public async Task <List <Project> > GetAllAsync(AuthenticatedUser currentUser)
{
var user = ModelsMapper.ConvertUserDatabaseModelToService(await userRepository.FindByIdAsync(currentUser.Id));
var dbProjects = await projectRepository.GetAllAsync();
return(dbProjects
.Where(x => user.ProjectAccesses.User.Contains(x.Id.ToString()))
.Select(ModelsMapper.ConvertProjectDbModelToServiceModel)
.ToList());
}
public async Task <User> GetByIdAsync(string id)
{
var dbUser = await userRepository.FindByIdAsync(id);
if (dbUser == null)
{
throw new EntityNotFoundException(nameof(User), id);
}
return(ModelsMapper.ConvertUserDatabaseModelToService(dbUser));
}
private async Task EnsureUserHasAccessAsync(AuthenticatedUser currentAuthenticatedUser, Guid projectId, AccessType accessType, string actionName)
{
var user = ModelsMapper.ConvertUserDatabaseModelToService(await userRepository.FindByIdAsync(currentAuthenticatedUser.Id));
switch (accessType)
{
case AccessType.User:
if (!user.ProjectAccesses.User.Contains(projectId.ToString()))
{
throw new ForbiddenException(actionName);
}
break;
case AccessType.Admin:
if (!user.ProjectAccesses.Admin.Contains(projectId.ToString()))
{
throw new ForbiddenException(actionName);
}
break;
}
}
