public User AddFamilyMember(KidStepsContext context, Family family, PersonName name, string email, bool isKid) { UserRepository userRepos = new UserRepository(); User newUser = userRepos.CreateFamilyMember(context, name, email); newUser.Family = family; if (isKid) { newUser.RoleFlags |= Role.Kid; family.HasKids = true; } context.SaveChanges(); return newUser; }
public Family Create( KidStepsContext context, User admin) { Family family = new Family(); context.Families.Add(family); family.Name = admin.Name.Last; family.Admin = admin; admin.Family = family; // add public viewer UserRepository userRepos = new UserRepository(); User publicViewer = userRepos.CreatePublicViewer(context); publicViewer.Family = family; context.SaveChanges(); return family; }
public static bool IsAllowedTo(this User user, Permission permission, Family target) { bool isFamilyAdmin = user.Id == target.Admin.Id; bool isInTargetFamily = user.Family.Id == target.Id; bool isRegisteredMemberOfTargetFamily = (isInTargetFamily && user.IsRegistered) || isFamilyAdmin; // superuser is always authorized if (user.IsSuperUser) return true; switch (permission) { // anyone in the family, including public viewer, can view the family case Models.Permission.ViewFamily: return isInTargetFamily; // only family admin can add a family member case Permission.EditFamily: return isFamilyAdmin; default: throw new NotImplementedException(); } }
public static ActionResult WithId(this ActionResult result, Family family) { return result.AddRouteValue("id", family.Id); }