public async Task <bool> CheckUserCanEdit(long userId, int inspectionId)
{
var wsre = await _context.WSRE.FindAsync(inspectionId);
var user = await _context.USER_TABLE.FindAsync(userId);
if (wsre == null || user == null)
{
return(false);
}
var jobsiteId = wsre.JobsiteId;
bool hasAccess = AuthorizeUserAccess.verifyAccessToJobsite(userId, jobsiteId, false);
if (!hasAccess)
{
return(false);
}
if (user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("inspector") ||
user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("interpreter") ||
user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("administrator") ||
user.JobRoles.Select(j => j.USER_GROUP.groupname.ToLower()).Contains("super user"))
{
return(true);
}
return(false);
}
/// <summary>
/// Checks if the given user id is allowed to view the given inspection.
/// </summary>
/// <param name="userId">The user Id to check the access for</param>
/// <param name="inspectionId">The inspection Id to check the access for</param>
/// <returns>True if user is allowed to access the inspection</returns>
public async Task <bool> VerifyUserAccessToInspection(long userId, int inspectionId)
{
var wsre = await _context.WSRE.FindAsync(inspectionId);
if (wsre == null)
{
return(false);
}
var jobsiteId = wsre.JobsiteId;
return(AuthorizeUserAccess.verifyAccessToJobsite(userId, jobsiteId, false));
}