public PermissionCheckResult HasPermission(Person person, Person contextModelObject)
{
var hasContactManagePermissions = new ContactManageFeature().HasPermissionByPerson(person);
var hasAdminPermissions = new FirmaAdminFeature().HasPermissionByPerson(person);
if (contextModelObject.PersonID == person.PersonID)
{
return(PermissionCheckResult.MakeSuccessPermissionCheckResult());
}
if (!person.IsFullUser())
{
if (hasContactManagePermissions)
{
return(PermissionCheckResult.MakeSuccessPermissionCheckResult());
}
}
else
{
if (hasAdminPermissions)
{
return(PermissionCheckResult.MakeSuccessPermissionCheckResult());
}
}
return(PermissionCheckResult.MakeFailurePermissionCheckResult($"You do not have permission to edit {contextModelObject.FullNameFirstLast}"));
}
public PermissionCheckResult HasPermission(FirmaSession firmaSession, Organization contextModelObject)
{
var hasPermissionByPerson = HasPermissionByFirmaSession(firmaSession);
if (!hasPermissionByPerson)
{
return(new PermissionCheckResult($"You don't have permission to Edit {FieldDefinitionEnum.Organization.ToType().GetFieldDefinitionLabel()} {contextModelObject.GetDisplayName()}"));
}
var organizationIsEditableByUser = new FirmaAdminFeature().HasPermission(firmaSession).HasPermission || contextModelObject.PrimaryContactPerson != null && firmaSession.PersonID == contextModelObject.PrimaryContactPerson.PersonID;
if (!organizationIsEditableByUser)
{
return(new PermissionCheckResult($"{FieldDefinitionEnum.Organization.ToType().GetFieldDefinitionLabel()} {contextModelObject.OrganizationID} is not editable by you."));
}
return(new PermissionCheckResult());
}
