public async Task <ActionResult> AddEdit(Guid?id) { CompanyLocationGroupEditVm returnValue = new CompanyLocationGroupEditVm(); if (id == null) { //create a starting point here. returnValue.CompanyLocationGroupUiDto = new CompanyLocationGroupUiDto(); returnValue.CompanyLocationGroupUiDto.CompanyLocationUiDtos = new List <CompanyLocationUiDto>(); CompanyLocationUiDto cluiDto = new CompanyLocationUiDto(); returnValue.CompanyLocationGroupUiDto.CompanyLocationUiDtos.Add(cluiDto); AuthorizationState authState = AuthorizationState.NotAllowed; bool isCompanyOwner = false; // check for some form of rights before showing the form. var company = _accessQueries.GetAuthorization_ForCompanyAdmin_IfCompanyIdSelectedByUserId(Guid.Parse(User.Identity.GetUserId()), false, out authState, out isCompanyOwner); returnValue.CompanyLocationGroupUiDto.AuthState_OnlyTrustOnGeneration = authState; } else { returnValue.CompanyLocationGroupUiDto = _companyLocationGroupQueries.GetUiDto_CompanyLocationGroupById(User.Identity.GetUserId(), (Guid)id); } if (returnValue.CompanyLocationGroupUiDto == null) { return(RedirectToAction("Index", "CompanyLocationGroups")); } return(View(returnValue)); }
public List <CompanyLocationGroup> GetCompanyLocationGroups(string userIdString, out AuthorizationState authState) { List <CompanyLocationGroup> returnValue = new List <CompanyLocationGroup>(); bool isCompanyOwner = false; // do a separate check for access. This is the correct pattern. Company company = _accessQueries.GetAuthorization_ForCompanyAdmin_IfCompanyIdSelectedByUserId(Guid.Parse(userIdString), false, out authState, out isCompanyOwner); if (company != null) { returnValue = _unitOfWork.CompanyLocationGroupsRepository.Get(i => i.Company.CompanyId == company.CompanyId, includeProperties: "CompanyLocations").ToList(); } return(returnValue); }
public List <ProfessionalWorkingHourUiDto> GetUiDto_AllProfessionalWorkingHoursInCompanyFromUserGuid(string userIdString) { List <ProfessionalWorkingHourUiDto> returnList = new List <ProfessionalWorkingHourUiDto>(); AuthorizationState authState = AuthorizationState.NotAllowed; bool isCompanyOwner = false; // Use AccessQueries to Check if the user has access (currently only the company owner) // Get all the professional Id's for the company while we're at it. Company company = _accessQueries.GetAuthorization_ForCompanyAdmin_IfCompanyIdSelectedByUserId(Guid.Parse(userIdString), true, out authState, out isCompanyOwner); if (company != null && authState > AuthorizationState.NotAllowed && company.Professionals != null && company.Professionals.Any()) { // Get the working hours for each professionalId. var proIds = company.Professionals.Select(i => i.ProfessionalId).ToList(); proIds.Add(company.Owner.ProfessionalId); // maybe take the any() check out here? var prosWithHours = _unitOfWork.ProfessionalsRepository.Get(i => proIds.Contains(i.ProfessionalId) && i.ProfessionalWorkingHours.Any(), includeProperties: "ProfessionalWorkingHours").ToList(); // create rows for all the working hours. if (prosWithHours != null && prosWithHours.Any()) { foreach (var professionalRow in prosWithHours) { if (professionalRow.ProfessionalWorkingHours != null && professionalRow.ProfessionalWorkingHours.Any()) { foreach (var workingHourRow in professionalRow.ProfessionalWorkingHours.Where(r => !r.IsDeleted)) { if (workingHourRow.CompanyLocationGroup == null) { continue; } ProfessionalWorkingHourUiDto uiRow = _mapper.Map <ProfessionalWorkingHour, ProfessionalWorkingHourUiDto>(workingHourRow); uiRow.CompanyLocationGroupId = workingHourRow.CompanyLocationGroup.CompanyLocationGroupId; uiRow.ProfessionalId = professionalRow.ProfessionalId; uiRow.ProfessionalName = professionalRow.GetFullName(); returnList.Add(uiRow); } } } returnList = returnList.OrderBy(i => i.ProfessionalName).ToList(); } } return(returnList); }