public async Task <Result <bool> > Handle(UpdateGateCommand command, CancellationToken cancellationToken) { try { var user = await _userRepository.GetUserByEmail(command.ModifiedBy); var adminAccess = await _userGateRepository.CheckAdminAccess(command.Id, user.Id); if (!adminAccess && !user.Role.Name.Equals("Admin")) { return(Result <bool> .AccessDenied("You have no access to modify gate!")); } var gateType = await _gateTypeRepository.GetGateTypeByName(command.GateTypeName); var account = await _accountRepository.GetAccountByName(command.AccountName); var currentGate = await _gateRepository.Get(command.Id); await UpdateUserGates(command.Id, command.ModifiedBy, command.Users); UpdateGateProperties(currentGate, command, gateType, account); var res = await _gateRepository.Update(currentGate); return(Result <bool> .Ok(res)); } catch (Exception e) { return(Result <bool> .Failure(e.Message)); } }
public async Task <Result <GateResponse> > Handle(GetGateRequest request, CancellationToken cancellationToken) { try { var user = await _userRepository.GetUserByEmail(request.RequestedBy); var access = await _userGateRepository.CheckAccess(request.Id, user.Id); var adminAccess = await _userGateRepository.CheckAdminAccess(request.Id, user.Id) || user.Role.Name == "Admin" || _gateRepository.IsAccountAdminOfTheGate(request.Id, user.Id); if (!access && user.Role.Name == "User" && !(_gateRepository.IsAccountAdminOfTheGate(request.Id, user.Id))) { return(Result <GateResponse> .AccessDenied("No access to this gate!")); } var gate = await _gateRepository.Get(request.Id); var response = CreateResponse(gate, adminAccess); return(Result <GateResponse> .Ok(response)); } catch (Exception e) { return(Result <GateResponse> .Failure(e.Message)); } }