admin/marco.pms.api
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity

Checking the manage infra permission when getting the infra

Browse Source
This commit is contained in:
ashutosh.nehete 2025-09-17 13:17:38 +05:30
parent 368fd37115
commit 4884bf5de0
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
Marco.Pms.Services/Service/ProjectServices.cs
View File

@ -999,15 +999,20 @@ namespace Marco.Pms.Services.Service
// --- Step 1: Run independent permission checks in PARALLEL --- // --- Step 1: Run independent permission checks in PARALLEL ---
var projectPermissionTask = _permission.HasProjectPermission(loggedInEmployee, projectId); var projectPermissionTask = _permission.HasProjectPermission(loggedInEmployee, projectId);
var viewInfraPermissionTask = _permission.HasPermission(PermissionsMaster.ViewProjectInfra, loggedInEmployee.Id, projectId); var viewInfraPermissionTask = _permission.HasPermission(PermissionsMaster.ViewProjectInfra, loggedInEmployee.Id, projectId);
var manageInfraPermissionTask = _permission.HasPermission(PermissionsMaster.ManageProjectInfra, loggedInEmployee.Id, projectId);
await Task.WhenAll(projectPermissionTask, viewInfraPermissionTask); await Task.WhenAll(projectPermissionTask, viewInfraPermissionTask, manageInfraPermissionTask);
if (!await projectPermissionTask) var hasProjectPermission = projectPermissionTask.Result;
var hasViewInfraPermission = viewInfraPermissionTask.Result;
var hasManageInfraPermission = manageInfraPermissionTask.Result;
if (!hasProjectPermission)
{ {
_logger.LogWarning("Project access denied for EmployeeId: {EmployeeId} on ProjectId: {ProjectId}", loggedInEmployee.Id, projectId); _logger.LogWarning("Project access denied for EmployeeId: {EmployeeId} on ProjectId: {ProjectId}", loggedInEmployee.Id, projectId);
return ApiResponse<object>.ErrorResponse("Access denied", "You don't have access to this project", 403); return ApiResponse<object>.ErrorResponse("Access denied", "You don't have access to this project", 403);
} }
if (!await viewInfraPermissionTask) if (!hasViewInfraPermission && !hasManageInfraPermission)
{ {
_logger.LogWarning("ViewInfra permission denied for EmployeeId: {EmployeeId}", loggedInEmployee.Id); _logger.LogWarning("ViewInfra permission denied for EmployeeId: {EmployeeId}", loggedInEmployee.Id);
return ApiResponse<object>.ErrorResponse("Access denied", "You don't have access to view this project's infrastructure", 403); return ApiResponse<object>.ErrorResponse("Access denied", "You don't have access to view this project's infrastructure", 403);