47 lines
1.5 KiB
C#
47 lines
1.5 KiB
C#
|
using API.Authentication.GrantNames;
|
||
|
|
using API.Authentication.Interfaces;
|
||
|
|
using API.DTO.Base;
|
||
|
|
using API.Services;
|
||
|
|
using DAL.Models;
|
||
|
|
|
||
|
|
namespace API.Authentication
|
||
|
|
{
|
||
|
|
public class GrantAuthentication : IGrantAuthentication
|
||
|
|
{
|
||
|
|
private readonly GrantService _grantService;
|
||
|
|
private readonly ILogger<GrantAuthentication> _logger;
|
||
|
|
|
||
|
|
public GrantAuthentication(GrantService grantService, ILogger<GrantAuthentication> logger)
|
||
|
|
{
|
||
|
|
_grantService = grantService;
|
||
|
|
_logger = logger;
|
||
|
|
}
|
||
|
|
|
||
|
|
public bool canGetAll(User user)
|
||
|
|
{
|
||
|
|
return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanGetAll);
|
||
|
|
}
|
||
|
|
public bool canGet(Grant model, User user)
|
||
|
|
{
|
||
|
|
return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanGetAny) ||
|
||
|
|
_grantService.getULongValues(user.permissionId, GrantGrantNames.CanGet).Exists(x => x == model.id);
|
||
|
|
}
|
||
|
|
public bool canAdd(GrantDTO item, User user)
|
||
|
|
{
|
||
|
|
return _grantService.hasGrant(user.permissionId, GrantGrantNames.CanAdd) &&
|
||
|
|
_grantService.hasGrant(user.permissionId, item.name);
|
||
|
|
}
|
||
|
|
public bool canUpdate(Grant model, User user)
|
||
|
|
{
|
||
|
|
// Doesn't make sense to update the name of a grant. The updater can just delete and remake.
|
||
|
|
return false;
|
||
|
|
}
|
||
|
|
public bool canDelete(Grant model, User user)
|
||
|
|
{
|
||
|
|
return (_grantService.hasGrant(user.permissionId, GrantGrantNames.CanDeleteAny) ||
|
||
|
|
_grantService.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id))
|
||
|
|
&& _grantService.hasGrant(user.permissionId, model.name);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|