private static void ValidatePermissionsForDelete(
IEnumerable <Permission> allowPermissionsToDelete,
IEnumerable <Permission> denyPermissionsToDelete,
IEnumerable <Permission> existingAllowPermissions,
IEnumerable <Permission> existingDenyPermissions)
{
var existingAllow = existingAllowPermissions ?? Enumerable.Empty <Permission>();
var existingDeny = existingDenyPermissions ?? Enumerable.Empty <Permission>();
var invalidPermissions = new List <KeyValuePair <string, string> >();
var invalidPermissionActionAllowPermissions = existingDeny
.Where(p => allowPermissionsToDelete.Contains(p));
invalidPermissions.AddRange(invalidPermissionActionAllowPermissions
.Select(p => new KeyValuePair <string, string>(
"The following permissions exist as 'deny' for user but 'allow' was specified", p.ToString())));
invalidPermissions.AddRange(allowPermissionsToDelete
.Except(existingAllow)
.Except(invalidPermissionActionAllowPermissions)
.Select(p => new KeyValuePair <string, string>(
"The following permissions do not exist as 'allow' permissions", p.ToString())));
var invalidPermissionActionDenyPermissions = existingAllow
.Where(p => denyPermissionsToDelete.Contains(p));
invalidPermissions.AddRange(invalidPermissionActionDenyPermissions
.Select(p => new KeyValuePair <string, string>(
"The following permissions exist as 'allow' for user but 'deny' was specified", p.ToString())));
invalidPermissions.AddRange(denyPermissionsToDelete
.Except(existingDeny)
.Except(invalidPermissionActionDenyPermissions)
.Select(p => new KeyValuePair <string, string>(
"The following permissions do not exist as 'deny' permissions", p.ToString())));
if (!invalidPermissions.Any())
{
return;
}
var invalidPermissionException =
new InvalidPermissionException(
"Cannot delete the specified permissions, please correct the issues and attempt to delete again.");
var permissionGroups = invalidPermissions.GroupBy(i => i.Key);
foreach (var group in permissionGroups)
{
invalidPermissionException.Data.Add(group.Key, string.Join(", ", group.Select(p => p.Value)));
}
throw invalidPermissionException;
}
private static void ValidatePermissionsForAdd(
IEnumerable <Permission> allowPermissionsToAdd,
IEnumerable <Permission> denyPermissionsToAdd,
IEnumerable <Permission> existingAllowPermissions,
IEnumerable <Permission> existingDenyPermissions)
{
var invalidPermissions = new List <KeyValuePair <string, string> >();
invalidPermissions.AddRange(allowPermissionsToAdd
.Intersect(existingAllowPermissions ?? Enumerable.Empty <Permission>())
.Select(p => new KeyValuePair <string, string>(
"The following permissions already exist as 'allow' permissions", p.ToString())));
invalidPermissions.AddRange(denyPermissionsToAdd
.Intersect(existingDenyPermissions ?? Enumerable.Empty <Permission>())
.Select(p => new KeyValuePair <string, string>(
"The following permissions already exist as 'deny' permissions", p.ToString())));
invalidPermissions.AddRange(allowPermissionsToAdd
.Intersect(existingDenyPermissions ?? Enumerable.Empty <Permission>())
.Select(p => new KeyValuePair <string, string>(
"The following permissions exist as 'deny' and cannot be added as 'allow'", p.ToString())));
invalidPermissions.AddRange(denyPermissionsToAdd
.Intersect(existingAllowPermissions ?? Enumerable.Empty <Permission>())
.Select(p => new KeyValuePair <string, string>(
"The following permissions exist as 'allow' and cannot be added as 'deny'", p.ToString())));
invalidPermissions.AddRange(allowPermissionsToAdd.Intersect(denyPermissionsToAdd)
.Select(p => new KeyValuePair <string, string>(
"The following permissions cannot be specified as both 'allow' and 'deny'", p.ToString())));
if (!invalidPermissions.Any())
{
return;
}
var invalidPermissionException =
new InvalidPermissionException(
"Cannot add the specified permissions, please correct the issues and attempt to add again.");
var permissionGroups = invalidPermissions.GroupBy(i => i.Key);
foreach (var group in permissionGroups)
{
invalidPermissionException.Data.Add(group.Key, string.Join(", ", group.Select(p => p.Value)));
}
throw invalidPermissionException;
}
private void ValidatePermissionsForDelete(IEnumerable <Permission> allowPermissionsToDelete,
IEnumerable <Permission> denyPermissionsToDelete,
IEnumerable <Permission> existingAllowPermissions,
IEnumerable <Permission> existingDenyPermissions)
{
var invalidPermissionActionAllowPermissions = existingDenyPermissions?
.Where(p => allowPermissionsToDelete.Contains(p)) ?? Enumerable.Empty <Permission>();
var invalidAllowPermissions = allowPermissionsToDelete
.Except(existingAllowPermissions ?? Enumerable.Empty <Permission>())
.Except(invalidPermissionActionAllowPermissions);
var invalidPermissionActionDenyPermissions = existingAllowPermissions?
.Where(p => denyPermissionsToDelete.Contains(p)) ?? Enumerable.Empty <Permission>();
var invalidDenyPermissions = denyPermissionsToDelete
.Except(existingDenyPermissions ?? Enumerable.Empty <Permission>())
.Except(invalidPermissionActionDenyPermissions);
if (invalidAllowPermissions.Any() ||
invalidDenyPermissions.Any() ||
invalidPermissionActionAllowPermissions.Any() ||
invalidPermissionActionDenyPermissions.Any())
{
var invalidPermissionException =
new InvalidPermissionException("Cannot delete the specified permissions, please correct the issues and attempt to delete again. The following permissions are invalid:");
if (invalidAllowPermissions.Any())
{
invalidPermissionException.Data.Add("Invalid allow permissions", string.Join(",", invalidAllowPermissions));
}
if (invalidDenyPermissions.Any())
{
invalidPermissionException.Data.Add("Invalid deny permissions", string.Join(",", invalidDenyPermissions));
}
if (invalidPermissionActionAllowPermissions.Any())
{
invalidPermissionException.Data.Add("Invalid allow permission actions", string.Join(",", invalidPermissionActionAllowPermissions));
}
if (invalidPermissionActionDenyPermissions.Any())
{
invalidPermissionException.Data.Add("Invalid deny permission actions", string.Join(",", invalidPermissionActionDenyPermissions));
}
throw invalidPermissionException;
}
}
