Changeset 15508 for branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager

Timestamp:

12/11/17 16:56:19 (7 years ago)

Author:

jzenisek

Message:

#2839 finalized permission checks in AddTask and revised implementation of ResourcePermission methods

File:

• branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager/AuthorizationManager.cs (modified) (2 diffs)

branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager/AuthorizationManager.cs

@@ -27 +27 @@
 using DA = HeuristicLab.Services.Hive.DataAccess;
 using DT = HeuristicLab.Services.Hive.DataTransfer;
-
+using System.Collections.Generic;
+using System.Linq;
 
 namespace HeuristicLab.Services.Hive {
@@ -87 +88 @@
         var project = projectDao.GetById(projectId);
         if (project == null) throw new SecurityException(NOT_AUTHORIZED);
-        if (project.OwnerUserId != UserManager.CurrentUserId
+
+        var projectTree = new List<Project>() { project };
+        projectTree.AddRange(projectDao.GetProjectsByChildId(projectId));
+        if(!projectTree.Select(x => x.OwnerUserId).Contains(UserManager.CurrentUserId)
             && !RoleVerifier.IsInRole(HiveRoles.Administrator)) {
           throw new SecurityException(NOT_AUTHORIZED);