public ShareApplicationsViewModel GetShareApplicationsViewModel(int vacancyReferenceNumber)
{
var vacancy = _vacancyPostingService.GetVacancyByReferenceNumber(vacancyReferenceNumber);
var vacancyOwnerRelationship = _providerService.GetVacancyOwnerRelationship(vacancy.VacancyOwnerRelationshipId, false); // Closed vacancies can certainly have non-current vacancy parties
var employer = _employerService.GetEmployer(vacancyOwnerRelationship.EmployerId, false);
var ukprn = _currentUserService.GetClaimValue("ukprn");
var provider = _providerService.GetProvider(ukprn);
var viewModel = new ShareApplicationsViewModel();
viewModel.EmployerName = employer.FullName;
viewModel.ProviderName = provider.TradingName;
viewModel.VacancyType = vacancy.VacancyType;
viewModel.VacancyReferenceNumber = vacancyReferenceNumber;
List <ApplicationSummary> applications = vacancy.VacancyType == VacancyType.Traineeship
? _traineeshipApplicationService.GetSubmittedApplicationSummaries(vacancy.VacancyId).Select(a => (ApplicationSummary)a).ToList()
: _apprenticeshipApplicationService.GetSubmittedApplicationSummaries(vacancy.VacancyId).Select(a => (ApplicationSummary)a).ToList();
var @new = applications.Where(v => v.Status == ApplicationStatuses.Submitted).ToList();
var viewed = applications.Where(v => v.Status == ApplicationStatuses.InProgress).ToList();
var successful = applications.Where(v => v.Status == ApplicationStatuses.Successful).ToList();
var unsuccessful = applications.Where(v => v.Status == ApplicationStatuses.Unsuccessful).ToList();
viewModel.NewApplicationsCount = @new.Count;
viewModel.InProgressApplicationsCount = viewed.Count;
viewModel.SuccessfulApplicationsCount = successful.Count;
viewModel.UnsuccessfulApplicationsCount = unsuccessful.Count;
viewModel.ApplicationSummaries = _mapper.Map <List <ApplicationSummary>, List <ApplicationSummaryViewModel> >(applications.OrderBy(a => a.CandidateDetails.LastName).ToList());
return(viewModel);
}
public void Authorise(Vacancy vacancy)
{
if (!_currentUserService.IsInRole(Roles.Faa))
{
// Only Provider Users require authorisation (QA users are always authorised).
return;
}
var ukprn = _currentUserService.GetClaimValue("ukprn");
var ukprnoverride = _currentUserService.GetClaimValue("ukprnoverride");
if (!string.IsNullOrEmpty(ukprnoverride))
{
ukprn = ukprnoverride;
}
else if (_currentUserService.IsInRole(Roles.Admin))
{
//This is to fix the anonymous view issue when impersonating
return;
}
var provider = _providerService.GetProvider(ukprn);
var vacancyId = vacancy.VacancyId;
var contractOwnerId = vacancy.ContractOwnerId;
if (provider == null)
{
var message = $"Provider user '{_currentUserService.CurrentUserName}' signed in with invalid UKPRN '{ukprn}' attempted to view Vacancy Id '{vacancyId}' for Contract Owner Id '{contractOwnerId}', Vacancy Manager Id '{vacancy.VacancyManagerId}' and Delivery Organisation Id '{vacancy.DeliveryOrganisationId}'";
throw new Domain.Entities.Exceptions.CustomException(
message, ErrorCodes.ProviderVacancyAuthorisation.InvalidUkprn);
}
if (provider.ProviderId == contractOwnerId)
{
return;
}
var providerSiteIds = new List <int?> {
vacancy.VacancyManagerId, vacancy.DeliveryOrganisationId
};
// Fall back to Provider Site Id as the assigned provider for a vacancy could be a sub-contractor.
foreach (var providerSiteId in providerSiteIds.Where(id => id.HasValue))
{
var providerSite = _providerService.GetProviderSite(providerSiteId.Value);
if (providerSite != null && providerSite.ProviderSiteRelationships.Any(psr => psr.ProviderId == provider.ProviderId))
{
return;
}
var providerSites = _providerService.GetProviderSites(ukprn);
if (providerSites.Any(each => each.ProviderSiteId == providerSiteId))
{
return;
}
}
var errorMessage = $"Provider user '{_currentUserService.CurrentUserName}' (signed in as UKPRN '{ukprn}') attempted to view Vacancy Id '{vacancyId}' for Contract Owner Id '{contractOwnerId}', Vacancy Manager Id '{vacancy.VacancyManagerId}' and Delivery Organisation Id '{vacancy.DeliveryOrganisationId}'";
throw new Domain.Entities.Exceptions.CustomException(
errorMessage, ErrorCodes.ProviderVacancyAuthorisation.Failed);
}
