public async Task <Result <bool> > Handle(UpdateGateCommand command, CancellationToken cancellationToken) { try { var user = await _userRepository.GetUserByEmail(command.ModifiedBy); var adminAccess = await _userGateRepository.CheckAdminAccess(command.Id, user.Id); if (!adminAccess && !user.Role.Name.Equals("Admin")) { return(Result <bool> .AccessDenied("You have no access to modify gate!")); } var gateType = await _gateTypeRepository.GetGateTypeByName(command.GateTypeName); var account = await _accountRepository.GetAccountByName(command.AccountName); var currentGate = await _gateRepository.Get(command.Id); await UpdateUserGates(command.Id, command.ModifiedBy, command.Users); UpdateGateProperties(currentGate, command, gateType, account); var res = await _gateRepository.Update(currentGate); return(Result <bool> .Ok(res)); } catch (Exception e) { return(Result <bool> .Failure(e.Message)); } }
public async Task <Unit> Handle(GrantAccessCommand request, CancellationToken cancellationToken) { if (!request.IsValid()) { throw new MissingInformationProvidedException("invalid user details provided"); } var user = userRepository.Get(request.UserId); if (user == null) { throw new UserDoesNotExistException($"no gate with id {request.UserId}"); } if (gateRepository.Get(request.GateId) == null) { throw new GateDoesNotExistException($"no gate with id {request.GateId}"); } user.GrantAccess(request.GateId); userRepository.Save(user); var accessGrantedEvent = new AccessGrantedEvent(request.UserId, request.GateId); await mediator.Publish(accessGrantedEvent, cancellationToken); return(Unit.Value); }
public async Task <Result <GateResponse> > Handle(GetGateRequest request, CancellationToken cancellationToken) { try { var user = await _userRepository.GetUserByEmail(request.RequestedBy); var access = await _userGateRepository.CheckAccess(request.Id, user.Id); var adminAccess = await _userGateRepository.CheckAdminAccess(request.Id, user.Id) || user.Role.Name == "Admin" || _gateRepository.IsAccountAdminOfTheGate(request.Id, user.Id); if (!access && user.Role.Name == "User" && !(_gateRepository.IsAccountAdminOfTheGate(request.Id, user.Id))) { return(Result <GateResponse> .AccessDenied("No access to this gate!")); } var gate = await _gateRepository.Get(request.Id); var response = CreateResponse(gate, adminAccess); return(Result <GateResponse> .Ok(response)); } catch (Exception e) { return(Result <GateResponse> .Failure(e.Message)); } }
private async Task <bool> CheckAccess(string email, int gateId) { var user = await _userRepository.GetUserByEmail(email); var gate = await _gateRepository.Get(gateId); var result = await _userGateRepository.CheckAccess(gate.Id, user.Id); if (result) { await _logService.Create("success", EventTypes.Enter, user.Id, gate.AccountId, gate.Id); } else { await _logService.Create("failed", EventTypes.Enter, user.Id, gate.AccountId, gate.Id); } return(result); }
public Gate GetGate(int gateNumber) { var gate = _gateRepository.Get(gateNumber); return(gate); }