private async Task <ReviewSettings> GetReviewSettingsFromReviewData(Review reviewData, ArtifactBasicDetails reviewInfo) { var reviewSettings = new ReviewSettings(reviewData.ReviewPackageRawData); // We never ignore folders for formal reviews - Jira Bug STOR-4636 reviewSettings.IgnoreFolders = reviewData.ReviewType != ReviewType.Formal && !reviewData.BaselineId.HasValue && reviewSettings.IgnoreFolders; reviewSettings.CanEditRequireESignature = reviewData.ReviewStatus == ReviewPackageStatus.Draft || (reviewData.ReviewStatus == ReviewPackageStatus.Active && reviewData.ReviewType != ReviewType.Formal); var projectPermissions = await _permissionsRepository.GetProjectPermissions(reviewInfo.ProjectId); reviewSettings.IsMeaningOfSignatureEnabledInProject = projectPermissions.HasFlag(ProjectPermissions.IsMeaningOfSignatureEnabled); reviewSettings.CanEditRequireMeaningOfSignature = reviewSettings.CanEditRequireESignature && reviewSettings.IsMeaningOfSignatureEnabledInProject; return(reviewSettings); }
public async Task <bool> AreEmailDiscussionsEnabled(int projectId) { var emailSettings = await GetInstanceEmailSettings(); if (!emailSettings.EnableEmailReplies) { return(false); } var permissions = await _permissionsRepository.GetProjectPermissions(projectId); return(permissions.HasFlag(ProjectPermissions.AreEmailRepliesEnabled)); }
public async Task <DiscussionResultSet> GetDiscussions(int artifactId, int?subArtifactId = null) { ValidateRequestParameters(artifactId, subArtifactId); var userId = Session.UserId; var itemId = subArtifactId.HasValue ? subArtifactId.Value : artifactId; var revisionId = int.MaxValue; var isDeleted = await _artifactVersionsRepository.IsItemDeleted(itemId); var itemInfo = isDeleted ? await _artifactVersionsRepository.GetDeletedItemInfo(itemId) : await _artifactPermissionsRepository.GetItemInfo(itemId, userId, false); if (itemInfo == null) { throw new ResourceNotFoundException("You have attempted to access an item that does not exist or you do not have permission to view.", subArtifactId.HasValue ? ErrorCodes.SubartifactNotFound : ErrorCodes.ArtifactNotFound); } if (subArtifactId.HasValue && itemInfo.ArtifactId != artifactId) { throw new BadRequestException("Please provide a proper subartifact Id"); } if (isDeleted) { revisionId = ((DeletedItemInfo)itemInfo).VersionId; } var permissions = await _artifactPermissionsRepository.GetArtifactPermissions(new[] { artifactId }, userId, false, revisionId); var projectPermissions = await _artifactPermissionsRepository.GetProjectPermissions(itemInfo.ProjectId); RolePermissions permission = RolePermissions.None; if (!permissions.TryGetValue(artifactId, out permission) || !permission.HasFlag(RolePermissions.Read)) { throw new AuthorizationException("You do not have permission to access the artifact"); } var discussions = await _discussionsRepository.GetDiscussions(itemId, itemInfo.ProjectId); foreach (var discussion in discussions) { discussion.CanDelete = !projectPermissions.HasFlag(ProjectPermissions.CommentsDeletionDisabled) && permissions.TryGetValue(artifactId, out permission) && (permission.HasFlag(RolePermissions.DeleteAnyComment) || (permission.HasFlag(RolePermissions.Comment) && discussion.UserId == userId)); discussion.CanEdit = !projectPermissions.HasFlag(ProjectPermissions.CommentsModificationDisabled) && permissions.TryGetValue(artifactId, out permission) && (permission.HasFlag(RolePermissions.Comment) && discussion.UserId == userId); } var availableStatuses = await _discussionsRepository.GetThreadStatusCollection(itemInfo.ProjectId); var result = new DiscussionResultSet { CanDelete = !projectPermissions.HasFlag(ProjectPermissions.CommentsDeletionDisabled) && permission.HasFlag(RolePermissions.DeleteAnyComment) && revisionId == int.MaxValue, CanCreate = permission.HasFlag(RolePermissions.Comment) && revisionId == int.MaxValue, Discussions = discussions, EmailDiscussionsEnabled = await _discussionsRepository.AreEmailDiscussionsEnabled(itemInfo.ProjectId), ThreadStatuses = availableStatuses }; return(result); }