public async Task <bool> ProviderReservationAccessAllowed(uint ukPrn, GetReservationResponse reservation)
{
if (reservation == null || reservation.ProviderId == default(uint))
{
throw new ArgumentException("GetReservationResponse is null", nameof(reservation));
}
if (ukPrn == default(uint))
{
throw new ArgumentException("ukPrn is not set", nameof(ukPrn));
}
if (ukPrn != reservation.ProviderId)
{
return(false);
}
var trustedList = await _providerPermissionsService.GetTrustedEmployers(ukPrn);
if (trustedList.All(e => e.AccountLegalEntityId != reservation.AccountLegalEntityId))
{
throw new UnauthorizedAccessException();
}
return(true);
}
public async Task <GetTrustedEmployersResponse> Handle(GetTrustedEmployersQuery request, CancellationToken cancellationToken)
{
var validationResult = await _validator.ValidateAsync(request);
if (!validationResult.IsValid())
{
throw new ValidationException(validationResult.ConvertToDataAnnotationsValidationResult(), null, null);
}
var trustedEmployers = await _providerPermissionsService.GetTrustedEmployers(request.UkPrn);
return(new GetTrustedEmployersResponse
{
Employers = trustedEmployers
});
}
public async Task <ValidationResult> ValidateAsync(SearchReservationsQuery query)
{
var validationResult = new ValidationResult();
if (query.ProviderId == 0)
{
validationResult.AddError(nameof(query.ProviderId));
return(validationResult);
}
var result = await _providerPermissionsService.GetTrustedEmployers(query.ProviderId);
if (result == null || !result.Any())
{
validationResult.FailedAuthorisationValidation = true;
}
return(validationResult);
}
