public static async Task CheckAuthorisationAsync(UserService userService, ItemDataModel itemDataModel, string userId) { var siteId = itemDataModel.SiteId; var roles = new List <SiteUserRole>(); if (itemDataModel.State == ItemState.Draft) { roles.Add(SiteUserRole.Administrator); } else if (NewsItemBusinessModule.IsPrivate(itemDataModel.PropertyName)) { roles.Add(SiteUserRole.PrivateUser); } var nbRole = roles.Count; if (nbRole > 0 && string.IsNullOrEmpty(userId)) { throw new NotAuthentifiedException(); } if (nbRole > 0) { var canGetData = await UserSecurity.HasRolesAsync(userService, userId, siteId, true, roles.ToArray()); if (!canGetData) { throw new NotAuthentifiedException(); } } }