/// <summary>
/// Determine if user is direct or indirect (organization admin) package owner.
/// </summary>
/// <param name="user">User to query.</param>
/// <param name="package">Package to query.</param>
/// <returns>True if direct or indirect package owner.</returns>
public static bool IsOwnerOrMemberOfOrganizationOwner(this User user, PackageRegistration package)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (package == null)
{
throw new ArgumentNullException(nameof(package));
}
return(package.Owners.Any(o => user.KeyIsSelfOrOrganization(o.Key)));
}
/// <summary>
/// Determine if the current user matches the owner scope of the current credential.
/// There is a match if the owner scope is self or an organization to which the user
/// belongs.
///
/// Note there is no need to check organization role, which the action scope covers.
/// </summary>
/// <param name="user">User to query.</param>
/// <param name="credential">Credential to query.</param>
/// <returns>True if user matches the owner scope, false otherwise.</returns>
public static bool MatchesOwnerScope(this User user, Credential credential)
{
if (user == null)
{
throw new ArgumentNullException(nameof(user));
}
if (credential == null)
{
throw new ArgumentNullException(nameof(credential));
}
// Legacy V1 API key with no owner scope.
if (!credential.Scopes.Any())
{
return(true);
}
return(credential.Scopes
.Select(s => s.OwnerKey)
.Distinct()
.Any(ownerKey => !ownerKey.HasValue || // Legacy V2 API key with no owner scope
user.KeyIsSelfOrOrganization(ownerKey))); // V2 API key with owner scope
}
