public CustomerAccountPolicy(CustomerAccountPolicyData data) : base(data) { var permissionBuilder = PermissionBuilderFactory.Get(this); View = permissionBuilder .For(x => x.View) .Assert((p, u) => p.View) .BuildAndSet(); Add = permissionBuilder .For(x => x.Add) .Assert((p, u) => p.Add) .BuildAndSet(); Update = permissionBuilder .For(x => x.Update) .Assert((p, u) => p.Update) .BuildAndSet(); Remove = permissionBuilder .For(x => x.Remove) .Assert((p, u) => p.Remove) .BuildAndSet(); ViewAccount = permissionBuilder .For(x => x.ViewAccount) .Assert((p, u, a) => u.Roles.Any(x => x == RolesEnum.GeneralManager) || (p.View && a.Balance <= p.ViewBalanceLimit) ) .BuildAndSet(); }
public CustomerPolicy(CustomerPolicyData data) : base(data) { var permissionBuilder = PermissionBuilderFactory.Get(this); View = permissionBuilder .For(x => x.View) .Assert((p, u) => p.View) .BuildAndSet(); Create = permissionBuilder .For(x => x.Create) .Assert((p, u) => p.Create) .BuildAndSet(); Update = permissionBuilder .For(x => x.Update) .Assert((p, u) => p.Update) .BuildAndSet(); Delete = permissionBuilder .For(x => x.Delete) .Assert((p, u) => p.Delete) .BuildAndSet(); ViewCustomer = permissionBuilder .For(x => x.ViewCustomer) .Assert((p, u, c) => u.Roles.Any(x => x == RolesEnum.GeneralManager) || (p.View && (p.ViewPersonnel || !c.IsPersonnel) && (p.ViewVip || !c.IsVip) && c.Accounts.Sum(x => x.Balance) <= p.ViewBalanceLimit) ) .BuildAndSet(); ViewRealName = permissionBuilder .For(x => x.ViewCustomer) .Assert((p, u, c) => u.Roles.Any(x => x == RolesEnum.GeneralManager) || (!c.IsVip && c.Accounts.Sum(x => x.Balance) <= p.ViewBalanceLimit) ) .WithMessageBuilder((p, u, c) => $"Cannot view real name of VIP customer {c.Id}") .BuildAndSet(); }