Esempio n. 1
0
 public async Task <IList <Project> > GetAvailableProjectsList(string userId)
 {
     if (userContext.IsAdmin())
     {
         return(await dbContext.Projects
                .ToListAsync());
     }
     return(await dbContext.Projects
            .Join(dbContext.UserProjects, p => p.ProjectId, up => up.ProjectId, (p, up) => new { Project = p, Assigment = up })
            .Where(a => a.Assigment.UserId == userId)
            .Select(a => a.Project)
            .ToListAsync());
 }
Esempio n. 2
0
 private async Task VerifyProjectAccess(Guid projectId)
 {
     if (!userContext.IsAdmin() && await dbContext.UserProjects.FirstOrDefaultAsync(up => up.ProjectId == projectId && up.UserId == userContext.UserId) == null)
     {
         throw new ApplicationException($"Current user [{userContext.UserId}] cannot execute this action for project [{projectId}]");
     }
 }
Esempio n. 3
0
        private async Task VerifyAccessToProject(Guid projectId)
        {
            var project = await dbContext.Projects
                          .Include(p => p.Users)
                          .FirstOrDefaultAsync(p => p.ProjectId == projectId);

            if (project == null)
            {
                throw new ApplicationException($"Project [{projectId}] does not exist");
            }

            if (!project.Users.Select(u => u.UserId).Contains(userContext.UserId) && !userContext.IsAdmin())
            {
                throw new ApplicationException($"User[{userContext.UserId}] does not have access to project [{projectId}]");
            }
        }