protected bool IsRequestValid(ConnectionSessionId sessionId, Guid?userId = null, Guid?accessedMedPracticeId = null) { if (!SessionRepository.DoesSessionExist(sessionId)) { const string errorMsg = "the session-ID is invalid"; Socket.SendNetworkMsg(new ErrorResponse(errorMsg)); return(false); } if (userId.HasValue) { var sessionInfo = SessionRepository.GetSessionInfo(sessionId); if (sessionInfo.LoggedInUser.Id != userId.Value) { const string errorMsg = "the user is not logged in"; Socket.SendNetworkMsg(new ErrorResponse(errorMsg)); return(false); } if (accessedMedPracticeId.HasValue) { if (!sessionInfo.LoggedInUser.ListOfAccessableMedicalPractices.Contains(accessedMedPracticeId.Value)) { const string errorMsg = "the user has not the right to access this medical Practice"; Socket.SendNetworkMsg(new ErrorResponse(errorMsg)); return(false); } } } return(true); }