/// <summary>
/// This disables people's accounts for given account group
/// </summary>
/// <param name="personId"></param>
/// <param name="accountGroupId"></param>
public void DisableAccount(int personId, int accountGroupId)
{
var permission = MyPermissions.Single(x => x.Key.Id == accountGroupId).Value;
if (permission == PermissionLevel.Admin || permission == PermissionLevel.SuperAdmin)
{
var targetPerson = GetMyColleagues(accountGroupId, true).Single(x => x.Id == personId);
//there should be a simpler way to do this but i can't be effed
var targetsPermission = targetPerson.GetPermissionLevel(accountGroupId);
if (targetsPermission == PermissionLevel.SuperAdmin)
{
throw new UnauthorizedAccessException("You can't remove a superadmin");
}
else if (targetsPermission == PermissionLevel.Admin && Me.GetPermissionLevel(accountGroupId) == PermissionLevel.Admin)
{
throw new UnauthorizedAccessException("You can't remove another admin user, only a superadmin can do that");
}
var join = targetPerson.AccountGroupPeople.SingleOrDefault(x => x.AccountGroupId == accountGroupId);
if (join != null)
{
Context.Delete <AccountGroupPerson>(join.Id);
Context.SaveChanges();
}
}
else
{
throw new UnauthorizedAccessException("You lack permission to disable accounts");
}
}
protected AccountBasedManagement(IDatabaseContext context, int personId, int accountId)
: base(context, personId)
{
var permission = MyPermissions.Single(x => x.Key.Id == accountId);
AccountGroup = permission.Key;
AccountGroupPermission = permission.Value;
}