Trim()) || SUB_UNIT_CODE_AAFY.Equals(party.UnitType.Trim()));
bool isMainUnit = !isSubUnit;
bool isKbo = party.UnitType != null && BANKRUPTCY_CODE.Equals(party.UnitType.Trim());
switch (partyType)
{
case PartyType.Person:
if (partyTypesAllowed.Person == true)
{
isAllowed = true;
}
break;
case PartyType.Organisation:
if (isMainUnit && partyTypesAllowed.Organisation)
{
isAllowed = true;
}
else if (isSubUnit && partyTypesAllowed.SubUnit)
{
isAllowed = true;
}
else if (isKbo && partyTypesAllowed.BankruptcyEstate)
{
isAllowed = true;
}
break;
case PartyType.SelfIdentified:
if (partyTypesAllowed.Person == true)
{
isAllowed = true;
}
break;
}
return(isAllowed);
}
/// <summary>
/// Filters a list of parties based on an applications allowed party types.
/// </summary>
/// <param name="parties">The list of parties to be filtered</param>
/// <param name="partyTypesAllowed">The allowed party types</param>
/// <returns>A list with the filtered parties</returns>
public static List <Party> FilterPartiesByAllowedPartyTypes(List <Party> parties, PartyTypesAllowed partyTypesAllowed)
{
List <Party> allowed = new List <Party>();
if (parties == null || partyTypesAllowed == null)
{
return(allowed);
}
parties.ForEach(party =>
{
bool canPartyInstantiate = IsPartyAllowedToInstantiate(party, partyTypesAllowed);
bool isChildPartyAllowed = false;
List <Party> allowedChildParties = null;
if (party.ChildParties != null)
{
allowedChildParties = new List <Party>();
foreach (Party childParty in party.ChildParties)
{
if (IsPartyAllowedToInstantiate(childParty, partyTypesAllowed))
{
allowedChildParties.Add(childParty);
isChildPartyAllowed = true;
}
}
}
if (canPartyInstantiate && isChildPartyAllowed)
{
party.ChildParties = new List <Party>();
party.ChildParties.AddRange(allowedChildParties);
allowed.Add(party);
}
else if (!canPartyInstantiate && isChildPartyAllowed)
{
party.ChildParties = new List <Party>();
party.OnlyHierarchyElementWithNoAccess = true;
party.ChildParties.AddRange(allowedChildParties);
allowed.Add(party);
}
else if (canPartyInstantiate)
{
party.ChildParties = new List <Party>();
allowed.Add(party);
}
});
return(allowed);
}
/// <summary>
/// Checks if a party is allowed to initiate an application based on the applications AllowedPartyTypes
/// </summary>
/// <param name="party">The party to check</param>
/// <param name="partyTypesAllowed">The allowed party types</param>
/// <returns>True or false</returns>
public static bool IsPartyAllowedToInstantiate(Party party, PartyTypesAllowed partyTypesAllowed)
{
if (party == null)
{
return(false);
}
if (partyTypesAllowed == null || (!partyTypesAllowed.BankruptcyEstate && !partyTypesAllowed.Organization && !partyTypesAllowed.Person && !partyTypesAllowed.SubUnit))
{
// if party types not set, all parties are allowed to initiate
return(true);
}
PartyType partyType = party.PartyTypeName;
bool isAllowed = false;
switch (partyType)
{
case PartyType.Person:
if (partyTypesAllowed.Person == true)
{
isAllowed = true;
}
break;
case PartyType.Organization:
if (partyTypesAllowed.Organization == true)
{
isAllowed = true;
}
else if (partyTypesAllowed.BankruptcyEstate == true)
{
// BankruptcyEstate is a sub group of organization
if (party.UnitType != null && BANKRUPTCY_CODE.Equals(party.UnitType.Trim()))
{
// The org is a BankruptcyEstate, and BankruptcyEstate are allowed to initiate
isAllowed = true;
}
}
else if (partyTypesAllowed.SubUnit == true)
{
// SubUnit is a sub group of organization
if (party.UnitType != null && (SUB_UNIT_CODE.Equals(party.UnitType.Trim()) || SUB_UNIT_CODE_AAFY.Equals(party.UnitType.Trim())))
{
// The org is a SubUnit, and SubUnits are allowed to initiate
isAllowed = true;
}
}
break;
case PartyType.SelfIdentified:
if (partyTypesAllowed.Person == true)
{
isAllowed = true;
}
break;
}
return(isAllowed);
}
/// <summary>
/// Filters a list of parties based on an applications allowed party types.
/// </summary>
/// <param name="parties">The list of parties to be filtered</param>
/// <param name="partyTypesAllowed">The allowed party types</param>
/// <returns>A list with the filtered parties</returns>
public static List <Party> FilterPartiesByAllowedPartyTypes(List <Party> parties, PartyTypesAllowed partyTypesAllowed)
{
List <Party> allowed = new List <Party>();
if (parties == null || partyTypesAllowed == null)
{
return(allowed);
}
parties.ForEach(party =>
{
if (IsPartyAllowedToInstantiate(party, partyTypesAllowed))
{
allowed.Add(party);
}
});
return(allowed);
}
