예제 #1
0
        public void UpdateUser(UserWithPermissionsContract contract)
        {
            ParamIs.NotNull(() => contract);

            UpdateEntity <User>(contract.Id, (session, user) => {
                if (!EntryPermissionManager.CanEditUser(PermissionContext, user.GroupId))
                {
                    var loggedUser = GetLoggedUser(session);
                    var msg        = string.Format("{0} (level {1}) not allowed to edit {2}", loggedUser, loggedUser.GroupId, user);
                    log.Error(msg);
                    throw new NotAllowedException(msg);
                }

                if (EntryPermissionManager.CanEditGroupTo(PermissionContext, contract.GroupId))
                {
                    user.GroupId = contract.GroupId;
                }

                if (EntryPermissionManager.CanEditAdditionalPermissions(PermissionContext))
                {
                    user.AdditionalPermissions = new PermissionCollection(contract.AdditionalPermissions.Select(p => PermissionToken.GetById(p.Id)));
                }

                var diff = OwnedArtistForUser.Sync(user.AllOwnedArtists, contract.OwnedArtistEntries, a => user.AddOwnedArtist(session.Load <Artist>(a.Artist.Id)));
                SessionHelper.Sync(session, diff);

                user.Active = contract.Active;

                AuditLog(string.Format("updated {0}", EntryLinkFactory.CreateEntryLink(user)), session);
            }, PermissionToken.ManageUserPermissions, skipLog: true);
        }