public PermissionCheckResult HasPermission(Person person, Person contextModelObject) { if (contextModelObject == null) { return(PermissionCheckResult.MakeFailurePermissionCheckResult("The Person whose details you are requesting to see doesn't exist.")); } var userHasEditPermission = new UserEditBasicsFeature().HasPermissionByPerson(person); var userHasManagePermission = new ContactManageFeature().HasPermissionByPerson(person); var userViewingOwnPage = person.PersonID == contextModelObject.PersonID; #pragma warning disable 612 var userHasAppropriateRole = HasPermissionByPerson(person); #pragma warning restore 612 if (!userHasAppropriateRole) { return(PermissionCheckResult.MakeFailurePermissionCheckResult("You don't permissions to view user details. If you aren't logged in, do that and try again.")); } //Only SitkaAdmin users should be able to see other SitkaAdmin users if (!person.HasRole(Role.SitkaAdmin) && contextModelObject.HasRole(Role.SitkaAdmin)) { return(PermissionCheckResult.MakeFailurePermissionCheckResult("You don\'t have permission to view this user.")); } if (userViewingOwnPage || userHasEditPermission || userHasManagePermission) { return(PermissionCheckResult.MakeSuccessPermissionCheckResult()); } return(PermissionCheckResult.MakeFailurePermissionCheckResult("You don\'t have permission to view this user.")); }
public PermissionCheckResult HasPermission(Person person, Person contextModelObject) { var hasContactManagePermissions = new ContactManageFeature().HasPermissionByPerson(person); var hasAdminPermissions = new FirmaAdminFeature().HasPermissionByPerson(person); if (contextModelObject.PersonID == person.PersonID) { return(PermissionCheckResult.MakeSuccessPermissionCheckResult()); } if (!person.IsFullUser()) { if (hasContactManagePermissions) { return(PermissionCheckResult.MakeSuccessPermissionCheckResult()); } } else { if (hasAdminPermissions) { return(PermissionCheckResult.MakeSuccessPermissionCheckResult()); } } return(PermissionCheckResult.MakeFailurePermissionCheckResult($"You do not have permission to edit {contextModelObject.FullNameFirstLast}")); }
public PermissionCheckResult HasPermission(Person person, Person contextModelObject) { var hasPermissionByPerson = new ContactManageFeature().HasPermissionByPerson(person); if (!hasPermissionByPerson) { return(PermissionCheckResult.MakeFailurePermissionCheckResult($"You don't have permission to delete {contextModelObject.FullNameFirstLast}")); } if (contextModelObject.IsFullUser()) { return(PermissionCheckResult.MakeFailurePermissionCheckResult($"{contextModelObject.FullNameFirstLast} cannot be deleted because they are a user with an account.")); } return(PermissionCheckResult.MakeSuccessPermissionCheckResult()); }