public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType)
{
Person approver = _personRepo.GetOne(context.PersonId);
if (approver == null)
{
throw new UnauthorizedAccessException("Approver not found");
}
//check if person has authority to approve/reject
OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value);
if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value)
{
accessRequest.IsAccessRequested = false;
_accessRequestRepo.Update(accessRequest);
if (approvalActionType == ApprovalDecisionType.Approve)
{
_organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value);
}
}
else
{
throw new UnauthorizedOperationException("User is not an administrator of this organization", EntityOperationType.Update);
}
}
public void ApproveAccessRequest(Guid personId, Guid organizationId, UserSecurityContext context, ApprovalDecisionType approvalActionType)
{
AccessRequest request = _accessRequestRepo.GetPendingAccessRequest(personId, organizationId);
ApproveAccessRequest(request, context, approvalActionType);
}
public void ApproveAccessRequest(Guid accessRequestId, UserSecurityContext context, ApprovalDecisionType approvalActionType = ApprovalDecisionType.Approve)
{
AccessRequest request = _accessRequestRepo.GetOne(accessRequestId);
ApproveAccessRequest(request, context, approvalActionType);
}
public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType)
{
Person approver = _personRepo.GetOne(context.PersonId);
if (approver == null)
{
throw new UnauthorizedAccessException("Approver not found");
}
// Check if Person has Authority to Approve/Reject
OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value);
if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value)
{
accessRequest.IsAccessRequested = false;
_accessRequestRepo.Update(accessRequest);
//TODO - Disabling as dbcontext is tracking the same ID, need to fix this.
//_accessRequestRepo.SoftDelete(accessRequest.Id.Value);
if (approvalActionType == ApprovalDecisionType.Approve)
{
_organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value);
}
}
else
{
throw new UnauthorizedAccessException("User is not an Administrator of this Organization");
}
}
