public static void GrantPermission <T>(
this ConsentContext context,
T securable,
ConsentRole role,
string permission) where T : class, ISecurable
{
if (context.Set <T>().ToInjectable()
.Any(_ => _ == securable && _.GrantsPermissionToRole(role, permission)))
{
return;
}
var permissionEntity = context.Set <PermissionEntity>().SingleOrDefault(_ => _.Access == permission);
var rolePrincipal = context.Set <RoleSecurityPrincipal>().SingleOrDefault(_ => _.Role == role)
?? new RoleSecurityPrincipal {
Role = role
};
context.Set <AccessControlEntity>().Add(
new AccessControlEntity
{
ACL = securable.ACL,
Permission = permissionEntity,
Prinicipal = rolePrincipal
});
}
/// <inheritdoc />
public IQueryable <PersonEntity> ApplyTo(IQueryable <PersonEntity> queryable, ConsentContext context)
{
return
(from person in queryable
join consent in context.Set <ConsentEntity>()
on person.Id equals consent.StudySubject.Person.Id
where consent.StudySubject.Study.Id == studyId
select person);
}