public override void OnActionExecuting(ActionExecutingContext context) { var currentUser = _currentUserProvider.GetCurrentUser(); if (!AuthorizationRules.CanUpdateProviderType(currentUser)) { throw new NotAuthorizedException(); } }
public async Task <ViewModel> Handle(Query request, CancellationToken cancellationToken) { var cosmosProvider = await _cosmosDbQueryDispatcher.ExecuteQuery(new CosmosQueries.GetProviderById() { ProviderId = request.ProviderId }); var sqlProvider = await _sqlQueryDispatcher.ExecuteQuery(new SqlQueries.GetProviderById() { ProviderId = request.ProviderId }); if (cosmosProvider == null) { throw new ResourceDoesNotExistException(ResourceType.Provider, request.ProviderId); } var currentUser = _currentUserProvider.GetCurrentUser(); var providerTLevelDefinitions = cosmosProvider.ProviderType.HasFlag(ProviderType.TLevels) ? await _sqlQueryDispatcher.ExecuteQuery(new SqlQueries.GetTLevelDefinitionsForProvider { ProviderId = request.ProviderId }) : Enumerable.Empty <SqlModels.TLevelDefinition>(); return(new ViewModel() { ProviderId = request.ProviderId, ProviderName = cosmosProvider.ProviderName, CourseDirectoryStatus = cosmosProvider.ProviderStatus, Ukprn = cosmosProvider.Ukprn, TradingName = cosmosProvider.Alias, DisplayName = sqlProvider.DisplayName, CanChangeDisplayName = sqlProvider.HaveAlias && AuthorizationRules.CanUpdateProviderDisplayName(currentUser), ProviderType = cosmosProvider.ProviderType, CanChangeProviderType = AuthorizationRules.CanUpdateProviderType(currentUser), MarketingInformation = cosmosProvider.MarketingInformation != null? Html.SanitizeHtml(cosmosProvider.MarketingInformation) : null, ShowMarketingInformation = cosmosProvider.ProviderType.HasFlag(ProviderType.Apprenticeships), CanUpdateMarketingInformation = AuthorizationRules.CanUpdateProviderMarketingInformation(currentUser), ProviderTLevelDefinitions = providerTLevelDefinitions.Select(d => new TLevelDefinitionViewModel { TLevelDefinitionId = d.TLevelDefinitionId, Name = d.Name }) }); }