public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType)
        {
            Person approver = _personRepo.GetOne(context.PersonId);

            if (approver == null)
            {
                throw new UnauthorizedAccessException("Approver not found");
            }


            //check if person has authority to approve/reject
            OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value);

            if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value)
            {
                accessRequest.IsAccessRequested = false;
                _accessRequestRepo.Update(accessRequest);

                if (approvalActionType == ApprovalDecisionType.Approve)
                {
                    _organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value);
                }
            }
            else
            {
                throw new UnauthorizedOperationException("User is not an administrator of this organization", EntityOperationType.Update);
            }
        }
Exemplo n.º 2
0
        public void ApproveAccessRequest(AccessRequest accessRequest, UserSecurityContext context, ApprovalDecisionType approvalActionType)
        {
            Person approver = _personRepo.GetOne(context.PersonId);

            if (approver == null)
            {
                throw new UnauthorizedAccessException("Approver not found");
            }


            // Check if Person has Authority to Approve/Reject
            OrganizationMember approverMembership = _organzationMemberRepo.GetMember(approver.Id.Value, accessRequest.OrganizationId.Value);

            if (approverMembership != null && approverMembership.IsAdministrator.HasValue && approverMembership.IsAdministrator.Value)
            {
                accessRequest.IsAccessRequested = false;
                _accessRequestRepo.Update(accessRequest);

                //TODO - Disabling as dbcontext is tracking the same ID, need to fix this.
                //_accessRequestRepo.SoftDelete(accessRequest.Id.Value);

                if (approvalActionType == ApprovalDecisionType.Approve)
                {
                    _organzationMemberRepo.Approve(accessRequest.PersonId.Value, accessRequest.OrganizationId.Value, approver.Id.Value);
                }
            }
            else
            {
                throw new UnauthorizedAccessException("User is not an Administrator of this Organization");
            }
        }