public async Task EnsureUserCanAccessGroupAsync(NaheulbookExecutionContext executionContext, int groupId)
{
using (var uow = _unitOfWorkFactory.CreateUnitOfWork())
{
var group = await uow.Groups.GetGroupsWithCharactersAsync(groupId);
if (group == null)
{
throw new GroupNotFoundException(groupId);
}
_authorizationUtil.EnsureIsGroupOwnerOrMember(executionContext, group);
}
}
public async Task EnsureUserCanAccessMonsterAsync(NaheulbookExecutionContext executionContext, int monsterId)
{
using (var uow = _unitOfWorkFactory.CreateUnitOfWork())
{
var monster = await uow.Monsters.GetAsync(monsterId);
if (monster == null)
{
throw new MonsterNotFoundException(monsterId);
}
var group = await uow.Groups.GetGroupsWithCharactersAsync(monster.GroupId);
if (group == null)
{
throw new GroupNotFoundException(monster.GroupId);
}
// FIXME: Should be only groupOwner if monster is not in a loot
_authorizationUtil.EnsureIsGroupOwnerOrMember(executionContext, group);
}
}
