public async Task <IEnumerable <PendingAccessRequest> > GetAccessRequests(int profileId)
{
var user = await this.userManager.GetUserAsync(HttpContext.User);
var userPermissionLevel = await this.dataRepo.GetProfilePermissionForUserAsync(profileId, user.Id);
if (!userPermissionLevel.HasValue ||
!PermissionsOrder.GreaterThanOrEqual(userPermissionLevel.Value, GuildProfilePermissionLevel.Officer))
{
throw new UserReportableError($"User does not have permissions to approve access requests for profile '{profileId}'.",
(int)HttpStatusCode.Unauthorized);
}
var efRequests = await this.dataRepo.GetAccessRequestsAsync(profileId);
return(efRequests.Select(x => new PendingAccessRequest()
{
Id = x.Id,
CreatedOn = x.CreatedOn,
ProfileId = x.ProfileId,
User = new UserStub()
{
Id = x.Requester.Id,
Email = x.Requester.Email,
Username = x.Requester.UserName
}
}));
}
public async Task <FullGuildProfile> GetFullGuildProfile(int profileId)
{
var user = await this.userManager.GetUserAsync(HttpContext.User);
var permissionLevel = await this.GetCurrentPermissionLevel(profileId, user);
bool isOfficer = permissionLevel.HasValue
? PermissionsOrder.GreaterThanOrEqual(permissionLevel.Value,
GuildProfilePermissionLevel.Officer)
: false;
var repoProfile = await this.dataRepo.GetFullGuildProfileAsync(profileId);
var efProfile = repoProfile;
var returnProfile = new FullGuildProfile()
{
Id = efProfile.Id,
ProfileName = efProfile.ProfileName,
Creator = new UserStub()
{
Id = efProfile.Creator?.Id,
Email = efProfile.Creator?.Email,
Username = efProfile.Creator?.UserName
},
GuildName = efProfile.CreatorGuild?.Name,
Mains = efProfile.PlayerMains.Select(x => this.MapPlayerMain(x, isOfficer)),
Realm = new StoredRealm()
{
Id = efProfile.Realm.Id,
Name = efProfile.Realm.Name,
RegionId = efProfile.Realm.Region.Id
},
Region = efProfile.Realm.Region.RegionName,
IsPublic = efProfile.IsPublic,
FriendGuilds = efProfile.FriendGuilds.Select(x => this.mapper.Map <FriendGuild>(x)),
AccessRequestCount = isOfficer ? efProfile.AccessRequests.Count() : 0
};
returnProfile.Players =
(await this.GetOrInsertAllProfileGuilds(efProfile))
.Select(x => this.mapper.Map <StoredPlayer>(x));
returnProfile.CurrentPermissionLevel = (int?)permissionLevel;
return(returnProfile);
}
private async Task UpdateSinglePermissionUpdate(
string originatingUserId,
EfEnums.GuildProfilePermissionLevel activeLevel,
UpdatePermission newPermission,
UserWithData targetUser,
int profileId,
bool isAdmin)
{
int newPermissionOrder = PermissionsOrder.Order((EfEnums.GuildProfilePermissionLevel)newPermission.NewPermissionLevel);
int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel);
if (originatingUserId == targetUser.Id)
{
throw new UserReportableError($"User may not modify their own permissions.", (int)HttpStatusCode.BadRequest);
}
var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id);
if (targetUserLevel == null)
{
throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest);
}
if (!isAdmin)
{
int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value);
if (newPermissionOrder > PermissionsOrder.Order(activeLevel))
{
throw new UserReportableError("User can't adjust permissions beyond their own level.", (int)HttpStatusCode.BadRequest);
}
if (PermissionsOrder.Order(activeLevel) < PermissionsOrder.Order(targetUserLevel.Value))
{
throw new UserReportableError($"Can't adjust permissions on user with a higher permission level.",
(int)HttpStatusCode.BadRequest);
}
}
var targetPermission = await this.context.User_GuildProfilePermissions.FirstOrDefaultAsync(
x => x.ProfileId == profileId && x.UserId == targetUser.Id);
targetPermission.PermissionLevelId = newPermission.NewPermissionLevel;
await this.context.SaveChangesAsync();
}
private async Task UpdateSinglePermissionDelete(
string originatingUserId,
EfEnums.GuildProfilePermissionLevel activeLevel,
UserWithData targetUser,
int profileId,
bool isAdmin)
{
int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel);
if (originatingUserId == targetUser.Id)
{
throw new UserReportableError($"User may not delete their own permissions.", (int)HttpStatusCode.BadRequest);
}
var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id);
if (targetUserLevel == null)
{
throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest);
}
int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value);
if (!isAdmin)
{
if (activeUserPermissionOrder < PermissionsOrder.Order(EfEnums.GuildProfilePermissionLevel.Officer))
{
throw new UserReportableError("User does not have permissions to delete a user.", (int)HttpStatusCode.Unauthorized);
}
if (activeUserPermissionOrder < targetUserOrder)
{
throw new UserReportableError("User can't delete another user with a higher permission level.", (int)HttpStatusCode.Unauthorized);
}
}
var targetPermission = await this.context.User_GuildProfilePermissions.SingleOrDefaultAsync(
x => x.ProfileId == profileId && x.UserId == targetUser.Id);
this.context.User_GuildProfilePermissions.Remove(targetPermission);
await this.context.SaveChangesAsync();
}
public async Task <PlayerMain> PromoteAltToMain([FromBody] PromoteAltToMain input)
{
var user = await this.userManager.GetUserAsync(HttpContext.User);
if (!await this.UserCanPromoteAltsAsync(user, input.ProfileId))
{
throw new UserReportableError("This user doesn't have permissions to perform this operation.", 401);
}
var permissionLevel = await this.GetCurrentPermissionLevel(input.ProfileId, user);
bool isOfficer = permissionLevel.HasValue
? PermissionsOrder.GreaterThanOrEqual(permissionLevel.Value,
GuildProfilePermissionLevel.Officer)
: false;
var newMain = await this.dataRepo.PromoteAltToMainAsync(input.AltId, input.ProfileId);
return(this.MapPlayerMain(newMain, isOfficer));
}
private async Task <bool> UserHasStandardOfficerPermissions(int profileId, EfModels.UserWithData user)
{
if (await this.IsAdmin(user))
{
return(true);
}
if (await this.dataRepo.ProfileIsPublicAsync(profileId))
{
return(true);
}
var permissionsForProfile = await this.dataRepo.GetProfilePermissionForUserAsync(profileId, user?.Id);
if (!permissionsForProfile.HasValue)
{
return(false);
}
return(PermissionsOrder.GetPermissionOrder(permissionsForProfile.Value)
>= PermissionsOrder.GetPermissionOrder(GuildProfilePermissionLevel.Officer));
}
