Exemple #1
0
        public static People FilterPeopleToMatchAuthority(People people, Authority authority, int gracePeriod)
        {
            // First: If sysadmin, return the whole list uncensored.

            if (IsSystemAdministrator(authority))
            {
                return(people);
            }

            SwarmDb databaseRead = SwarmDb.GetDatabaseForReading();

            if (gracePeriod == -1)
            {
                gracePeriod = Membership.GracePeriod;
            }

            Dictionary <int, List <BasicMembership> > membershipTable =
                databaseRead.GetMembershipsForPeople(people.Identities, gracePeriod);
            Dictionary <int, int> geographyTable = databaseRead.GetPeopleGeographies(people.Identities);

            Dictionary <int, Person> clearedPeople = new Dictionary <int, Person>();

            // TODO: Add org admin role, able to see previous members that aren't anonymized yet

            // Clear by organization roles

            foreach (BasicPersonRole role in authority.OrganizationPersonRoles)
            {
                Dictionary <int, BasicOrganization> clearedOrganizations =
                    OrganizationCache.GetOrganizationHashtable(role.OrganizationId);

                foreach (Person person in people)
                {
                    // Is the organization cleared in this officer's role for this to-be-viewed member?

                    if (membershipTable.ContainsKey(person.Identity))
                    {
                        foreach (BasicMembership membership in membershipTable[person.Identity])
                        {
                            if (clearedOrganizations.ContainsKey(membership.OrganizationId)
                                &&
                                authority.HasPermission(Permission.CanSeePeople, membership.OrganizationId,
                                                        person.GeographyId, Flag.Default))
                            {
                                if (membership.Active ||
                                    (membership.Expires > DateTime.Now.AddDays(-gracePeriod) &&
                                     membership.Expires.AddDays(1) > membership.DateTerminated
                                     &&
                                     authority.HasPermission(Permission.CanSeeExpiredDuringGracePeriod,
                                                             membership.OrganizationId, person.GeographyId, Flag.Default)))
                                {
                                    clearedPeople[person.Identity] = person;
                                    break;
                                }
                            }
                        }
                    }

                    /* -- commented out. This means "does the current authority have Org Admin privileges over Person"?
                     * else if (CanSeeNonMembers)
                     * { //person isn't member anywhere
                     *  clearedPeople[person.Identity] = person;
                     * }*/
                }
            }


            // Clear by node roles:
            //
            // For each node role, check if each member is in a cleared geography AND a cleared organization.
            // If so, permit view of this member. (A person in a branch of a geographical area for organizations X and Z
            // should see only people of those organizations only on those nodes.)


            foreach (BasicPersonRole role in authority.LocalPersonRoles)
            {
                Dictionary <int, BasicGeography> clearedGeographies =
                    GeographyCache.GetGeographyHashtable(role.GeographyId);
                Dictionary <int, BasicOrganization> clearedOrganizations =
                    OrganizationCache.GetOrganizationHashtable(role.OrganizationId);

                foreach (Person person in people)
                {
                    // Is the node AND the organization cleared in this officer's role for this to-be-viewed member?

                    if (membershipTable.ContainsKey(person.Identity))
                    {
                        foreach (BasicMembership membership in membershipTable[person.Identity])
                        {
                            int organizationClear = 0;
                            int geographyClear    = 0;
                            if (clearedOrganizations.ContainsKey(membership.OrganizationId))
                            {
                                organizationClear = membership.OrganizationId;

                                if (clearedGeographies.ContainsKey(geographyTable[person.Identity]))
                                {
                                    geographyClear = geographyTable[person.Identity];
                                }

                                if (organizationClear > 0 &&
                                    geographyClear > 0
                                    &&
                                    authority.HasPermission(Permission.CanSeePeople, organizationClear, geographyClear,
                                                            Flag.Default))
                                {
                                    if (membership.Active ||
                                        (membership.Expires > DateTime.Now.AddDays(-gracePeriod) &&
                                         membership.Expires.AddDays(1) > membership.DateTerminated
                                         &&
                                         authority.HasPermission(Permission.CanSeeExpiredDuringGracePeriod,
                                                                 membership.OrganizationId, person.GeographyId, Flag.Default)))
                                    {
                                        clearedPeople[person.Identity] = person;
                                        break;
                                    }
                                }
                            }
                        }
                    }
                }
            }


            // End: Assemble an array of the resulting cleared people

            People result = new People();

            foreach (Person clearedPerson in clearedPeople.Values)
            {
                result.Add(clearedPerson);
            }

            return(result);
        }