jessikitty/Disco
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Permissions & Authorization for Users #24

Browse Source 
Initial Release; Includes Database and MVC refactoring
This commit is contained in:
Gary Sharp
2013-10-10 19:13:16 +11:00
parent 172ce5524a
commit a099d68915
458 changed files with 40221 additions and 12130 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Disco.BI/BI/Extensions/AttachmentActionExtensions.cs
+35 -12
View File
@@ -4,6 +4,8 @@ using System.Linq;
using System.Text;
using Disco.Models.Repository;
using Disco.Data.Repository;
using Disco.Services.Users;
using Disco.Services.Authorization;
namespace Disco.BI.Extensions
{
@@ -13,39 +15,60 @@ namespace Disco.BI.Extensions
#region Delete
public static bool CanDelete(this DeviceAttachment da)
{
return true; // Placeholder - Currently Can Always Delete;
if (UserService.CurrentAuthorization.Has(Claims.Device.Actions.RemoveAnyAttachments))
return true;
if (UserService.CurrentAuthorization.Has(Claims.Device.Actions.RemoveOwnAttachments)
&& da.TechUserId == UserService.CurrentUserId)
return true;
return false;
}
public static void OnDelete(this DeviceAttachment da, DiscoDataContext dbContext)
public static void OnDelete(this DeviceAttachment da, DiscoDataContext Database)
{
if (!da.CanDelete())
throw new InvalidOperationException("Deletion of Attachment is Denied");
da.RepositoryDelete(dbContext);
dbContext.DeviceAttachments.Remove(da);
da.RepositoryDelete(Database);
Database.DeviceAttachments.Remove(da);
}
public static bool CanDelete(this JobAttachment ja)
{
return true; // Placeholder - Currently Can Always Delete;
if (UserService.CurrentAuthorization.Has(Claims.Job.Actions.RemoveAnyAttachments))
return true;
if (UserService.CurrentAuthorization.Has(Claims.Job.Actions.RemoveOwnAttachments)
&& ja.TechUserId == UserService.CurrentUserId)
return true;
return false;
}
public static void OnDelete(this JobAttachment ja, DiscoDataContext dbContext)
public static void OnDelete(this JobAttachment ja, DiscoDataContext Database)
{
if (!ja.CanDelete())
throw new InvalidOperationException("Deletion of Attachment is Denied");
ja.RepositoryDelete(dbContext);
dbContext.JobAttachments.Remove(ja);
ja.RepositoryDelete(Database);
Database.JobAttachments.Remove(ja);
}
public static bool CanDelete(this UserAttachment ua)
{
return true; // Placeholder - Currently Can Always Delete;
if (UserService.CurrentAuthorization.Has(Claims.User.Actions.RemoveAnyAttachments))
return true;
if (UserService.CurrentAuthorization.Has(Claims.User.Actions.RemoveOwnAttachments)
&& ua.TechUserId == UserService.CurrentUserId)
return true;
return false;
}
public static void OnDelete(this UserAttachment ua, DiscoDataContext dbContext)
public static void OnDelete(this UserAttachment ua, DiscoDataContext Database)
{
if (!ua.CanDelete())
throw new InvalidOperationException("Deletion of Attachment is Denied");
ua.RepositoryDelete(dbContext);
dbContext.UserAttachments.Remove(ua);
ua.RepositoryDelete(Database);
Database.UserAttachments.Remove(ua);
}
#endregion