// confirms write access to data related to the user id contained in the session
public bool ConfirmWriteAccess(UserSession session)
{
if (session == null || session.Authenticated() == false) return false;
// returns false if user could not be authenticated based on the input
using (var db = new SmartPoolContext())
{
// queries the database for users matching input session
var userQuery = from users in db.Users
where
users.UserId == session.Identity().AuthenticatedId &&
users.Password == session.Identity().Password
select users.UserId;
// returns true if the input was matched by the query
return userQuery.Any();
}
}
// confirms read access to data related to the user id contained in the session
public bool ConfirmReadAccess(UserSession session)
{
return session.Authenticated();
}