private bool IsAuthorizedToModifyRoleAssignment(RoleAssignment roleAssignment)
{
var departmentId = DbContext.Roles
.Find(roleAssignment.RoleId)
.Name.GetLast(4);
if (HttpContext.Current.User.IsInRole("manage-all") ||
HttpContext.Current.User.IsInRole("manage-users-" + departmentId))
{
return true;
}
return false;
}
private bool IsAuthorizedToDeleteRoleAssignment(RoleAssignment roleAssignment)
{
if (IsAuthorizedToModifyRoleAssignment(roleAssignment))
{
return true;
}
return false;
}