public static T GetFilterOptionsByGroup <T>(GroupsRepo groupsRepo, IPrincipal User, string courseId, List <string> groupsIds, bool allowSeeGroupForAnyMember = false) where T : AbstractFilterOptionByCourseAndUsers, new() { var result = new T { CourseId = courseId }; /* if groupsIds contains "all" (it should be exclusive), get all users. Available only for course admins */ if (groupsIds.Contains("all") && User.HasAccessFor(courseId, CourseRole.CourseAdmin)) { return(result); } /* if groupsIds contains "not-group" (it should be exclusive), get all users not in any groups, available only for course admins */ if (groupsIds.Contains("not-in-group") && User.HasAccessFor(courseId, CourseRole.CourseAdmin)) { var usersInGroups = groupsRepo.GetUsersIdsForAllGroups(courseId); result.UserIds = usersInGroups.ToList(); result.IsUserIdsSupplement = true; return(result); } result.UserIds = new List <string>(); /* if groupsIds is empty, get members of all groups user has access to. Available for instructors */ if ((groupsIds.Count == 0 || groupsIds.Any(string.IsNullOrEmpty)) && User.HasAccessFor(courseId, CourseRole.Instructor)) { var accessibleGroupsIds = groupsRepo.GetMyGroupsFilterAccessibleToUser(courseId, User).Select(g => g.Id).ToList(); var groupUsersIdsQuery = groupsRepo.GetGroupsMembersAsUserIds(accessibleGroupsIds); result.UserIds = groupUsersIdsQuery.ToList(); return(result); } var usersIds = new HashSet <string>(); var groupsIdsInts = groupsIds.Select(s => int.TryParse(s, out var i) ? i : (int?)null).Where(i => i.HasValue).Select(i => i.Value).ToList(); var group2GroupMembersIds = groupsRepo.GetGroupsMembersAsGroupsIdsAndUserIds(groupsIdsInts) .GroupBy(u => u.GroupId) .ToDictionary(g => g.Key, g => g.Select(p => p.UserId).ToList()); foreach (var groupIdInt in groupsIdsInts) { if (!group2GroupMembersIds.ContainsKey(groupIdInt)) { continue; } var hasAccessToGroup = groupsRepo.IsGroupAvailableForUser(groupIdInt, User); if (allowSeeGroupForAnyMember) { hasAccessToGroup |= group2GroupMembersIds[groupIdInt].Contains(User.Identity.GetUserId()); } if (hasAccessToGroup) { usersIds.AddAll(group2GroupMembersIds[groupIdInt]); } } result.UserIds = usersIds.ToList(); return(result); }
public async Task <Comment> AddComment(IPrincipal author, string courseId, Guid slideId, int parentCommentId, bool isForInstructorsOnly, string commentText) { var commentsPolicy = GetCommentsPolicy(courseId); var isInstructor = author.HasAccessFor(courseId, CourseRole.Instructor); var isApproved = commentsPolicy.ModerationPolicy == CommentModerationPolicy.Postmoderation || isInstructor; /* Instructors' replies are automaticly correct */ var isReply = parentCommentId != -1; var isCorrectAnswer = isReply && isInstructor && !isForInstructorsOnly; var comment = db.Comments.Create(); comment.AuthorId = author.Identity.GetUserId(); comment.CourseId = courseId; comment.SlideId = slideId; comment.ParentCommentId = parentCommentId; comment.Text = commentText; comment.IsApproved = isApproved; comment.IsCorrectAnswer = isCorrectAnswer; comment.IsForInstructorsOnly = isForInstructorsOnly; comment.PublishTime = DateTime.Now; db.Comments.Add(comment); await db.SaveChangesAsync(); return(db.Comments.Find(comment.Id)); }
public bool CanUserSeeAllCourseGroups(IPrincipal user, string courseId) { return(user.HasAccessFor(courseId, CourseRole.CourseAdmin) /* * // TODO (andgein): support this feathure in Database.Core || user.HasSystemAccess(SystemAccessType.ViewAllGroupMembers) || user.HasCourseAccess(courseId, CourseAccessType.ViewAllGroupMembers) */); }
public List<string> GetVisibleUnits(string courseId, IPrincipal user) { var canSeeEverything = user.HasAccessFor(courseId, CourseRole.Tester); if (canSeeEverything) return courseManager.GetCourse(courseId).Slides.Select(s => s.Info.UnitName).Distinct().ToList(); return db.Units.Where(u => u.CourseId == courseId && u.PublishTime <= DateTime.Now).Select(u => u.UnitName).ToList(); }
public IEnumerable <Guid> GetVisibleUnitIds(Course course, IPrincipal user) { var canSeeEverything = user.HasAccessFor(course.Id, CourseRole.Tester); if (canSeeEverything) { return(course.GetUnitsNotSafe().Select(u => u.Id)); } return(GetVisibleUnitIds(course)); }
public List <string> GetVisibleUnits(string courseId, IPrincipal user) { var canSeeEverything = user.HasAccessFor(courseId, CourseRole.Tester); if (canSeeEverything) { return(courseManager.GetCourse(courseId).Slides.Select(s => s.Info.UnitName).Distinct().ToList()); } return(db.Units.Where(u => u.CourseId == courseId && u.PublishTime <= DateTime.Now).Select(u => u.UnitName).ToList()); }
public List <Group> GetAvailableForUserGroups(string courseId, IPrincipal user, bool includeArchived = false) { if (!user.HasAccessFor(courseId, CourseRole.Instructor)) { return(new List <Group>()); } return(GetAvailableForUserGroups(new List <string> { courseId }, user, includeArchived)); }
private bool CanModerateComments(IPrincipal user, string courseId) { if (!user.Identity.IsAuthenticated) { return(false); } var hasCourseAccessForCommentEditing = coursesRepo.HasCourseAccess(user.Identity.GetUserId(), courseId, CourseAccessType.EditPinAndRemoveComments); return(user.HasAccessFor(courseId, CourseRole.CourseAdmin) || hasCourseAccessForCommentEditing); }
public bool CanRevokeAccess(int groupId, string userId, IPrincipal revokedBy) { var revokedById = revokedBy.Identity.GetUserId(); var group = FindGroupById(groupId); if (group.OwnerId == revokedById || revokedBy.HasAccessFor(group.CourseId, CourseRole.CourseAdmin)) { return(true); } return(db.GroupAccesses.Any(a => a.GroupId == groupId && a.UserId == userId && a.GrantedById == revokedById && a.IsEnabled)); }
private bool CanAddCommentNow(IPrincipal user, string courseId) { // Instructors have unlimited comments if (user.HasAccessFor(courseId, CourseRole.Instructor)) { return(true); } var commentsPolicy = commentsRepo.GetCommentsPolicy(courseId); return(!commentsRepo.IsUserAddedMaxCommentsInLastTime(user.Identity.GetUserId(), commentsPolicy.MaxCommentsCountInLastTime, commentsPolicy.LastTimeForMaxCommentsLimit)); }
public List <Unit> GetVisibleUnits(Course course, IPrincipal user) { var canSeeEverything = user.HasAccessFor(course.Id, CourseRole.Tester); if (canSeeEverything) { return(course.Units); } var visibleUnitsIds = new HashSet <Guid>(db.UnitAppearances .Where(u => u.CourseId == course.Id && u.PublishTime <= DateTime.Now) .Select(u => u.UnitId)); return(course.Units.Where(u => visibleUnitsIds.Contains(u.Id)).ToList()); }
private bool CanAddCommentHere(IPrincipal user, string courseId, bool isReply) { if (!User.Identity.IsAuthenticated) return false; var commentsPolicy = commentsRepo.GetCommentsPolicy(courseId); var isInstructor = user.HasAccessFor(courseId, CourseRole.Instructor); if (!isInstructor && !commentsPolicy.IsCommentsEnabled) return false; if (isReply && !isInstructor && commentsPolicy.OnlyInstructorsCanReply) return false; return true; }
public List <NotificationType> GetNotificationTypes(IPrincipal user, string courseId) { var notificationTypes = GetAllNotificationTypes(); notificationTypes = notificationTypes .Where(t => user.HasAccessFor(courseId, t.GetMinCourseRole()) || t.GetMinCourseRole() == CourseRole.Student) .OrderByDescending(t => t.GetMinCourseRole()) .ThenBy(t => (int)t) .ToList(); if (!user.IsSystemAdministrator()) { notificationTypes = notificationTypes.Where(t => !t.IsForSysAdminsOnly()).ToList(); } return(notificationTypes); }
public bool IsGroupAvailableForUser(int groupId, IPrincipal user) { var group = FindGroupById(groupId); /* Course admins can see all groups */ if (CanUserSeeAllCourseGroups(user, group.CourseId)) { return(true); } if (!user.HasAccessFor(group.CourseId, CourseRole.Instructor)) { return(false); } var userId = user.Identity.GetUserId(); return(!group.IsDeleted && (group.OwnerId == userId || group.IsPublic)); }
private bool CanAddCommentHere(IPrincipal user, string courseId, bool isReply) { if (!User.Identity.IsAuthenticated) { return(false); } var commentsPolicy = commentsRepo.GetCommentsPolicy(courseId); var isInstructor = user.HasAccessFor(courseId, CourseRole.Instructor); if (!isInstructor && !commentsPolicy.IsCommentsEnabled) { return(false); } if (isReply && !isInstructor && commentsPolicy.OnlyInstructorsCanReply) { return(false); } return(true); }
public bool IsGroupAvailableForUser(int groupId, IPrincipal user) { var group = FindGroupById(groupId); if (group == null) { return(false); } /* Course admins can see all groups */ if (CanUserSeeAllCourseGroups(user, group.CourseId)) { return(true); } if (!user.HasAccessFor(group.CourseId, CourseRole.Instructor)) { return(false); } var userId = user.Identity.GetUserId(); var hasAccess = db.GroupAccesses.Any(a => a.UserId == userId && a.GroupId == groupId && a.IsEnabled); return(!group.IsDeleted && (group.OwnerId == userId || hasAccess)); }
public async Task<Comment> AddComment(IPrincipal author, string courseId, Guid slideId, int parentCommentId, string commentText) { var commentsPolicy = GetCommentsPolicy(courseId); var isInstructor = author.HasAccessFor(courseId, CourseRole.Instructor); var isApproved = commentsPolicy.ModerationPolicy == CommentModerationPolicy.Postmoderation || isInstructor; /* Instructors' replies are automaticly correct */ var isReply = parentCommentId != -1; var isCorrectAnswer = isReply && isInstructor; var comment = db.Comments.Create(); comment.AuthorId = author.Identity.GetUserId(); comment.CourseId = courseId; comment.SlideId = slideId; comment.ParentCommentId = parentCommentId; comment.Text = commentText; comment.IsApproved = isApproved; comment.IsCorrectAnswer = isCorrectAnswer; comment.PublishTime = DateTime.Now; db.Comments.Add(comment); await db.SaveChangesAsync(); return db.Comments.Find(comment.Id); }
private bool CanEditAndDeleteComment(IPrincipal user, Comment comment) { return user.HasAccessFor(comment.CourseId, CourseRole.Instructor) || user.Identity.GetUserId() == comment.AuthorId; }
public bool CanUserSeeAllCourseGroups(IPrincipal user, string courseId) { return(user.HasAccessFor(courseId, CourseRole.CourseAdmin)); }
public bool CanUserSeeAllCourseGroups(IPrincipal user, string courseId) { return user.HasAccessFor(courseId, CourseRole.CourseAdmin); }
public static T GetFilterOptionsByGroup <T>(GroupsRepo groupsRepo, IPrincipal User, string courseId, List <string> groupsIds, bool allowSeeGroupForAnyMember = false) where T : AbstractFilterOptionByCourseAndUsers, new() { var result = new T { CourseId = courseId }; /* if groupsIds contains "all" (it should be exclusive), get all users. Available only for instructors */ if (groupsIds.Contains("all") && User.HasAccessFor(courseId, CourseRole.Instructor)) { return(result); } /* if groupsIds contains "not-group" (it should be exclusive), get all users not in any groups, available only for course admins */ if (groupsIds.Contains("not-in-group") && User.HasAccessFor(courseId, CourseRole.CourseAdmin)) { var usersInGroups = groupsRepo.GetUsersIdsForAllGroups(courseId); result.UsersIds = usersInGroups.ToList(); result.IsUserIdsSupplement = true; return(result); } result.UsersIds = new List <string>(); var usersIds = new HashSet <string>(); /* if groupsIds is empty, get members of all own groups. Available for instructors */ if ((groupsIds.Count == 0 || groupsIds.Any(string.IsNullOrEmpty)) && User.HasAccessFor(courseId, CourseRole.Instructor)) { var ownGroupsIds = groupsRepo.GetGroupsOwnedByUser(courseId, User).Select(g => g.Id).ToList(); foreach (var ownGroupId in ownGroupsIds) { var groupUsersIds = groupsRepo.GetGroupMembers(ownGroupId).Select(u => u.Id); usersIds.AddAll(groupUsersIds); } result.UsersIds = usersIds.ToList(); return(result); } foreach (var groupId in groupsIds) { int groupIdInt; if (int.TryParse(groupId, out groupIdInt)) { var group = groupsRepo.FindGroupById(groupIdInt); if (group != null) { var groupMembersIds = groupsRepo.GetGroupMembers(group.Id).Select(u => u.Id).ToList(); var hasAccessToGroup = groupsRepo.IsGroupAvailableForUser(group.Id, User); if (allowSeeGroupForAnyMember) { hasAccessToGroup |= groupMembersIds.Contains(User.Identity.GetUserId()); } if (hasAccessToGroup) { usersIds.AddAll(groupMembersIds); } } } } result.UsersIds = usersIds.ToList(); return(result); }
private bool CanViewAndAddCommentsForInstructorsOnly(IPrincipal user, string courseId) { return(user.HasAccessFor(courseId, CourseRole.Instructor)); }
private bool CanAddCommentNow(IPrincipal user, string courseId) { // Instructors have unlimited comments if (user.HasAccessFor(courseId, CourseRole.Instructor)) return true; var commentsPolicy = commentsRepo.GetCommentsPolicy(courseId); return ! commentsRepo.IsUserAddedMaxCommentsInLastTime(user.Identity.GetUserId(), commentsPolicy.MaxCommentsCountInLastTime, commentsPolicy.LastTimeForMaxCommentsLimit); }
public bool CanUserSeeAllCourseGroups(IPrincipal user, string courseId) { return(user.HasAccessFor(courseId, CourseRole.CourseAdmin) || user.HasSystemAccess(SystemAccessType.ViewAllGroupMembers) || user.HasCourseAccess(courseId, CourseAccessType.ViewAllGroupMembers)); }
private bool CanEditAndDeleteComment(IPrincipal user, Comment comment) { return(user.HasAccessFor(comment.CourseId, CourseRole.Instructor) || user.Identity.GetUserId() == comment.AuthorId); }
public List<Group> GetAvailableForUserGroups(string courseId, IPrincipal user) { if (!user.HasAccessFor(courseId, CourseRole.Instructor)) return new List<Group>(); IEnumerable<Group> groups; var userId = user.Identity.GetUserId(); /* Course admins can see all groups */ if (CanUserSeeAllCourseGroups(user, courseId)) groups = GetGroups(courseId); else /* Other instructor can see only public or own groups */ groups = db.Groups.Where(g => g.CourseId == courseId && !g.IsDeleted && (g.OwnerId == userId || g.IsPublic)); return groups .OrderBy(g => g.OwnerId != userId) .ThenBy(g => g.Name) .ToList(); }
public bool CanRevokeAccess(string courseId, string userId, IPrincipal revokedBy) { return(revokedBy.HasAccessFor(courseId, CourseRole.CourseAdmin)); }
public bool IsGroupAvailableForUser(int groupId, IPrincipal user) { var group = FindGroupById(groupId); /* Course admins can see all groups */ if (CanUserSeeAllCourseGroups(user, group.CourseId)) return true; if (!user.HasAccessFor(group.CourseId, CourseRole.Instructor)) return false; var userId = user.Identity.GetUserId(); return !group.IsDeleted && (group.OwnerId == userId || group.IsPublic); }