/// <summary>
/// Filter list of users based on availability.
/// </summary>
/// <param name="users">Sequence of users.</param>
/// <param name="principal">Principal which is used for accessing data.</param>
/// <returns>Filter sequence with applied security rules.</returns>
protected virtual IQueryable <TUser> FilterUsers(IQueryable <TUser> users, System.Security.Claims.ClaimsPrincipal principal)
{
if (principal == null)
{
throw new ArgumentNullException("principal");
}
if (users == null)
{
throw new ArgumentNullException("users");
}
if (principal.IsInRole(RoleNames.Administrator))
{
return(users);
}
if (principal.IsInRole(RoleNames.ClientAdministrator))
{
var clientId = principal.GetClient();
users = users.Cast <DubUserWithClient>()
.Where(_ => _.ClientId == clientId)
.Cast <TUser>();
}
return(Enumerable.Empty <TUser>().AsQueryable());
}