Added PermissionAuthentication

API/Authentication/GrantNames/PermissionGrantNames.cs

@@ -0,0 +1,14 @@
+namespace API.Authentication.GrantNames
+{
+	public static class PermissionGrantNames
+	{
+		public const string CanGetAll = "api.permission.get.all";
+		public const string CanGetAny = "api.permission.get.any";
+		public const string CanGet = "api.permission.get";
+		public const string CanAdd = "api.permission.add";
+		public const string CanUpdateAny = "api.permission.update.any";
+		public const string CanUpdate = "api.permission.update";
+		public const string CanDeleteAny = "api.permission.delete.any";
+		public const string CanDelete = "api.permission.delete";
+	}
+}

API/Authentication/Interfaces/IPermissionAuthentication.cs

@@ -0,0 +1,9 @@
+using API.DTO.Base;
+using DAL.Models;
+
+namespace API.Authentication.Interfaces
+{
+	public interface IPermissionAuthentication : IGenericAuthentication<PermissionDTO, Permission>
+	{
+	}
+}

API/Authentication/PermissionAuthentication.cs

@@ -0,0 +1,44 @@
+using API.Authentication.GrantNames;
+using API.Authentication.Interfaces;
+using API.DTO.Base;
+using API.Services;
+using DAL.Models;
+
+namespace API.Authentication
+{
+	public class PermissionAuthentication : IPermissionAuthentication
+	{
+		private readonly GrantService _grantService;
+		private readonly ILogger<PermissionAuthentication> _logger;
+		public PermissionAuthentication(ILogger<PermissionAuthentication> logger, GrantService grantService)
+		{
+			_logger = logger;
+			_grantService = grantService;
+		}
+
+		public bool canGetAll(User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAll);
+		}
+		public bool canGet(Permission model, User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanGetAny) ||
+			       _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanGet).Exists(x => x == model.id);
+		}
+		public bool canAdd(PermissionDTO item, User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanAdd);
+		}
+		public bool canUpdate(Permission model, User user)
+		{
+			return _grantService.hasGrant(user.permissionId, PermissionGrantNames.CanUpdateAny) ||
+			       _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanUpdate).Exists(x => x == model.id);
+		}
+		public bool canDelete(Permission model, User user)
+		{
+			return (_grantService.hasGrant(user.permissionId, PermissionGrantNames.CanDeleteAny) ||
+			        _grantService.getULongValues(user.permissionId, PermissionGrantNames.CanDelete).Exists(x => x == model.id))
+			       && model.id != user.permissionId;
+		}
+	}
+}

API/Controllers/PermissionController.cs

@@ -10,7 +10,7 @@ namespace API.Controllers
 {
 	[ApiController]
 	[Route("api/v1/[controller]")]
-	public class PermissionController : CRUDBase<PermissionController, PermissionDTO, PermissionUpdateDTO, Permission, AuditPermission, IYesAuthentication, PermissionService>
+	public class PermissionController : CRUDBase<PermissionController, PermissionDTO, PermissionUpdateDTO, Permission, AuditPermission, IPermissionAuthentication, PermissionService>
 	{
 		public PermissionController(ILogger<PermissionController> logger, UserService userService, PermissionService service) : base(logger, userService, service)
 		{

API/Services/PermissionService.cs

@@ -6,10 +6,10 @@ using DAL.Models.Audits;
 
 namespace API.Services
 {
-	public class PermissionService : ServiceBase<PermissionService, PermissionDTO, Permission, AuditPermission, IYesAuthentication>
+	public class PermissionService : ServiceBase<PermissionService, PermissionDTO, Permission, AuditPermission, IPermissionAuthentication>
 	{
 
-		public PermissionService(ILogger<PermissionService> logger, SASGContext context, IYesAuthentication auth) : base(logger, context, auth)
+		public PermissionService(ILogger<PermissionService> logger, SASGContext context, IPermissionAuthentication auth) : base(logger, context, auth)
 		{
 		}
 	}