public async Task <IEnumerable <PendingAccessRequest> > GetAccessRequests(int profileId) { var user = await this.userManager.GetUserAsync(HttpContext.User); var userPermissionLevel = await this.dataRepo.GetProfilePermissionForUserAsync(profileId, user.Id); if (!userPermissionLevel.HasValue || !PermissionsOrder.GreaterThanOrEqual(userPermissionLevel.Value, GuildProfilePermissionLevel.Officer)) { throw new UserReportableError($"User does not have permissions to approve access requests for profile '{profileId}'.", (int)HttpStatusCode.Unauthorized); } var efRequests = await this.dataRepo.GetAccessRequestsAsync(profileId); return(efRequests.Select(x => new PendingAccessRequest() { Id = x.Id, CreatedOn = x.CreatedOn, ProfileId = x.ProfileId, User = new UserStub() { Id = x.Requester.Id, Email = x.Requester.Email, Username = x.Requester.UserName } })); }
public async Task <FullGuildProfile> GetFullGuildProfile(int profileId) { var user = await this.userManager.GetUserAsync(HttpContext.User); var permissionLevel = await this.GetCurrentPermissionLevel(profileId, user); bool isOfficer = permissionLevel.HasValue ? PermissionsOrder.GreaterThanOrEqual(permissionLevel.Value, GuildProfilePermissionLevel.Officer) : false; var repoProfile = await this.dataRepo.GetFullGuildProfileAsync(profileId); var efProfile = repoProfile; var returnProfile = new FullGuildProfile() { Id = efProfile.Id, ProfileName = efProfile.ProfileName, Creator = new UserStub() { Id = efProfile.Creator?.Id, Email = efProfile.Creator?.Email, Username = efProfile.Creator?.UserName }, GuildName = efProfile.CreatorGuild?.Name, Mains = efProfile.PlayerMains.Select(x => this.MapPlayerMain(x, isOfficer)), Realm = new StoredRealm() { Id = efProfile.Realm.Id, Name = efProfile.Realm.Name, RegionId = efProfile.Realm.Region.Id }, Region = efProfile.Realm.Region.RegionName, IsPublic = efProfile.IsPublic, FriendGuilds = efProfile.FriendGuilds.Select(x => this.mapper.Map <FriendGuild>(x)), AccessRequestCount = isOfficer ? efProfile.AccessRequests.Count() : 0 }; returnProfile.Players = (await this.GetOrInsertAllProfileGuilds(efProfile)) .Select(x => this.mapper.Map <StoredPlayer>(x)); returnProfile.CurrentPermissionLevel = (int?)permissionLevel; return(returnProfile); }
private async Task UpdateSinglePermissionUpdate( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UpdatePermission newPermission, UserWithData targetUser, int profileId, bool isAdmin) { int newPermissionOrder = PermissionsOrder.Order((EfEnums.GuildProfilePermissionLevel)newPermission.NewPermissionLevel); int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel); if (originatingUserId == targetUser.Id) { throw new UserReportableError($"User may not modify their own permissions.", (int)HttpStatusCode.BadRequest); } var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id); if (targetUserLevel == null) { throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest); } if (!isAdmin) { int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value); if (newPermissionOrder > PermissionsOrder.Order(activeLevel)) { throw new UserReportableError("User can't adjust permissions beyond their own level.", (int)HttpStatusCode.BadRequest); } if (PermissionsOrder.Order(activeLevel) < PermissionsOrder.Order(targetUserLevel.Value)) { throw new UserReportableError($"Can't adjust permissions on user with a higher permission level.", (int)HttpStatusCode.BadRequest); } } var targetPermission = await this.context.User_GuildProfilePermissions.FirstOrDefaultAsync( x => x.ProfileId == profileId && x.UserId == targetUser.Id); targetPermission.PermissionLevelId = newPermission.NewPermissionLevel; await this.context.SaveChangesAsync(); }
private async Task UpdateSinglePermissionDelete( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UserWithData targetUser, int profileId, bool isAdmin) { int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel); if (originatingUserId == targetUser.Id) { throw new UserReportableError($"User may not delete their own permissions.", (int)HttpStatusCode.BadRequest); } var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id); if (targetUserLevel == null) { throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest); } int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value); if (!isAdmin) { if (activeUserPermissionOrder < PermissionsOrder.Order(EfEnums.GuildProfilePermissionLevel.Officer)) { throw new UserReportableError("User does not have permissions to delete a user.", (int)HttpStatusCode.Unauthorized); } if (activeUserPermissionOrder < targetUserOrder) { throw new UserReportableError("User can't delete another user with a higher permission level.", (int)HttpStatusCode.Unauthorized); } } var targetPermission = await this.context.User_GuildProfilePermissions.SingleOrDefaultAsync( x => x.ProfileId == profileId && x.UserId == targetUser.Id); this.context.User_GuildProfilePermissions.Remove(targetPermission); await this.context.SaveChangesAsync(); }
public async Task <PlayerMain> PromoteAltToMain([FromBody] PromoteAltToMain input) { var user = await this.userManager.GetUserAsync(HttpContext.User); if (!await this.UserCanPromoteAltsAsync(user, input.ProfileId)) { throw new UserReportableError("This user doesn't have permissions to perform this operation.", 401); } var permissionLevel = await this.GetCurrentPermissionLevel(input.ProfileId, user); bool isOfficer = permissionLevel.HasValue ? PermissionsOrder.GreaterThanOrEqual(permissionLevel.Value, GuildProfilePermissionLevel.Officer) : false; var newMain = await this.dataRepo.PromoteAltToMainAsync(input.AltId, input.ProfileId); return(this.MapPlayerMain(newMain, isOfficer)); }
private async Task <bool> UserHasStandardOfficerPermissions(int profileId, EfModels.UserWithData user) { if (await this.IsAdmin(user)) { return(true); } if (await this.dataRepo.ProfileIsPublicAsync(profileId)) { return(true); } var permissionsForProfile = await this.dataRepo.GetProfilePermissionForUserAsync(profileId, user?.Id); if (!permissionsForProfile.HasValue) { return(false); } return(PermissionsOrder.GetPermissionOrder(permissionsForProfile.Value) >= PermissionsOrder.GetPermissionOrder(GuildProfilePermissionLevel.Officer)); }