officereso/sanAntonioSeniorGolf
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SignupAuthentication canAddOthers for admin

Browse Source
This commit is contained in:
quentin 2024-10-29 19:13:15 -05:00
parent 048ccd7c4c
commit d48186d4d6
2 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
API/Authentication/GrantNames/SignupGrantNames.cs
View File

@ -10,5 +10,6 @@ namespace API.Authentication.GrantNames
public const string CanUpdate = "api.signup.update";
public const string CanDeleteAny = "api.signup.delete.any";
public const string CanDelete = "api.signup.delete";
public const string CanAddOthers = "api.signup.add.others";
}
}

10
API/Authentication/SignupAuthentication.cs
View File

@ -10,15 +10,15 @@ namespace API.Authentication
{
private readonly IGrantManager _grantManager;
private readonly ILogger<SignupAuthentication> _logger;
public SignupAuthentication(IGrantManager grantManager, ILogger<SignupAuthentication> logger)
{
_grantManager = grantManager;
_logger = logger;
}
//todo make more restrictive
public bool canGetAll(User user)
{
return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanGetAll);
@ -30,7 +30,9 @@ namespace API.Authentication
}
public bool canAdd(SignupDTO item, User user)
{
return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAdd);
if (item.userId == user.id)
return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAdd);
return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAddOthers);
}
public bool canUpdate(Signup model, User user)
{