public async Task <bool> IsValidWithAccessCheck(string wbsCode, CancellationToken cancellation = default) { var currentUser = await _userService.GetCurrentUserAsync(); OperationAccessUtil.HasAccessToOperationOrThrow(currentUser, UserOperation.Study_Create); return(await IsValid(wbsCode, cancellation)); }
public async Task <UserPermissionDto> GetUserPermissionsAsync() { var userFromDb = await _userService.GetCurrentUserAsync(); var result = new UserPermissionDto(); result.FullName = userFromDb.FullName; result.EmailAddress = userFromDb.EmailAddress; result.UserName = userFromDb.UserName; result.Admin = userFromDb.Admin; result.Sponsor = userFromDb.Sponsor; result.DatasetAdmin = userFromDb.DatasetAdmin; var currentUser = await _userService.GetCurrentUserAsync(); result.CanCreateStudy = OperationAccessUtil.HasAccessToOperation(currentUser, Common.Constants.UserOperation.Study_Create); result.CanRead_PreApproved_Datasets = OperationAccessUtil.HasAccessToOperation(currentUser, Common.Constants.UserOperation.PreApprovedDataset_Read); result.CanEdit_PreApproved_Datasets = OperationAccessUtil.HasAccessToOperation(currentUser, Common.Constants.UserOperation.PreApprovedDataset_Create_Update_Delete); return(result); }
async Task ThrowIfOperationNotAllowed(UserOperation operation) { var currentUser = await _userService.GetCurrentUserAsync(); OperationAccessUtil.HasAccessToOperationOrThrow(currentUser, operation); }