/// <summary> /// Determine if user is direct or indirect (organization admin) package owner. /// </summary> /// <param name="user">User to query.</param> /// <param name="package">Package to query.</param> /// <returns>True if direct or indirect package owner.</returns> public static bool IsOwnerOrMemberOfOrganizationOwner(this User user, PackageRegistration package) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (package == null) { throw new ArgumentNullException(nameof(package)); } return(package.Owners.Any(o => user.KeyIsSelfOrOrganization(o.Key))); }
/// <summary> /// Determine if the current user matches the owner scope of the current credential. /// There is a match if the owner scope is self or an organization to which the user /// belongs. /// /// Note there is no need to check organization role, which the action scope covers. /// </summary> /// <param name="user">User to query.</param> /// <param name="credential">Credential to query.</param> /// <returns>True if user matches the owner scope, false otherwise.</returns> public static bool MatchesOwnerScope(this User user, Credential credential) { if (user == null) { throw new ArgumentNullException(nameof(user)); } if (credential == null) { throw new ArgumentNullException(nameof(credential)); } // Legacy V1 API key with no owner scope. if (!credential.Scopes.Any()) { return(true); } return(credential.Scopes .Select(s => s.OwnerKey) .Distinct() .Any(ownerKey => !ownerKey.HasValue || // Legacy V2 API key with no owner scope user.KeyIsSelfOrOrganization(ownerKey))); // V2 API key with owner scope }