Changeset 15737 for branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager/AuthorizationManager.cs

Timestamp:

02/08/18 11:13:15 (6 years ago)

Author:

jzenisek

Message:

#2839

• updated sql scripts (necessary foreign key option alterations & introduction of statistic tables)
• updated HiveService according to changed client side (deletion-routine, permission checking,...)

File:

• branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager/AuthorizationManager.cs (modified) (2 diffs)

branches/HiveProjectManagement/HeuristicLab.Services.Hive/3.3/Manager/AuthorizationManager.cs

@@ -92 +92 @@
 
     // authorize if user is admin, project owner or owner of a parent project
-    public void AuthorizeForProjectAdministration(Guid projectId) {
+    public void AuthorizeForProjectAdministration(Guid projectId, bool parentalOwnership) {
       if (projectId == null) return;
       var currentUserId = UserManager.CurrentUserId;
@@ -98 +98 @@
       var projectDao = pm.ProjectDao;
       pm.UseTransaction(() => {
-        var projectBranch = projectDao.GetCurrentAndParentProjectsById(projectId).ToList();
-        if(!projectBranch.Select(x => x.OwnerUserId).Contains(currentUserId)
-            && !RoleVerifier.IsInRole(HiveRoles.Administrator)) {
+        List<Project> projectBranch = null;
+        if(parentalOwnership) projectDao.GetParentProjectsById(projectId).ToList();
+        else projectBranch = projectDao.GetCurrentAndParentProjectsById(projectId).ToList();
+
+        if(!RoleVerifier.IsInRole(HiveRoles.Administrator)
+            && !projectBranch.Select(x => x.OwnerUserId).Contains(currentUserId)) {
           throw new SecurityException(NOT_AUTHORIZED_USERPROJECT);
         }