public async Task <IList <Project> > GetAvailableProjectsList(string userId)
{
if (userContext.IsAdmin())
{
return(await dbContext.Projects
.ToListAsync());
}
return(await dbContext.Projects
.Join(dbContext.UserProjects, p => p.ProjectId, up => up.ProjectId, (p, up) => new { Project = p, Assigment = up })
.Where(a => a.Assigment.UserId == userId)
.Select(a => a.Project)
.ToListAsync());
}
private async Task VerifyProjectAccess(Guid projectId)
{
if (!userContext.IsAdmin() && await dbContext.UserProjects.FirstOrDefaultAsync(up => up.ProjectId == projectId && up.UserId == userContext.UserId) == null)
{
throw new ApplicationException($"Current user [{userContext.UserId}] cannot execute this action for project [{projectId}]");
}
}
private async Task VerifyAccessToProject(Guid projectId)
{
var project = await dbContext.Projects
.Include(p => p.Users)
.FirstOrDefaultAsync(p => p.ProjectId == projectId);
if (project == null)
{
throw new ApplicationException($"Project [{projectId}] does not exist");
}
if (!project.Users.Select(u => u.UserId).Contains(userContext.UserId) && !userContext.IsAdmin())
{
throw new ApplicationException($"User[{userContext.UserId}] does not have access to project [{projectId}]");
}
}
