public ShareApplicationsViewModel GetShareApplicationsViewModel(int vacancyReferenceNumber) { var vacancy = _vacancyPostingService.GetVacancyByReferenceNumber(vacancyReferenceNumber); var vacancyOwnerRelationship = _providerService.GetVacancyOwnerRelationship(vacancy.VacancyOwnerRelationshipId, false); // Closed vacancies can certainly have non-current vacancy parties var employer = _employerService.GetEmployer(vacancyOwnerRelationship.EmployerId, false); var ukprn = _currentUserService.GetClaimValue("ukprn"); var provider = _providerService.GetProvider(ukprn); var viewModel = new ShareApplicationsViewModel(); viewModel.EmployerName = employer.FullName; viewModel.ProviderName = provider.TradingName; viewModel.VacancyType = vacancy.VacancyType; viewModel.VacancyReferenceNumber = vacancyReferenceNumber; List <ApplicationSummary> applications = vacancy.VacancyType == VacancyType.Traineeship ? _traineeshipApplicationService.GetSubmittedApplicationSummaries(vacancy.VacancyId).Select(a => (ApplicationSummary)a).ToList() : _apprenticeshipApplicationService.GetSubmittedApplicationSummaries(vacancy.VacancyId).Select(a => (ApplicationSummary)a).ToList(); var @new = applications.Where(v => v.Status == ApplicationStatuses.Submitted).ToList(); var viewed = applications.Where(v => v.Status == ApplicationStatuses.InProgress).ToList(); var successful = applications.Where(v => v.Status == ApplicationStatuses.Successful).ToList(); var unsuccessful = applications.Where(v => v.Status == ApplicationStatuses.Unsuccessful).ToList(); viewModel.NewApplicationsCount = @new.Count; viewModel.InProgressApplicationsCount = viewed.Count; viewModel.SuccessfulApplicationsCount = successful.Count; viewModel.UnsuccessfulApplicationsCount = unsuccessful.Count; viewModel.ApplicationSummaries = _mapper.Map <List <ApplicationSummary>, List <ApplicationSummaryViewModel> >(applications.OrderBy(a => a.CandidateDetails.LastName).ToList()); return(viewModel); }
public void Authorise(Vacancy vacancy) { if (!_currentUserService.IsInRole(Roles.Faa)) { // Only Provider Users require authorisation (QA users are always authorised). return; } var ukprn = _currentUserService.GetClaimValue("ukprn"); var ukprnoverride = _currentUserService.GetClaimValue("ukprnoverride"); if (!string.IsNullOrEmpty(ukprnoverride)) { ukprn = ukprnoverride; } else if (_currentUserService.IsInRole(Roles.Admin)) { //This is to fix the anonymous view issue when impersonating return; } var provider = _providerService.GetProvider(ukprn); var vacancyId = vacancy.VacancyId; var contractOwnerId = vacancy.ContractOwnerId; if (provider == null) { var message = $"Provider user '{_currentUserService.CurrentUserName}' signed in with invalid UKPRN '{ukprn}' attempted to view Vacancy Id '{vacancyId}' for Contract Owner Id '{contractOwnerId}', Vacancy Manager Id '{vacancy.VacancyManagerId}' and Delivery Organisation Id '{vacancy.DeliveryOrganisationId}'"; throw new Domain.Entities.Exceptions.CustomException( message, ErrorCodes.ProviderVacancyAuthorisation.InvalidUkprn); } if (provider.ProviderId == contractOwnerId) { return; } var providerSiteIds = new List <int?> { vacancy.VacancyManagerId, vacancy.DeliveryOrganisationId }; // Fall back to Provider Site Id as the assigned provider for a vacancy could be a sub-contractor. foreach (var providerSiteId in providerSiteIds.Where(id => id.HasValue)) { var providerSite = _providerService.GetProviderSite(providerSiteId.Value); if (providerSite != null && providerSite.ProviderSiteRelationships.Any(psr => psr.ProviderId == provider.ProviderId)) { return; } var providerSites = _providerService.GetProviderSites(ukprn); if (providerSites.Any(each => each.ProviderSiteId == providerSiteId)) { return; } } var errorMessage = $"Provider user '{_currentUserService.CurrentUserName}' (signed in as UKPRN '{ukprn}') attempted to view Vacancy Id '{vacancyId}' for Contract Owner Id '{contractOwnerId}', Vacancy Manager Id '{vacancy.VacancyManagerId}' and Delivery Organisation Id '{vacancy.DeliveryOrganisationId}'"; throw new Domain.Entities.Exceptions.CustomException( errorMessage, ErrorCodes.ProviderVacancyAuthorisation.Failed); }