public async Task <object> GetInstructor(int id)
{
try
{
DataResponse <Instructor> response = await _service.GetByID(id);
if (await CheckPermissionToGetInstructor(response.Data[0]))
{
return(this.SendResponse(response));
}
return(Forbid());
}
catch (Exception e)
{
Response.StatusCode = StatusCode(500).StatusCode;
return(null);
}
}
/// <summary>
/// Metodo checa as permissoes de pegar um student.
/// </summary>
private async Task <bool> CheckPermisionToGetStudent(Student student)
{
User user = (await userService.GetByID(this.GetUserID())).Data[0];
if (user.Student != null && user.Student.IsActive && user.Student.ID == student.ID)
{
return(true);
}
if (user.Instructor != null && user.Instructor.IsActive)
{
Instructor instructor = (await InstructorService.GetByID(user.Instructor.ID)).Data[0];
foreach (InstructorClass instructorClass in instructor.Classes)
{
if (student.Classes.Where(ic => ic.ClassID == instructorClass.ClassID).Any())
{
return(true);
}
}
}
if (user.Coordinator != null && user.Coordinator.IsActive)
{
Coordinator Coordinator = (await CoordinatorService.GetByID(user.Coordinator.ID)).Data[0];
foreach (CoordinatorClass CoordinatorClass in Coordinator.Classes)
{
if (student.Classes.Where(ic => ic.ClassID == CoordinatorClass.ClassID).Any())
{
return(true);
}
}
}
if (user.Owner != null && user.Owner.IsActive)
{
Owner Owner = (await OwnerService.GetByID(user.Owner.ID)).Data[0];
foreach (OwnerCourse ownerCourse in Owner.Courses)
{
Course course = (await CourseService.GetByID(ownerCourse.CourseID)).Data[0];
foreach (Class @class in course.Classes)
{
if (student.Classes.Where(sc => sc.ClassID == @class.ID).Any())
{
return(true);
}
}
}
}
return(false);
}