public PagedQueryResult <User> Handle(MyUsersByKeyword query) { if (query == null) { throw new ArgumentNullException("query"); } var internalQuery = new MyUsers(query.Principal) { EagerLoad = query.EagerLoad, OrderBy = query.OrderBy, }; var internalQueryable = _queryProcessor.Execute(internalQuery); // filter by keyword if (!string.IsNullOrWhiteSpace(query.Keyword)) { var loweredKeyword = query.Keyword.ToLower(); internalQueryable = internalQueryable.Where(x => x.Name.ToLower().Contains(loweredKeyword) || x.Person.DisplayName.ToLower().Contains(loweredKeyword) || (x.Person.LastName != null && x.Person.LastName.ToLower().Contains(loweredKeyword)) || (x.Person.FirstName != null && x.Person.FirstName.ToLower().Contains(loweredKeyword)) || (x.Person.MiddleName != null && x.Person.MiddleName.ToLower().Contains(loweredKeyword)) || x.Person.Emails.Any(y => y.Value.ToLower().Contains(loweredKeyword)) || x.Grants.Any(y => y.Role.Name.ToLower().Contains(loweredKeyword)) ); } var pagedResults = new PagedQueryResult <User>(internalQueryable, query.PageSize, query.PageNumber); // only return role grants that the querying user is allowed to see if (!query.Principal.IsInRole(RoleName.AuthorizationAgent)) { foreach (var user in pagedResults.Items) { var allGrants = user.Grants; var allowedGrants = new List <RoleGrant>(); foreach (var grant in allGrants) { if (!RoleName.NonTenantRoles.Contains(grant.Role.Name)) { allowedGrants.Add(grant); } } user.Grants = allowedGrants; } } return(pagedResults); }
public IQueryable <User> Handle(MyUsers query) { if (query == null) { throw new ArgumentNullException("query"); } var results = _entities.Query <User>() .EagerLoad(_entities, query.EagerLoad); // only return users controlled by the requesting principal if (!query.Principal.IsInRole(RoleName.AuthenticationAgent) && // only agents are tenant agnostic !query.Principal.IsInRole(RoleName.AuthorizationAgent)) // filter to the non-agent's tenant { // get a list of all establishment id's controlled by the principal var ownedTenantIds = _queryProcessor.Execute(new MyOwnedTenantIds(query.Principal)); // return only users which are affiliated with the principal's establishments results = results.Where(x => x.TenantId.HasValue && ownedTenantIds.Contains(x.TenantId.Value)); } results = results.OrderBy(query.OrderBy); return(results); }