private async Task <bool> IsUserReadAuthorized(SofaLicense license, long userId)
{
// Self or dependent
if ((license.Sponsor != null && license.Sponsor.DodId == userId) || license.DodId == userId)
{
return(true);
}
// Admin
var user = await _userRepo.Get(userId);
if (user.Account.AccountTypeId == (int)AccountTypes.Administrator)
{
return(true);
}
// CSS
if (user.Account.AccountTypeId == (int)AccountTypes.Css)
{
if (license.UnitId == user.UnitId)
{
return(true);
}
}
return(false);
}
public async Task DeleteLicense(SofaLicense license, long userId)
{
if (!(await IsUserWriteAuthorized(license, userId)))
{
throw new System.UnauthorizedAccessException("Unable to process request");
}
_licenseRepo.Delete(license);
await _licenseRepo.SaveAsync();
}
private async Task SetLicenseSponsorAsUser(SofaLicense license, long sponsorDodId)
{
var sponsorLicense = await _licenseRepo.GetFirstOrDefault(l => l.DodId == sponsorDodId);
//TODO Adding person to database would eliminate the need to add sponsor license first
if (sponsorLicense == null)
{
throw new System.ArgumentException("Please add sponsor license first", string.Empty);
}
if (sponsorLicense.Dependents?.Count >= 14)
{
throw new ApplicationException("Max number of licenses added");
}
license.SetSponsorId(sponsorLicense.Id);
}
public async Task <SofaLicense> UpdateLicense(SofaLicense sofaLicense, long userId, bool isLicenseAuthenticatedinDB = false)
{
if (!await IsUserWriteAuthorized(sofaLicense, userId, isLicenseAuthenticatedinDB))
{
throw new System.UnauthorizedAccessException("Unable to process update");
}
sofaLicense.SetLastEditedById(userId);
sofaLicense.SetDateUpdated();
if (!sofaLicense.IsValid())
{
throw new System.ArgumentException("Invalid License Data", string.Empty);
}
await _licenseRepo.SaveAsync();
return(sofaLicense);
}
private async Task <bool> IsUserWriteAuthorized(SofaLicense license, long userId, bool isLicenseAuthenticatedinDB = false)
{
// Admin
var user = await _userRepo.Get(userId);
if (user.Account.AccountTypeId == (int)AccountTypes.Administrator)
{
return(true);
}
// License is Admin Authenticated
if (isLicenseAuthenticatedinDB || license.IsAuthenticated)
{
return(false);
}
// Only Admins write remarks
license.SetRemarks(null); //TODO out of responsibility of method
// CSS
if (user.Account.AccountTypeId == (int)AccountTypes.Css)
{
if (license.UnitId == user.UnitId)
{
return(true);
}
}
// Self or Dependent
if ((license.Sponsor != null && license.Sponsor.DodId == userId) || license.DodId == userId)
{
return(true);
}
return(false);
}
public async Task <SofaLicense> SaveLicense(SofaLicense sofaLicense, long userId)
{
if ((await _licenseRepo.GetFirstOrDefault(l => l.DodId == sofaLicense.DodId)) != null)
{
throw new System.ArgumentException("DoD ID already exists in database", string.Empty);
}
sofaLicense.SetLastEditedById(userId);
var user = await _userRepo.Get(userId);
// Not Admin
if (user.Account.AccountTypeId != (int)AccountTypes.Administrator)
{
// User
if (user.Account.AccountTypeId == (int)AccountTypes.User)
{
if (userId != sofaLicense.DodId)
{
await SetLicenseSponsorAsUser(sofaLicense, userId);
}
else
{
sofaLicense.SetSponsorId(null);
}
}
// CSS
else if (user.Account.AccountTypeId == (int)AccountTypes.Css)
{
if (sofaLicense.UnitId != user.UnitId)
{
throw new ApplicationException("License must be from same unit as user");
}
}
sofaLicense.SetRemarks(null);
sofaLicense.SetIsAuthenticated(false);
sofaLicense.SetPermitNumber(GeneratePermitNumber());
}
// Admin
else
{
if (String.IsNullOrEmpty(sofaLicense.PermitNumber))
{
sofaLicense.SetPermitNumber(GeneratePermitNumber());
}
else
{
var indexOfDash = sofaLicense.PermitNumber.IndexOf("-");
int permitNumber;
Int32.TryParse(sofaLicense.PermitNumber.Substring(indexOfDash + 1), out permitNumber);
if (permitNumber == 0 || _licenseRepo.GetMaxPermitNumber() < permitNumber)
{
throw new System.ApplicationException("Invalid Permit Number");
}
if (await _licenseRepo.GetFirstOrDefault(l => String.Equals(l.PermitNumber, sofaLicense.PermitNumber)) != null)
{
throw new System.ArgumentException("Permit Number Already Exists", string.Empty);
}
}
}
if (!sofaLicense.IsValid())
{
throw new System.ArgumentException("Invalid License Data", string.Empty);
}
await _licenseRepo.Insert(sofaLicense);
await _licenseRepo.SaveAsync();
return(sofaLicense);
}
