sanAntonioSeniorGolf/API/Authentication/GrantAuthentication.cs

using API.Authentication.GrantNames;
using API.Authentication.Interfaces;
using API.DTO.Base;
using API.Services;
using API.Services.Interfaces;
using DAL.Models;

namespace API.Authentication
{
	public class GrantAuthentication : IGrantAuthentication
	{
		private readonly IGrantManager _grantManager;
		private readonly ILogger<GrantAuthentication> _logger;

		public GrantAuthentication(IGrantManager grantManager, ILogger<GrantAuthentication> logger)
		{
			_grantManager = grantManager;
			_logger = logger;
		}

		public bool canGetAll(User user)
		{
			return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetAll);
		}
		public bool canGet(Grant model, User user)
		{
			return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetAny) ||
			       _grantManager.getULongValues(user.permissionId, GrantGrantNames.CanGet).Exists(x => x == model.id);
		}
		public bool canAdd(GrantDTO item, User user)
		{
			return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanAdd) && 
			       _grantManager.hasGrant(user.permissionId, item.name);
		}
		public bool canUpdate(Grant model, User user)
		{
			// Doesn't make sense to update the name of a grant. The updater can just delete and remake.
			return false;
		}
		public bool canDelete(Grant model, User user)
		{
			return (_grantManager.hasGrant(user.permissionId, GrantGrantNames.CanDeleteAny) ||
			       _grantManager.getULongValues(user.permissionId, GrantGrantNames.CanDelete).Exists(x => x == model.id))
				&& _grantManager.hasGrant(user.permissionId, model.name);
		}
		public bool canGetMine(User user)
		{
			return _grantManager.hasGrant(user.permissionId, GrantGrantNames.CanGetSelf);
		}
	}
}