private UpdateResult CheckOtherUpdate(IIdentity actor, UserUpdateInfo update, IUser target) { if (update.ChangedDomain(target)) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot change domain" }); } if (Roles.IsInRole(actor, SecurityConst.ROLE_DOMAIN_ADMIN)) { if (update.ChangedActive(target) && !target.Active) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot reactivate yourself" }); } if (update.ChangedLogable(target) && !target.Logable) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot reactivate logability" }); } return(new UpdateResult { Ok = true }); } return(new UpdateResult { IsError = true, ErrorMessage = "only sys and domain admins can change other's profile" }); }
private UpdateResult CheckSelfUpdate(IIdentity actor, UserUpdateInfo update, IUser target) { if (update.ChangedDomain(target)) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot change domain" }); } if (Roles.IsInRole(actor, SecurityConst.ROLE_DOMAIN_ADMIN)) { if (update.ChangedActive(target) && !target.Active) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot reactivate yourself" }); } if (update.ChangedLogable(target) && !target.Logable) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot reactivate logability" }); } return(new UpdateResult { Ok = true }); } if (update.ChangedCustom(target)) { if (update.Custom.stringify().ToUpper().Contains("SECURE_")) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot manage secure customs" }); } } if (update.ChangedEmail(target)) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot change email" }); } if (update.ChangedRoles(target)) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot change roles" }); } if (update.ChangedGroups(target)) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot change groups" }); } if (update.ChangedExpire(target)) { return(new UpdateResult { IsError = true, ErrorMessage = "cannot change expire" }); } return(new UpdateResult { Ok = true }); }