private bool Can(FileEntry fileEntry, Guid userId, SecurityAction action)
{
if (!ProjectSecurity.CanReadFiles(Project, userId))
{
return(false);
}
if (ProjectSecurity.IsAdministrator(userId))
{
return(true);
}
if (fileEntry == null || Project == null)
{
return(false);
}
if (fileEntry is Folder && ((Folder)fileEntry).FolderType == FolderType.DEFAULT && fileEntry.CreateBy == userId)
{
return(true);
}
if (fileEntry is File && fileEntry.CreateBy == userId)
{
return(true);
}
switch (action)
{
case SecurityAction.Read:
return(!Project.Private || dao.IsInTeam(Project.ID, userId));
case SecurityAction.Create:
case SecurityAction.Edit:
return(dao.IsInTeam(Project.ID, userId) &&
(!ProjectSecurity.IsVisitor(userId) || fileEntry is Folder && ((Folder)fileEntry).FolderType == FolderType.BUNCH));
case SecurityAction.Delete:
return(!ProjectSecurity.IsVisitor(userId) && Project.Responsible == userId);
default:
return(false);
}
}
private bool Can(FileEntry file, Guid userId, SecurityAction action)
{
if (!ProjectSecurity.CanReadFiles(Project))
{
return(false);
}
if (IsAdmin(userId))
{
return(true);
}
if (file == null || Project == null)
{
return(false);
}
if (file is Folder && ((Folder)file).FolderType == FolderType.DEFAULT && file.CreateBy == userId)
{
return(true);
}
if (file is File && file.CreateBy == userId)
{
return(true);
}
switch (action)
{
case SecurityAction.Read: return(Project.Private ? dao.IsInTeam(Project.ID, userId) : true);
case SecurityAction.Create: return(dao.IsInTeam(Project.ID, userId));
case SecurityAction.Edit: return(Project.Responsible == userId);
case SecurityAction.Delete: return(Project.Responsible == userId);
default: return(false);
}
}
