public PermissionCheckResult HasPermission(Person person, Project contextModelObject) { var possiblePermissionDeniedMessage = $"{Models.FieldDefinition.Project.GetFieldDefinitionLabel()} {contextModelObject.DisplayName} is not deletable by you"; if (new ProjectDeleteFeature().HasPermission(person, contextModelObject).HasPermission) { return(PermissionCheckResult.MakeSuccessPermissionCheckResult()); } bool userHasPermission = contextModelObject.IsMyProject(person) && (contextModelObject.ProjectApprovalStatus == ProjectApprovalStatus.Draft || contextModelObject.ProjectApprovalStatus == ProjectApprovalStatus.Rejected); return(PermissionCheckResult.MakeConditionalPermissionCheckResult(userHasPermission, possiblePermissionDeniedMessage)); }
public PermissionCheckResult HasPermission(Person person, Project contextModelObject) { if (contextModelObject.IsProposal()) { return(PermissionCheckResult.MakeFailurePermissionCheckResult($"{FieldDefinition.Application.GetFieldDefinitionLabelPluralized()} cannot be updated through the {Models.FieldDefinition.Project.GetFieldDefinitionLabel()} Update process.")); } var forbidAdmin = !HasPermissionByPerson(person) || person.HasRole(Role.ProjectSteward) && !person.CanStewardProject(contextModelObject); string possiblePermissionDeniedMessage = $"You don't have permission to make Administrative actions on {FieldDefinition.Project.GetFieldDefinitionLabel()} {contextModelObject.DisplayName}"; return(PermissionCheckResult.MakeConditionalPermissionCheckResult(!forbidAdmin, possiblePermissionDeniedMessage)); }