private static bool CheckPermission(Project project, UserActivity ua, EngineFactory engineFactory)
{
var additionalDataParts = ua.AdditionalData.Split('|');
if (additionalDataParts.Length == 0)
{
return(false);
}
var entityType = (EntityType)Enum.Parse(typeof(EntityType), additionalDataParts[0], true);
if (entityType == EntityType.Message)
{
return(ProjectSecurity.CanReadMessages(project));
}
if (entityType == EntityType.Task || entityType == EntityType.TimeSpend)
{
if (ProjectSecurity.CanReadTasks(project))
{
return(true);
}
if (entityType == EntityType.Task)
{
var match = GetIdParam.Match(ua.URL);
int taskId;
if (match.Success && match.Groups["value"].Success && int.TryParse(match.Groups["value"].Value, out taskId))
{
var task = engineFactory.GetTaskEngine().GetByID(taskId);
if (ProjectSecurity.CanRead(task))
{
return(true);
}
}
return(false);
}
return(SecurityContext.CurrentAccount.ID == ua.UserID);
}
if (entityType == EntityType.Milestone)
{
var match = GetIdParam.Match(ua.URL);
int milestoneId;
if (match.Success && match.Groups["value"].Success && int.TryParse(match.Groups["value"].Value, out milestoneId))
{
var milestone = engineFactory.GetMilestoneEngine().GetByID(milestoneId);
return(ProjectSecurity.CanRead(milestone));
}
return(false);
}
return(true);
}
