public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (StudentAssignedOffering.IsActive)
     {
         if (user.Identity.User.UserRoles.Any())
         {
             if (IsDataAdmin(user)
                 || IsCreatingUser(user, StudentAssignedOffering)
                 || (!StudentAssignedOffering.ServiceOffering.ServiceType.IsPrivate && IsSiteCoordinatorAssociatedToSchools(user, new[] { StudentAssignedOffering.Student.School })
                     || IsApprovedProviderAssociatedToStudentOfferings(user, StudentAssignedOffering.Student)))
             {
                 return;
             }
         }
     }
     else
     {
         throw new EntityNotFoundException("StudentAssignedOffering");
     }
     throw new EntityAccessUnauthorizedException("Not authorized to manage this assigned offering.");
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     CustomFieldOnly = false;
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || IsSiteCoordinatorAssociatedToSchools(user, new[] { Student.School })
             || IsApprovedProviderAssociatedToStudentOfferings(user, Student))
         {
             return;
         }
         if (!Student.HasParentalOptOut)
         {
             if (Student.CustomFieldValues.Any(f => IsCreatingUser(user, f.CustomDataOrigin)))
             {
                 CustomFieldOnly = true;
                 return;
             }
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to view this student.");
 }
        public void Create(EducationSecurityPrincipal user, ServiceOfferingScheduleModel viewModel)
        {
            if (user == null)
            {
                throw new ArgumentNullException("user");
            }
            if (viewModel == null)
            {
                throw new ArgumentNullException("viewModel");
            }
            if (!ServiceOfferingRepository.Items.Any(s => s.Id == viewModel.ServiceOfferingId && s.IsActive))
            {
                throw new EntityNotFoundException("Selected Service Offering was not found.");
            }
            ServiceOffering       offering   = ServiceOfferingRepository.Items.Single(s => s.Id == viewModel.ServiceOfferingId && s.IsActive);
            IEnumerable <Student> students   = StudentRepository.Items.Include(s => s.School).Where(s => viewModel.SelectedStudents.Contains(s.Id));
            IPermission           permission = PermissionFactory.Current.Create("ScheduleOffering", students, offering);

            permission.GrantAccess(user);
            User       userEntity = user.Identity.User;
            List <int> studentIds = viewModel.SelectedStudents.ToList();

            foreach (int studentId in studentIds)
            {
                var studentAssignedOffering = new StudentAssignedOffering
                {
                    StudentId      = studentId,
                    CreatingUserId = userEntity.Id,
                    IsActive       = true
                };
                viewModel.CopyTo(studentAssignedOffering);
                StudentAssignedOfferingRepository.Add(studentAssignedOffering);
            }
            RepositoryContainer.Save();
        }
Exemplo n.º 4
0
        public void GivenUserIsSiteCoordinator_WhenGrantAccess_ThenSucceed()
        {
            ManageProviderPermission   target = new ManageProviderPermission(1);
            EducationSecurityPrincipal user   = CreateSiteCoordinatorUser(new List <School>());

            target.GrantAccess(user);
        }
Exemplo n.º 5
0
        private UploadWizardCompleteModel CheckUploadErrors(EducationSecurityPrincipal user, UploadWizardModel model, DataTable dataTable)
        {
            UploadWizardCompleteModel completeModel = new UploadWizardCompleteModel();

            if (dataTable.Columns.Count != model.CustomFields.Count())
            {
                completeModel.RowErrors.Add("There is a different amount of columns in the file than listed. Please re-submit the file and try again.");
                completeModel.ProcessedRowCount = completeModel.SuccessfulRowsCount = 0;
                return(completeModel);
            }
            foreach (var field in model.CustomFields)
            {
                if (field.SelectedCustomFieldId != 0)
                {
                    IPermission customFieldPermission = PermissionFactory.Current.Create("UploadCustomFieldData", CustomFieldRepository.Items.Single(c => c.Id == field.SelectedCustomFieldId));
                    if (!customFieldPermission.TryGrantAccess(user))
                    {
                        completeModel.RowErrors.Add("You don't have access to one or more of the selected custom fields. Re-submit and try again.");
                        completeModel.ProcessedRowCount = completeModel.SuccessfulRowsCount = 0;
                        return(completeModel);
                    }
                }
            }
            return(completeModel);
        }
        public void Create(EducationSecurityPrincipal user, ServiceRequestModel viewModel)
        {
            if (user == null)
            {
                throw new ArgumentNullException("user");
            }
            if (viewModel == null)
            {
                throw new ArgumentNullException("viewModel");
            }
            IPermission permission = PermissionFactory.Current.Create("CreateServiceRequest", StudentRepository.Items.Include(s => s.School.UserRoles).Where(s => viewModel.StudentIds.Contains(s.Id)));

            permission.GrantAccess(user);
            List <int> studentIds = viewModel.StudentIds.ToList();

            foreach (int studentId in studentIds)
            {
                ServiceRequest request = new ServiceRequest();
                viewModel.CopyTo(request);
                request.StudentId      = studentId;
                request.CreatingUser   = user.Identity.User;
                request.CreatingUserId = user.Identity.User.Id;
                CreateFulfillmentDetail(request, user, viewModel);
                ServiceRequestRepository.Add(request);
            }
            RepositoryContainer.Save();
        }
Exemplo n.º 7
0
        public void GivenUserIsProvider_AndUserAssignedDifferentProvidersThanSpecifiedToPermission_WhenGrantAccess_ThenThrowException()
        {
            ManageProviderPermission   target = new ManageProviderPermission(1);
            EducationSecurityPrincipal user   = CreateProviderUser(Data.Providers.Where(p => p.Id != 1).ToList());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsProvider_AndUserHasAllProviderAssociations_WhenGrantAccess_ThenSucceed()
        {
            ImportOfferingDataPermission target = new ImportOfferingDataPermission(Data.ServiceOfferings[0]);
            EducationSecurityPrincipal   user   = CreateProviderUser(Data.Providers);

            target.GrantAccess(user);
        }
        public ServiceRequestModel GenerateEditViewModel(EducationSecurityPrincipal user, int requestId)
        {
            var serviceRequest = ServiceRequestRepository.Items.
                                 Include(s => s.Priority).
                                 Include(s => s.Subject).
                                 Include(s => s.ServiceType).
                                 Include(s => s.Student.ApprovedProviders).
                                 Include(s => s.Student.School.UserRoles).
                                 Include("Student.StudentAssignedOfferings.ServiceOffering").
                                 Include("Student.StudentAssignedOfferings.ServiceOffering.Provider").
                                 Include(s => s.FulfillmentDetails).
                                 Include(s => s.CreatingUser).
                                 Include(s => s.LastModifyingUser).
                                 SingleOrDefault(s => s.Id == requestId);

            if (serviceRequest == null)
            {
                throw new EntityNotFoundException("Specified Service Request does not exist.");
            }
            IPermission permission = PermissionFactory.Current.Create("EditRequest", serviceRequest);

            permission.GrantAccess(user);
            ServiceRequestModel viewModel = new ServiceRequestModel();

            viewModel.CopyFrom(serviceRequest);
            PopulateViewModel(viewModel);
            return(viewModel);
        }
Exemplo n.º 10
0
        public void GivenUserRoleUnknown_WhenGrantAccess_ThenThrowException()
        {
            ManageProviderPermission   target = new ManageProviderPermission(1);
            EducationSecurityPrincipal user   = CreateUserWithUnknownRole();

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsProvider_AndStudentApprovedNoProviders_WhenGrantAccess_ThenThrowException()
        {
            ViewStudentDetailPermission target = new ViewStudentDetailPermission(new Student());
            EducationSecurityPrincipal  user   = CreateProviderUser(new List <Provider>());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsSiteCoordinator_WhenGrantAccess_ThenSucceed()
        {
            ImportOfferingDataPermission target = new ImportOfferingDataPermission(new ServiceOffering());
            EducationSecurityPrincipal   user   = CreateSiteCoordinatorUser(new List <School>());

            target.GrantAccess(user);
        }
Exemplo n.º 13
0
        public void Edit(CustomFieldModel viewModel, EducationSecurityPrincipal user)
        {
            if (viewModel == null)
            {
                throw new ArgumentNullException("viewModel");
            }
            if (user == null)
            {
                throw new ArgumentNullException("user");
            }
            var model = CustomFieldRepository.Items.Include(c => c.Categories).SingleOrDefault(c => c.Id == viewModel.Id);

            if (model == null)
            {
                throw new EntityNotFoundException("The requested custom field could not be found");
            }
            if (CustomFieldValueRepository.Items.Any(v => v.CustomFieldId == viewModel.Id) && model.CustomFieldTypeId != viewModel.SelectedFieldTypeId)
            {
                throw new ValidationException(new ValidationResult("Cannot edit field type because data values have already been loaded", new[] { "SelectedFieldTypeId" }), null, viewModel);
            }
            viewModel.CopyTo(model);
            model.LastModifyingUser = user.Identity.User;
            model.LastModifyTime    = DateTime.Now;
            model.Categories        = CustomFieldCategoryRepository.Items.Where(c => viewModel.SelectedCategories.Contains(c.Id)).ToList();
            CustomFieldRepository.Update(model);
            RepositoryContainer.Save();
        }
        public void GivenUserIsSiteCoordinator_AndUserAssignedAllSchools_WhenGrantAccess_ThenSucceed()
        {
            ScheduleOfferingPermission target = new ScheduleOfferingPermission(Data.Students, Data.ServiceOfferings[0]);
            EducationSecurityPrincipal user   = CreateSiteCoordinatorUser(Data.Schools);

            target.GrantAccess(user);
        }
        public void GivenUserIsSiteCoordinator_AndSiteCoordinatorAssignedNoSchools_WhenGrantAccess_ThenThrowException()
        {
            ViewStudentDetailPermission target = new ViewStudentDetailPermission(new Student());
            EducationSecurityPrincipal  user   = CreateSiteCoordinatorUser(new List <School>());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
Exemplo n.º 16
0
        private void ProcessRows(EducationSecurityPrincipal user, int studentIdColumn, DataTable dataTable, UploadWizardCompleteModel completeModel, CustomDataOrigin origin, Dictionary <int, CustomField> customFieldsDicitonary)
        {
            int numColumns = dataTable.Columns.Count;

            for (int i = 0; i < dataTable.Rows.Count; i++)
            {
                var row = dataTable.Rows[i];
                if (row.HasErrors)
                {
                    ProcessError(row, string.Format(CultureInfo.CurrentCulture, "Row {0} failed to process.  {1}", i + 2, row.RowError), completeModel);
                }
                else
                {
                    var studentId = row[studentIdColumn].ToString();
                    var student   = StudentRepository.Items.Include("StudentAssignedOfferings.ServiceOffering.Provider").
                                    SingleOrDefault(s => s.StudentSISId == studentId);
                    if (student == null || !PermissionFactory.Current.Create("ProcessDataFile", student).TryGrantAccess(user))
                    {
                        ProcessError(row, string.Format(CultureInfo.CurrentCulture, "You do not have permission to interact with the referenced student on row {0}", i + 2), completeModel);
                    }
                    else
                    {
                        AttemptRowReadOfUploadWizardFile(studentIdColumn, completeModel, origin, customFieldsDicitonary, numColumns, i, row, student);
                    }
                }
                completeModel.ProcessedRowCount++;
            }
        }
Exemplo n.º 17
0
        private static void SignedOnCallback()
        {
            ClaimsPrincipal claimsPrincipal = HttpContext.Current.User as ClaimsPrincipal;
            string          userKey         = EducationSecurityPrincipal.FindUserKey(claimsPrincipal);

            UserIdentityMapAttribute.AuditOnMap(userKey);
        }
        public void GivenUserIsProvider_AndUserHasNoProviderAssociations_WhenGrantAccess_ThenThrowException()
        {
            ImportOfferingDataPermission target = new ImportOfferingDataPermission(new ServiceOffering());
            EducationSecurityPrincipal   user   = CreateProviderUser(new List <Provider>());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsProvider_AndOfferingNotPassedIn_WhenGrantAccess_ThenSucceed()
        {
            ScheduleOfferingPermission target = new ScheduleOfferingPermission(Data.Students);
            EducationSecurityPrincipal user   = CreateProviderUser(new List <Provider>());

            target.GrantAccess(user);
        }
        public void GivenUserIsSiteCoordinator_AndUserAssignedNoSchools_WhenGrantAccess_ThenThrowException()
        {
            ScheduleOfferingPermission target = new ScheduleOfferingPermission(Data.Students, Data.ServiceOfferings[0]);
            EducationSecurityPrincipal user   = CreateSiteCoordinatorUser(new List <School>());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user))
         {
             return;
         }
         if (CustomField is PublicField)
         {
             return;
         }
         else
         {
             PrivateHealthField privateHealthField = CustomField as PrivateHealthField;
             if (IsProvider(user) && privateHealthField.ProviderId != null && user.Identity.User.UserRoles.SelectMany(u => u.Providers).Contains(privateHealthField.Provider))
             {
                 return;
             }
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to upload to this custom field.");
 }
        public void GivenUserIsSiteCoordinator_AndUserNotAssignedSchoolsForAllStudents_WhenGrantAccess_ThenThrowException()
        {
            ScheduleOfferingPermission target = new ScheduleOfferingPermission(Data.Students, Data.ServiceOfferings[0]);
            EducationSecurityPrincipal user   = CreateSiteCoordinatorUser(Data.Schools.Where(s => s != Data.Students.First().School).ToList());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsDataAdmin_WhenGrantAccess_ThenSucceed()
        {
            ImportOfferingDataPermission target = new ImportOfferingDataPermission(new ServiceOffering());
            EducationSecurityPrincipal   user   = CreateDataAdminUser();

            target.GrantAccess(user);
        }
Exemplo n.º 24
0
        public void GivenNameCriteria_AndProviderNotAssociatedWithProgramWithMatchingName_WhenExecuteFilterPredicate_ThenReturnFalse()
        {
            EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User {
                UserKey = "whatever"
            });
            Provider provider = new Provider
            {
                Name             = "not the search criteria",
                IsActive         = true,
                ServiceOfferings = new List <ServiceOffering>
                {
                    new ServiceOffering
                    {
                        Program = new Program {
                            Name = "Nope"
                        }
                    }
                }
            };

            MockRequest.Expect(m => m["PartnerName"]).Return("blah");
            ProviderClientDataTable target = new ProviderClientDataTable(MockRequest, user);

            Assert.IsFalse(target.FilterPredicate.Compile().Invoke(provider));
        }
        public void GivenUserHasNoRoles_WhenGrantAccess_ThenThrowException()
        {
            ViewStudentDetailPermission target = new ViewStudentDetailPermission(new Student());
            EducationSecurityPrincipal  user   = CreateUserWithNoRoles();

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserRoleIsUnknown_WhenGrantAccess_ThenThrowException()
        {
            ViewStudentDetailPermission target = new ViewStudentDetailPermission(Data.Students[0]);
            EducationSecurityPrincipal  user   = CreateUserWithUnknownRole();

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsDataAdmin_WhenGrantAccess_ThenSucceed()
        {
            ViewStudentDetailPermission target = new ViewStudentDetailPermission(new Student());
            EducationSecurityPrincipal  user   = CreateDataAdminUser();

            target.GrantAccess(user);
        }
Exemplo n.º 28
0
 public void BaseInitializeTest()
 {
     User = new EducationSecurityPrincipal(new User {
         UserKey = "whatever"
     });
     MockHttpContext = MockHttpContextFactory.Create();
 }
Exemplo n.º 29
0
        public void GivenProvider_AndProviderHasAssociatedServiceOfferingsWithAProgramThatHasSchools_WhenInvokeDataSelector_ThenDataHasAssociatedSchoolNames()
        {
            string[] expected = new[] { "School1", "School2", "School3" };
            EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User {
                UserKey = "whatever"
            });
            Provider expectedState = new Provider
            {
                ServiceOfferings = new List <ServiceOffering>
                {
                    new ServiceOffering
                    {
                        IsActive = true,
                        Program  = new Program
                        {
                            Schools = expected.Select(e => new School {
                                Name = e
                            }).ToList(),
                            IsActive = true
                        }
                    }
                }
            };
            ProviderClientDataTable target = new ProviderClientDataTable(MockRequest, user);

            dynamic actual = target.DataSelector.Compile().Invoke(expectedState);

            CollectionAssert.AreEqual(expected, ((IEnumerable <string>)actual.Schools).ToList());
        }
        public void GivenUserIsDataAdmin_WhenGrantAccess_ThenSucceed()
        {
            ScheduleOfferingPermission target = new ScheduleOfferingPermission(Data.Students, Data.ServiceOfferings[0]);
            EducationSecurityPrincipal user   = CreateDataAdminUser();

            target.GrantAccess(user);
        }
        public void GivenUserIsProvider_AndUserHasProviderAssociationsDifferentThanOffering_WhenGrantAccess_ThenSucceed()
        {
            ImportOfferingDataPermission target = new ImportOfferingDataPermission(Data.ServiceOfferings[0]);
            EducationSecurityPrincipal   user   = CreateProviderUser(Data.Providers.Where(p => p != Data.ServiceOfferings[0].Provider).ToList());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
        public void GivenUserIsProviderNotAssociatedToOffering_WhenGrantAccess_ThenSucceed()
        {
            ScheduleOfferingPermission target = new ScheduleOfferingPermission(Data.Students, Data.ServiceOfferings[0]);
            EducationSecurityPrincipal user   = CreateProviderUser(new List <Provider>());

            target.ExpectException <EntityAccessUnauthorizedException>(() => target.GrantAccess(user));
        }
Exemplo n.º 33
0
        public void Edit(ServiceAttendanceModel viewModel, EducationSecurityPrincipal user)
        {
            if (viewModel == null)
            {
                throw new ArgumentNullException("viewModel");
            }
            if (user == null)
            {
                throw new ArgumentNullException("user");
            }
            var updatedServiceAttendance = ServiceAttendanceRepository.Items.Include(s => s.StudentAssignedOffering).SingleOrDefault(s => s.Id == viewModel.Id);

            if (updatedServiceAttendance == null)
            {
                throw new EntityNotFoundException();
            }
            IPermission permission = PermissionFactory.Current.Create("EditServiceAttendance", updatedServiceAttendance.StudentAssignedOffering);

            permission.GrantAccess(user);
            viewModel.CopyTo(updatedServiceAttendance);
            updatedServiceAttendance.LastModifyingUser = user.Identity.User;
            updatedServiceAttendance.LastModifyTime    = DateTime.Now;
            ServiceAttendanceRepository.Update(updatedServiceAttendance);
            RepositoryContainer.Save();
        }
 protected bool IsCreatingUser(EducationSecurityPrincipal user, IAuditCreate entity)
 {
     if (entity == null)
     {
         throw new ArgumentNullException("entity");
     }
     return entity.CreatingUserId == user.Identity.User.Id;
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (IsDataAdmin(user))
     {
         return;
     }
     throw new EntityAccessUnauthorizedException("Not authorized");
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || IsSiteCoordinator(user)
             || (IsProvider(user) && user.Identity.User.UserRoles.SelectMany(u => u.Providers).Any(p => p.Id == ProviderId)))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to manage the specified provider.");
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || IsSiteCoordinatorAssociatedToSchools(user, Students.Select(s => s.School)))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to create this request.");
 }
 public static bool TryGrantAccess(this IPermission permission, EducationSecurityPrincipal user)
 {
     if (permission == null)
     {
         throw new ArgumentNullException("permission");
     }
     try
     {
         permission.GrantAccess(user);
         return true;
     }
     catch (EntityAccessUnauthorizedException)
     {
         return false;
     }
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || IsSiteCoordinator(user)
             || IsProviderAssociatedToOffering(user, Offering))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("User not authorized to access service offering.");
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || IsSiteCoordinatorAssociatedToSchools(user, new[] { StudentAssignedOffering.Student.School })
             || IsProviderAssociatedToOffering(user, StudentAssignedOffering.ServiceOffering))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to manage attendance for this assigned offering.");
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user) ||
             IsSiteCoordinatorAssociatedToSchools(user, new[] { Student.School }) ||
             IsProviderAssociatedToStudentOfferings(user, Student))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("You do not have access to this CustomField");
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || ((Offering == null && IsProvider(user)) ||IsProviderAssociatedToOffering(user, Offering))
             || IsSiteCoordinatorAssociatedToSchools(user, Students.Select(s => s.School)))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to schedule offerings to all students.");
 }
 protected EducationSecurityPrincipal CreateDataAdminUser()
 {
     EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User
     {
         UserKey = "whatever",
         UserRoles = new List<UserRole>
         {
             new UserRole
             {
                 Role = new Role
                 {
                     Name = SecurityRoles.DataAdmin
                 }
             }
         }
     });
     return user;
 }
 protected EducationSecurityPrincipal CreateSiteCoordinatorUser(ICollection<School> associatedSchools)
 {
     EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User
     {
         UserKey = "whatever",
         UserRoles = new List<UserRole>
         {
             new UserRole
             {
                 Role = new Role
                 {
                     Name = SecurityRoles.SiteCoordinator
                 },
                 Schools = associatedSchools
             }
         }
     });
     return user;
 }
 protected EducationSecurityPrincipal CreateProviderUser(ICollection<Provider> associatedProviders)
 {
     EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User
     {
         UserKey = "whatever",
         UserRoles = new List<UserRole>
         {
             new UserRole
             {
                 Role = new Role
                 {
                     Name = SecurityRoles.Provider
                 },
                 Providers = associatedProviders
             }
         }
     });
     return user;
 }
 public override void GrantAccess(EducationSecurityPrincipal user)
 {
     if (user == null)
     {
         throw new ArgumentNullException("user");
     }
     if (user.Identity.User.UserRoles.Any())
     {
         if (IsDataAdmin(user)
             || IsCreatingUser(user, ServiceRequest)
             || (!ServiceRequest.ServiceType.IsPrivate &&
                 (IsSiteCoordinatorAssociatedToSchools(user, new[] { ServiceRequest.Student.School })
                 || IsApprovedProviderAssociatedToStudentOfferings(user, ServiceRequest.Student))))
         {
             return;
         }
     }
     throw new EntityAccessUnauthorizedException("Not authorized to view this request.");
 }
        public void GivenGrantAccessInvokedOnCustomFieldOnlyUser_AndCalledAgainOnDataAdmin_WhenGrantAccess_ThenCustomFieldOnlyFalse()
        {
            ViewStudentDetailPermission target = new ViewStudentDetailPermission(new Student { CustomFieldValues = Data.CustomFieldValues });
            EducationSecurityPrincipal user = new EducationSecurityPrincipal(Data.CustomFieldValues.First().CustomDataOrigin.CreatingUser);
            Data.CustomFieldValues.First().CustomDataOrigin.CreatingUser.UserRoles = new List<UserRole>
            {
                new UserRole
                {
                    Role = new Role
                    {
                        Name = SecurityRoles.Provider
                    }
                }
            };
            target.GrantAccess(user);
            user = CreateDataAdminUser();

            target.GrantAccess(user);

            Assert.IsFalse(target.CustomFieldOnly);
        }
 protected EducationSecurityPrincipal CreateUserWithNoRoles()
 {
     EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User
     {
         UserKey = "whatever"
     });
     return user;
 }
 public abstract void GrantAccess(EducationSecurityPrincipal user);
 protected EducationSecurityPrincipal CreateUserWithUnknownRole()
 {
     EducationSecurityPrincipal user = new EducationSecurityPrincipal(new User
     {
         UserKey = "whatever",
         UserRoles = new List<UserRole>
         {
             new UserRole
             {
                 Role = new Role
                 {
                     Name = "Unknown"
                 }
             }
         }
     });
     return user;
 }
 protected bool IsDataAdmin(EducationSecurityPrincipal user)
 {
     return user.IsInRole(SecurityRoles.DataAdmin);
 }
 protected bool IsApprovedProviderAssociatedToStudentOfferings(EducationSecurityPrincipal user, Student student)
 {
     return (IsProviderAssociatedToStudentOfferings(user, student) &&
         user.Identity.User.UserRoles.SelectMany(u => u.Providers).Intersect(student.ApprovedProviders).Any());
 }
 protected bool IsProvider(EducationSecurityPrincipal user)
 {
     return user.IsInRole(SecurityRoles.Provider);
 }
 protected bool IsProviderAssociatedToOffering(EducationSecurityPrincipal user, ServiceOffering offering)
 {
     return IsProvider(user) && user.Identity.User.UserRoles.SelectMany(u => u.Providers).Contains(offering.Provider);
 }
 protected bool IsProviderAssociatedToStudentOfferings(EducationSecurityPrincipal user, Student student)
 {
     return IsProvider(user) &&
         user.Identity.User.UserRoles.SelectMany(u => u.Providers).Intersect(student.StudentAssignedOfferings.Where(s => s.IsActive).Select(s => s.ServiceOffering.Provider)).Any();
 }
 protected bool IsSiteCoordinator(EducationSecurityPrincipal user)
 {
     return user.IsInRole(SecurityRoles.SiteCoordinator);
 }
 protected bool IsSiteCoordinatorAssociatedToSchools(EducationSecurityPrincipal user, IEnumerable<School> schools)
 {
     return IsSiteCoordinator(user) && schools.All(s => user.Identity.User.UserRoles.SelectMany(u => u.Schools).Contains(s));
 }