예제 #1
0
        public async Task <bool> IsInstallerOwner(WebAppUser user, string idForm, string idStore)
        {
            bool result = await IsRights("-set-own", user, idForm);

            if (!result)
            {
                return(result);
            }

            MtdStoreOwner mtdStoreOwner = await _context.MtdStoreOwner.FindAsync(idStore);

            if (mtdStoreOwner == null)
            {
                return(await IsAdmin(user));
            }

            List <WebAppUser> webAppUsers = await GetUsersInGroupsAsync(user);

            if (webAppUsers.Count == 0)
            {
                return(result);
            }

            List <string> userIds = webAppUsers.Select(x => x.Id).ToList();

            return(webAppUsers.Where(x => userIds.Contains(mtdStoreOwner.UserId)).Any());
        }
예제 #2
0
        public async Task <IActionResult> OnPostSetOwnerAsync()
        {
            IFormCollection requestForm = await Request.ReadFormAsync();

            string idStore = requestForm["setowner-id-store"];
            string idUser  = requestForm["setowner-id-user"];

            WebAppUser webAppUser = await _userHandler.FindByIdAsync(idUser);

            if (webAppUser != null)
            {
                MtdStoreOwner mtdStoreOwner = await _context.MtdStoreOwner.Include(x => x.IdNavigation).FirstOrDefaultAsync(x => x.Id == idStore);

                if (mtdStoreOwner == null)
                {
                    string idForm          = mtdStoreOwner.IdNavigation.MtdForm;
                    bool   IsInstllerOwner = await _userHandler.IsInstallerOwner(webAppUser, idForm, mtdStoreOwner.Id);

                    if (!IsInstllerOwner)
                    {
                        return(Forbid());
                    }

                    mtdStoreOwner = new MtdStoreOwner
                    {
                        Id       = idStore,
                        UserId   = webAppUser.Id,
                        UserName = webAppUser.Title
                    };

                    await _context.MtdStoreOwner.AddAsync(mtdStoreOwner);

                    await _context.SaveChangesAsync();

                    return(Ok());
                }

                mtdStoreOwner.UserId   = webAppUser.Id;
                mtdStoreOwner.UserName = webAppUser.Title;
                _context.Entry(mtdStoreOwner).State = EntityState.Modified;
                await _context.SaveChangesAsync();
            }

            return(Ok());
        }