public static void CanDoSomething(this AppUserRole role, Item item, string userId) { // User must be owner or master or to be assigned to this task to update it. if (!(role.IsScrumMasterOrOwner() || item.AssignedUserId == userId || item.AssignedUserId == null)) { throw new ForbiddenResponseException("Sorry, you can edit only items which are asssigned by you!"); } }
public static void CreateItemAccessValidation(this AppUserRole userRole, Item item, string userId) { //Check if user is master or owner -> he can create everything. if (userRole.IsScrumMasterOrOwner()) { return; } // Check if Developer can create item if (userRole.CanCreateItem(item, userId)) { return; } throw new ForbiddenResponseException("You dont have access to create items!"); }
public static void CheckCorrectAssigning(this AppUserRole userRole, Item existingItem, Item newItem, string userId) { // if assigning not changed -> OK if (existingItem.AssignedUserId == newItem.AssignedUserId) { return; } // if user master or owner -> OK if (userRole.IsScrumMasterOrOwner()) { return; } // check if developer can assign item if (userRole.DevAssignOperations(existingItem, newItem, userId)) { return; } throw new ForbiddenResponseException("You dont have access to change assigning. Please, call your scrum-master or owner."); }
public static void CheckCorrectStatuses(this AppUserRole userRole, Item existingItem, Item newItem, string userId) { // if status not changed -> OK if (existingItem.StatusId == newItem.StatusId) { return; } // if user master or owner -> OK if (userRole.IsScrumMasterOrOwner()) { return; } // check if developer can change status if (DevMoveItemOperations(existingItem, newItem, userId)) { return; } throw new ForbiddenResponseException("You dont have access to change item status. Please, call your scrum-master or owner."); }
public static bool CanDeleteComment(this AppUserRole role, Comment comment, string userId) { // User can delete only comment which are written by himself return(role.IsScrumMasterOrOwner() || (role.IsDeveloper() && comment.UserId == userId)); }