/// <inheritdoc/> public IEnumerable <string> LocationIdsWithPermission(MeUser user, Permission permission) { var locations = user .Permissions .Where(up => up.LocationId != null) .Where(up => _rolePermissions.Can((UserRoles)up.UserRole, permission)) .Select(up => up.LocationId); return(locations); }
/// <inheritdoc/> public async Task <bool> HasPermission(string oktaId, Permission permission) { if (_authorizationSettings.Value.Disable) { return(true); } var meUser = await _userRetrievalService.Handle(new UserRetrievalByOktaIdQuery(oktaId)); if (meUser.Permissions != null) { var hasPermission = meUser.Permissions.Any( p => _rolePermissions.Can((UserRoles)p.UserRole, permission) && p.LocationId != null); if (hasPermission) { return(true); } } return(false); }
/// <inheritdoc/> public async Task <bool> HasPermission(string emailAddress, ILocationPath document, Permission permission) { if (_authorizationSettings.Value.Disable) { return(true); } var meUser = await _userRetrievalService.Handle(new UserRetrievalByOktaIdQuery(emailAddress)); if (meUser.Permissions != null) { var hasPermission = meUser.Permissions.Any( p => _rolePermissions.Can((UserRoles)p.UserRole, permission) && document.LocationIds().Any(l => l == p.LocationId)); if (hasPermission) { return(true); } } return(false); }