public async Task <Result <GateResponse> > Handle(GetGateRequest request, CancellationToken cancellationToken) { try { var user = await _userRepository.GetUserByEmail(request.RequestedBy); var access = await _userGateRepository.CheckAccess(request.Id, user.Id); var adminAccess = await _userGateRepository.CheckAdminAccess(request.Id, user.Id) || user.Role.Name == "Admin" || _gateRepository.IsAccountAdminOfTheGate(request.Id, user.Id); if (!access && user.Role.Name == "User" && !(_gateRepository.IsAccountAdminOfTheGate(request.Id, user.Id))) { return(Result <GateResponse> .AccessDenied("No access to this gate!")); } var gate = await _gateRepository.Get(request.Id); var response = CreateResponse(gate, adminAccess); return(Result <GateResponse> .Ok(response)); } catch (Exception e) { return(Result <GateResponse> .Failure(e.Message)); } }
private async Task <bool> CheckAccess(string email, int gateId) { var user = await _userRepository.GetUserByEmail(email); var gate = await _gateRepository.Get(gateId); var result = await _userGateRepository.CheckAccess(gate.Id, user.Id); if (result) { await _logService.Create("success", EventTypes.Enter, user.Id, gate.AccountId, gate.Id); } else { await _logService.Create("failed", EventTypes.Enter, user.Id, gate.AccountId, gate.Id); } return(result); }