sanAntonioSeniorGolf/API/Authentication/SignupAuthentication.cs

using API.Authentication.GrantNames;
using API.Authentication.Interfaces;
using API.DTO.Base.Update;
using API.Services.Interfaces;
using DAL.Models;

namespace API.Authentication
{
	public class SignupAuthentication : ISignupAuthentication
	{
		private readonly IGrantManager _grantManager;
		private readonly ILogger<SignupAuthentication> _logger;

		public SignupAuthentication(IGrantManager grantManager, ILogger<SignupAuthentication> logger)
		{
			_grantManager = grantManager;
			_logger = logger;
		}

		//todo make more restrictive 

		public bool canGetAll(User user)
		{
			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanGetAll);
		}
		public bool canGet(Signup model, User user)
		{
			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanGetAny) ||
			       _grantManager.getULongValues(user.permissionId, SignupGrantNames.CanGet).Exists(x => x == model.id);
		}
		public bool canAdd(SignupDTO item, User user)
		{
			if (item.userId == user.id)
				return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAdd);
			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanAddOthers);
		}
		public bool canUpdate(Signup model, User user)
		{
			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanUpdateAny) ||
			       _grantManager.getULongValues(user.permissionId, SignupGrantNames.CanUpdate).Exists(x => x == model.id);
		}
		public bool canDelete(Signup model, User user)
		{
			return _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanDeleteAny) ||
			       (model.userId == user.id && _grantManager.hasGrant(user.permissionId, SignupGrantNames.CanDeleteSelf)) ||
			       _grantManager.getULongValues(user.permissionId, SignupGrantNames.CanDelete).Exists(x => x == model.id);
		}
	}
}