BackEnd/Timeline/Services/User/UserPermissionService.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76

using Microsoft.EntityFrameworkCore;
using System.Linq;
using System.Threading.Tasks;
using Timeline.Entities;

namespace Timeline.Services.User
{
    public class UserPermissionService : IUserPermissionService
    {
        private readonly DatabaseContext _database;
        private readonly IUserService _userService;

        public UserPermissionService(DatabaseContext database, IUserService userService)
        {
            _database = database;
            _userService = userService;
        }

        private async Task CheckUserExistence(long userId, bool checkUserExistence)
        {
            if (checkUserExistence)
            {
                await _userService.ThrowIfUserNotExist(userId);
            }
        }

        public async Task<UserPermissions> GetPermissionsOfUserAsync(long userId, bool checkUserExistence = true)
        {
            if (userId == 1) // The init administrator account.
            {
                return UserPermissions.AllPermissions;
            }

            await CheckUserExistence(userId, checkUserExistence);

            var permissionNameList = await _database.UserPermission.Where(e => e.UserId == userId).Select(e => e.Permission).ToListAsync();

            return UserPermissions.FromStringList(permissionNameList);
        }

        public async Task AddPermissionToUserAsync(long userId, UserPermission permission)
        {
            if (userId == 1)
                throw new InvalidOperationOnRootUserException(Resource.ExceptionChangeRootUserPermission);

            await CheckUserExistence(userId, true);

            var alreadyHas = await _database.UserPermission
                .AnyAsync(e => e.UserId == userId && e.Permission == permission.ToString());

            if (alreadyHas) return;

            _database.UserPermission.Add(new UserPermissionEntity { UserId = userId, Permission = permission.ToString() });

            await _database.SaveChangesAsync();
        }

        public async Task RemovePermissionFromUserAsync(long userId, UserPermission permission, bool checkUserExistence = true)
        {
            if (userId == 1)
                throw new InvalidOperationOnRootUserException(Resource.ExceptionChangeRootUserPermission);

            await CheckUserExistence(userId, checkUserExistence);

            var entity = await _database.UserPermission
                .Where(e => e.UserId == userId && e.Permission == permission.ToString())
                .SingleOrDefaultAsync();

            if (entity == null) return;

            _database.UserPermission.Remove(entity);

            await _database.SaveChangesAsync();
        }
    }
}