diff --git a/API/Authentication/EventAuthentication.cs b/API/Authentication/EventAuthentication.cs new file mode 100644 index 0000000..eb0766a --- /dev/null +++ b/API/Authentication/EventAuthentication.cs @@ -0,0 +1,44 @@ +using API.Authentication.GrantNames; +using API.Authentication.Interfaces; +using API.DTO.Base; +using API.Services; +using DAL.Models; + +namespace API.Authentication +{ + public class EventAuthentication : IEventAuthentication + { + private readonly GrantService _grantService; + private readonly ILogger _logger; + + public EventAuthentication(GrantService grantService, ILogger logger) + { + _grantService = grantService; + _logger = logger; + } + + public bool canGetAll(User user) + { + return _grantService.hasGrant(user.permissionId, EventGrantNames.CanGetAll); + } + public bool canGet(Event model, User user) + { + return _grantService.hasGrant(user.permissionId, EventGrantNames.CanGetAny) || + _grantService.getULongValues(user.permissionId, EventGrantNames.CanGet).Exists(x => x == model.id); + } + public bool canAdd(EventDTO item, User user) + { + return _grantService.hasGrant(user.permissionId, EventGrantNames.CanAdd); + } + public bool canUpdate(Event model, User user) + { + return _grantService.hasGrant(user.permissionId, EventGrantNames.CanUpdateAny) || + _grantService.getULongValues(user.permissionId, EventGrantNames.CanUpdate).Exists(x => x == model.id); + } + public bool canDelete(Event model, User user) + { + return _grantService.hasGrant(user.permissionId, EventGrantNames.CanDeleteAny) || + _grantService.getULongValues(user.permissionId, EventGrantNames.CanDelete).Exists(x => x == model.id); + } + } +} diff --git a/API/Authentication/GrantNames/EventGrantNames.cs b/API/Authentication/GrantNames/EventGrantNames.cs new file mode 100644 index 0000000..6dbcc1a --- /dev/null +++ b/API/Authentication/GrantNames/EventGrantNames.cs @@ -0,0 +1,14 @@ +namespace API.Authentication.GrantNames +{ + public static class EventGrantNames + { + public const string CanGetAll = "api.event.get.all"; + public const string CanGetAny = "api.event.get.any"; + public const string CanGet = "api.event.get"; + public const string CanAdd = "api.event.add"; + public const string CanUpdateAny = "api.event.update.any"; + public const string CanUpdate = "api.event.update"; + public const string CanDeleteAny = "api.event.delete.any"; + public const string CanDelete = "api.event.delete"; + } +} diff --git a/API/Authentication/Interfaces/IEventAuthentication.cs b/API/Authentication/Interfaces/IEventAuthentication.cs new file mode 100644 index 0000000..9681ea5 --- /dev/null +++ b/API/Authentication/Interfaces/IEventAuthentication.cs @@ -0,0 +1,9 @@ +using API.DTO.Base; +using DAL.Models; + +namespace API.Authentication.Interfaces +{ + public interface IEventAuthentication : IGenericAuthentication + { + } +} diff --git a/API/Controllers/EventController.cs b/API/Controllers/EventController.cs index afd6709..0e90363 100644 --- a/API/Controllers/EventController.cs +++ b/API/Controllers/EventController.cs @@ -10,7 +10,7 @@ namespace API.Controllers { [ApiController] [Route("api/v1/[controller]")] - public class EventController : CRUDBase + public class EventController : CRUDBase { public EventController(ILogger logger, UserService userService, EventService service) : base(logger, userService, service) { diff --git a/API/Services/EventService.cs b/API/Services/EventService.cs index f131562..86495a5 100644 --- a/API/Services/EventService.cs +++ b/API/Services/EventService.cs @@ -6,9 +6,9 @@ using DAL.Models.Audits; namespace API.Services { - public class EventService : ServiceBase + public class EventService : ServiceBase { - public EventService(ILogger logger, SASGContext context, IYesAuthentication auth) : base(logger, context, auth) + public EventService(ILogger logger, SASGContext context, IEventAuthentication auth) : base(logger, context, auth) { } }