private static bool CheckPermission(Project project, UserActivity ua, EngineFactory engineFactory) { var additionalDataParts = ua.AdditionalData.Split('|'); if (additionalDataParts.Length == 0) { return(false); } var entityType = (EntityType)Enum.Parse(typeof(EntityType), additionalDataParts[0], true); if (entityType == EntityType.Message) { return(ProjectSecurity.CanReadMessages(project)); } if (entityType == EntityType.Task || entityType == EntityType.TimeSpend) { if (ProjectSecurity.CanReadTasks(project)) { return(true); } if (entityType == EntityType.Task) { var match = GetIdParam.Match(ua.URL); int taskId; if (match.Success && match.Groups["value"].Success && int.TryParse(match.Groups["value"].Value, out taskId)) { var task = engineFactory.GetTaskEngine().GetByID(taskId); if (ProjectSecurity.CanRead(task)) { return(true); } } return(false); } return(SecurityContext.CurrentAccount.ID == ua.UserID); } if (entityType == EntityType.Milestone) { var match = GetIdParam.Match(ua.URL); int milestoneId; if (match.Success && match.Groups["value"].Success && int.TryParse(match.Groups["value"].Value, out milestoneId)) { var milestone = engineFactory.GetMilestoneEngine().GetByID(milestoneId); return(ProjectSecurity.CanRead(milestone)); } return(false); } return(true); }