/// <summary> /// Determine whether a user has a permission via the user's roles alone or optionally /// via her dispositions against a segregated entity. /// For proper performance, ensure that <see cref="User.Roles"/>, /// <see cref="User.Dispositions"/> and their <see cref="Disposition.Type"/> /// are prefetched. /// </summary> /// <param name="user">The user.</param> /// <param name="permissionCodeName"> /// The <see cref="Permission.CodeName"/> of the <see cref="Permission"/>. /// </param> /// <param name="segregatedEntity">The optional segregated entity to check user dispositions against.</param> public bool UserHasPermission(U user, string permissionCodeName, ISegregatedEntity segregatedEntity = null) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (permissionCodeName == null) { throw new ArgumentNullException(nameof(permissionCodeName)); } var rolesAccessRight = GetRolesAccessRight(user); // If roles alone yield access right to the permission, return true. if (rolesAccessRight.HasPermission(permissionCodeName)) { return(true); } if (segregatedEntity != null) { // Determine whether a disposition yields access right to the manager. var dispositionsAccessRight = GetDispositionsAccessRight(user, segregatedEntity); return(dispositionsAccessRight.HasPermission(permissionCodeName)); } return(false); }
/// <summary> /// Determine whether a manager is supported via the user's roles alone or optionally /// via her dispositions against a segregated entity. /// For proper performance, ensure that <see cref="User.Roles"/>, /// <see cref="User.Dispositions"/> and their <see cref="Disposition.Type"/> /// are prefetched. /// </summary> /// <param name="user">The user.</param> /// <param name="managerType">The .NET class type of the manager.</param> /// <param name="segregatedEntity">The optional segregated entity to check user dispositions against.</param> public bool CanUserAccessManager(U user, Type managerType, ISegregatedEntity segregatedEntity = null) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (managerType == null) { throw new ArgumentNullException(nameof(managerType)); } var rolesAccessRight = GetRolesAccessRight(user); // If roles alone yield access right to the manager, return true. if (rolesAccessRight.SupportsManager(managerType)) { return(true); } if (segregatedEntity != null) { // Determine whether a disposition yields access right to the manager. var dispositionsAccessRight = GetDispositionsAccessRight(user, segregatedEntity); return(dispositionsAccessRight.SupportsManager(managerType)); } return(false); }
/// <summary> /// Get the access right that stems from the <see cref="User.Dispositions"/> of /// a <see cref="User"/> over a segregated entity. /// </summary> /// <param name="user">The user.</param> /// <param name="segregatedEntity">The segregated entity.</param> /// <returns>Returns the combined <see cref="AccessRight"/>.</returns> private AccessRight GetDispositionsAccessRight(User user, ISegregatedEntity segregatedEntity) => GetDispositionsAccessRight(user, segregatedEntity.SegregationID);