public bool HasPermission(int userId, DataAccessLayer.Enums.PermissionsEnum permission)
{
UserRole userRoles = _dbContext.UserRoles
.Where(o => o.UserId == userId)
.Include(o => o.Role.RolePermissions)
.FirstOrDefault();
if (userRoles != null)
{
if (userRoles.Role.RolePermissions
.Where(rolePermission => rolePermission.PermissionID == permission)
.Any())
{
return(true);
}
}
return(false);
}
/// <summary>
/// Checks if a user is authorized to perform a action by checking if they have the permission needed
/// </summary>
/// <param name="user">User that must be checked if they are authorized</param>
/// <param name="checkIfAuthorized">check if user has this permission</param>
/// <returns>true if user has permission, false otherwise</returns>
public bool HasPermission(User user, DataAccessLayer.Enums.PermissionsEnum permission)
{
return(HasPermission(user.UserId, permission));
}
/// <summary>
/// GetPermission is a method in the RoleService class.
/// This enables us to retrieve a permission from the DB if necessary.
/// </summary>
/// <param name="role">The role we want to retrieve</param>
/// <returns></returns>
public Permission GetPermission(DataAccessLayer.Enums.PermissionsEnum permission)
{
return(_dbContext.Permissions.Find(permission));
}
