/// <summary> /// Grants a permission to a user given the model. /// </summary> /// <param name="grantedPermission">The model containing the granted permission.</param> /// <returns>The task.</returns> public async Task GrantPermissionAsync(IGrantedPermissionBindingModel grantedPermission) { var grantorUserId = GetGrantorPrincipalId(); var permission = grantedPermission.ToGrantedPermission(grantorUserId); throwIfGrantorAndGranteePrincipalIdEqual(permission.GranteePrincipalId, grantorUserId); await principalService.GrantPermissionsAsync(permission); await ClearUserCacheAsync(permission.GranteePrincipalId); }
/// <summary> /// Handles the given model from a client via the given controller. /// </summary> /// <param name="model">The permission model.</param> /// <param name="controller">The controller that is handling the client request.</param> /// <returns>The result the controller should return.</returns> public async Task <IHttpActionResult> HandleGrantedPermissionBindingModelAsync(IGrantedPermissionBindingModel model, ApiController controller) { if (controller.ModelState.IsValid) { await GrantPermissionAsync(model); await SaveChangesAsync(); return(new OkResult(controller)); } else { return(new InvalidModelStateResult(controller.ModelState, controller)); } }