public bool IsUserInNestedGroup(Group group, User user)
{
foreach (var member in group.GroupMembers.Where(x => x.IsGroup()))
{
var nestedGroup = this.groupRepository.GroupNamed(member.TenantId, member.Name);
if (nestedGroup != null)
{
var isInNestedGroup = nestedGroup.IsMember(user, this);
if (isInNestedGroup)
return true;
}
}
return false;
}
public bool ConfirmUser(Group group, User user)
{
bool userConfirmed = true;
User confirmedUser =
this.UserRepository
.UserWithUsername(group.TenantId, user.Username);
if (confirmedUser == null || !confirmedUser.Enabled)
{
userConfirmed = false;
}
return userConfirmed;
}
public bool IsUserInRole(User user, string roleName)
{
AssertionConcern.AssertArgumentNotNull(user, "User must not be null.");
AssertionConcern.AssertArgumentNotEmpty(roleName, "Role name must not be null.");
var authorized = false;
if (user.Enabled)
{
var role = this.roleRepository.RoleNamed(user.TenantId, roleName);
if (role != null)
{
authorized = role.IsInRole(user, new GroupMemberService(this.userRepository, this.groupRepository));
}
}
return authorized;
}
public void AssignUser(User user)
{
AssertionConcern.AssertArgumentNotNull(user, "User must not be null.");
AssertionConcern.AssertArgumentEquals(this.TenantId, user.TenantId, "Wrong tenant for this user.");
this.Group.AddUser(user);
DomainEventPublisher
.Instance
.Publish(new UserAssignedToRole(
this.TenantId,
this.Name,
user.Username,
user.Person.Name.FirstName,
user.Person.Name.LastName,
user.Person.EmailAddress.Address));
}
public void AddUser(User user)
{
AssertionConcern.AssertArgumentNotNull(user, "User must not be null.");
AssertionConcern.AssertArgumentEquals(this.TenantId, user.TenantId, "Wrong tenant for this group.");
AssertionConcern.AssertArgumentTrue(user.Enabled, "User is not enabled.");
if (this.GroupMembers.Add(user.ToGroupMember()) && !this.IsInternalGroup())
{
DomainEventPublisher
.Instance
.Publish(new GroupUserAdded(
this.TenantId,
this.Name,
user.Username));
}
}
public void RemoveUser(User user)
{
AssertionConcern.AssertArgumentNotNull(user, "User must not be null.");
AssertionConcern.AssertArgumentEquals(this.TenantId, user.TenantId, "Wrong tenant for this group.");
// not a nested remove, only direct member
if (this.GroupMembers.Remove(user.ToGroupMember()) && !this.IsInternalGroup())
{
DomainEventPublisher
.Instance
.Publish(new GroupUserRemoved(
this.TenantId,
this.Name,
user.Username));
}
}
public bool IsMember(User user, GroupMemberService groupMemberService)
{
AssertionConcern.AssertArgumentNotNull(user, "User must not be null.");
AssertionConcern.AssertArgumentEquals(this.TenantId, user.TenantId, "Wrong tenant for this group.");
AssertionConcern.AssertArgumentTrue(user.Enabled, "User is not enabled.");
var isMember = this.GroupMembers.Contains(user.ToGroupMember());
if (isMember)
{
isMember = groupMemberService.ConfirmUser(this, user);
}
else
{
isMember = groupMemberService.IsUserInNestedGroup(this, user);
}
return isMember;
}
/// <summary>
/// Uses a <see cref="GroupMemberService"/> to determine
/// whether a given <see cref="User"/> has this role, including
/// by way of nested <see cref="Group"/> membership.
/// </summary>
/// <param name="user">
/// A <see cref="User"/> entity to check.
/// </param>
/// <param name="groupMemberService">
/// The instance of <see cref="GroupMemberService"/>
/// relayed to the <see cref="Group.IsMember"/> method.
/// </param>
/// <returns>
/// <c>true</c> if the given <paramref name="user"/>
/// has this role; otherwise, <c>false</c>.
/// </returns>
public bool IsInRole(User user, GroupMemberService groupMemberService)
{
return this.internalGroup.IsMember(user, groupMemberService);
}
public void UnassignUser(User user)
{
AssertionConcern.AssertArgumentNotNull(user, "User must not be null.");
AssertionConcern.AssertArgumentEquals(this.TenantId, user.TenantId, "Wrong tenant for this user.");
this.internalGroup.RemoveUser(user);
DomainEventPublisher
.Instance
.Publish(new UserUnassignedFromRole(
this.TenantId,
this.Name,
user.Username));
}
/// <summary>
/// Determines whether a <see cref="User"/>'s declared
/// membership in a <see cref="Group"/> is valid.
/// </summary>
/// <param name="group">
/// An instance of <see cref="Group"/> which may have
/// the <paramref name="user"/> as a member.
/// </param>
/// <param name="user">
/// An instance of <see cref="User"/> which may be
/// a member of the <paramref name="group"/>.
/// </param>
/// <returns>
/// <c>true</c> if the <paramref name="user"/>'s
/// <see cref="User.TenantId"/> matches that of
/// the <paramref name="group"/> and the user's
/// <see cref="User.IsEnabled"/> property is true;
/// otherwise, <c>false</c>.
/// </returns>
public bool ConfirmUser(Group group, User user)
{
User confirmedUser = this.userRepository.UserWithUsername(group.TenantId, user.Username);
return ((confirmedUser == null) || (!confirmedUser.IsEnabled));
}
public bool IsUserInNestedGroup(Group group, User user)
{
bool isInNestedGroup = false;
foreach (GroupMember member in group.GroupMembers)
{
if (member.IsGroup())
{
Group nestedGroup =
this.GroupRepository
.GroupNamed(member.TenantId, member.Name);
if (nestedGroup != null)
{
isInNestedGroup = nestedGroup.IsMember(user, this);
}
}
if (isInNestedGroup)
{
break;
}
}
return isInNestedGroup;
}
public User RegisterUser(
string invitationIdentifier,
string username,
string password,
Enablement enablement,
Person person)
{
AssertionConcern.AssertStateTrue(this.Active, "Tenant is not active.");
User user = null;
if (this.IsRegistrationAvailableThrough(invitationIdentifier))
{
// ensure same tenant
person.TenantId = this.TenantId;
user = new User(this.TenantId, username, password, enablement, person);
}
return user;
}
public bool ConfirmUser(Group group, User user)
{
var confirmedUser = this.userRepository.UserWithUsername(group.TenantId, user.Username);
var userConfirmed = confirmedUser == null || !confirmedUser.Enabled;
return userConfirmed;
}
