protected bool IsRequestValid(ConnectionSessionId sessionId,
Guid?userId = null,
Guid?accessedMedPracticeId = null)
{
if (!SessionRepository.DoesSessionExist(sessionId))
{
const string errorMsg = "the session-ID is invalid";
Socket.SendNetworkMsg(new ErrorResponse(errorMsg));
return(false);
}
if (userId.HasValue)
{
var sessionInfo = SessionRepository.GetSessionInfo(sessionId);
if (sessionInfo.LoggedInUser.Id != userId.Value)
{
const string errorMsg = "the user is not logged in";
Socket.SendNetworkMsg(new ErrorResponse(errorMsg));
return(false);
}
if (accessedMedPracticeId.HasValue)
{
if (!sessionInfo.LoggedInUser.ListOfAccessableMedicalPractices.Contains(accessedMedPracticeId.Value))
{
const string errorMsg = "the user has not the right to access this medical Practice";
Socket.SendNetworkMsg(new ErrorResponse(errorMsg));
return(false);
}
}
}
return(true);
}
