private async Task UpdateSinglePermissionUpdate( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UpdatePermission newPermission, UserWithData targetUser, int profileId, bool isAdmin) { int newPermissionOrder = PermissionsOrder.Order((EfEnums.GuildProfilePermissionLevel)newPermission.NewPermissionLevel); int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel); if (originatingUserId == targetUser.Id) { throw new UserReportableError($"User may not modify their own permissions.", (int)HttpStatusCode.BadRequest); } var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id); if (targetUserLevel == null) { throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest); } if (!isAdmin) { int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value); if (newPermissionOrder > PermissionsOrder.Order(activeLevel)) { throw new UserReportableError("User can't adjust permissions beyond their own level.", (int)HttpStatusCode.BadRequest); } if (PermissionsOrder.Order(activeLevel) < PermissionsOrder.Order(targetUserLevel.Value)) { throw new UserReportableError($"Can't adjust permissions on user with a higher permission level.", (int)HttpStatusCode.BadRequest); } } var targetPermission = await this.context.User_GuildProfilePermissions.FirstOrDefaultAsync( x => x.ProfileId == profileId && x.UserId == targetUser.Id); targetPermission.PermissionLevelId = newPermission.NewPermissionLevel; await this.context.SaveChangesAsync(); }
private async Task UpdateSinglePermissionDelete( string originatingUserId, EfEnums.GuildProfilePermissionLevel activeLevel, UserWithData targetUser, int profileId, bool isAdmin) { int activeUserPermissionOrder = PermissionsOrder.Order(activeLevel); if (originatingUserId == targetUser.Id) { throw new UserReportableError($"User may not delete their own permissions.", (int)HttpStatusCode.BadRequest); } var targetUserLevel = await this.GetProfilePermissionForUserAsync(profileId, targetUser.Id); if (targetUserLevel == null) { throw new UserReportableError($"User {targetUser.Id} has not requested access!", (int)HttpStatusCode.BadRequest); } int targetUserOrder = PermissionsOrder.Order(targetUserLevel.Value); if (!isAdmin) { if (activeUserPermissionOrder < PermissionsOrder.Order(EfEnums.GuildProfilePermissionLevel.Officer)) { throw new UserReportableError("User does not have permissions to delete a user.", (int)HttpStatusCode.Unauthorized); } if (activeUserPermissionOrder < targetUserOrder) { throw new UserReportableError("User can't delete another user with a higher permission level.", (int)HttpStatusCode.Unauthorized); } } var targetPermission = await this.context.User_GuildProfilePermissions.SingleOrDefaultAsync( x => x.ProfileId == profileId && x.UserId == targetUser.Id); this.context.User_GuildProfilePermissions.Remove(targetPermission); await this.context.SaveChangesAsync(); }