internal static PermissionLevel GetPermissionLevel(IEnumerable <User> owners, User currentUser) { if (currentUser == null) { return(PermissionLevel.Anonymous); } return(GetPermissionLevel( owners, currentUser.IsAdministrator(), u => currentUser.MatchesUser(u))); }
private static bool HasPermission(IEnumerable <User> owners, User currentUser, PermissionLevel actionPermissionLevel) { if (currentUser == null) { return(PermissionLevelsIntersect(PermissionLevel.Anonymous, actionPermissionLevel)); } return(HasPermission( owners, currentUser.IsAdministrator(), u => currentUser.MatchesUser(u), actionPermissionLevel)); }
/// <summary> /// Is <paramref name="currentPrincipal"/> allowed to perform an action with a requirement of <paramref name="permissionsRequirement"/> on the entity owned by <paramref name="entityOwners"/>? /// </summary> public static bool IsRequirementSatisfied(PermissionsRequirement permissionsRequirement, User currentUser, ICollection <User> entityOwners) { if (currentUser == null) { /// If the current user is logged out, only <see cref="PermissionsRequirement.None"/> is satisfied. return(WouldSatisfy(PermissionsRequirement.None, permissionsRequirement)); } return(IsRequirementSatisfied( permissionsRequirement, currentUser.IsAdministrator(), u => currentUser.MatchesUser(u), entityOwners)); }
public virtual ActionResult ConfirmOwner(string id, string username, string token) { if (String.IsNullOrEmpty(token)) { return(HttpNotFound()); } var package = _packageService.FindPackageRegistrationById(id); if (package == null) { return(HttpNotFound()); } ConfirmOwnershipResult result; if (User.IsAdministrator()) { result = ConfirmOwnershipResult.AlreadyOwner; } else { var user = _userService.FindByUsername(username); if (user == null) { return(HttpNotFound()); } if (!String.Equals(user.Username, User.Identity.Name, StringComparison.OrdinalIgnoreCase)) { return(new HttpStatusCodeResult(403)); } result = _packageService.ConfirmPackageOwner(package, user, token); } var model = new PackageOwnerConfirmationModel { Result = result, PackageId = package.Id }; return(View(model)); }
public ManagePackageOwnersViewModel(Package package, User currentUser) : base(package, currentUser) { IsCurrentUserAnAdmin = currentUser.IsAdministrator(); }