BExIS.Security.Services.Authorization.PermissionManager.HasSubjectFeatureAccess C# (CSharp) Метод

        public bool HasSubjectFeatureAccess(long subjectId, long featureId)
        {
            Feature feature = FeaturesRepo.Get(featureId);
            Subject subject = SubjectsRepo.Get(subjectId);

            FeaturePermission featurePermission;

            if (subject is Group)
            {
                while (feature != null)
                {
                    featurePermission = GetFeaturePermission(subject.Id, feature.Id);

                    if (featurePermission != null)
                    {
                        return featurePermission.PermissionType == PermissionType.Grant;
                    }

                    feature = feature.Parent;
                }

                return false;
            }

            if (subject is User)
            {
                User user = subject as User;
                List<long> groupIds = user.Groups.Select(g => g.Id).ToList();

                while (feature != null)
                {
                    featurePermission = GetFeaturePermission(subject.Id, feature.Id);

                    if (featurePermission != null)
                    {
                        return featurePermission.PermissionType == PermissionType.Grant;
                    }

                    if (ExistsFeaturePermission(groupIds, new[] { feature.Id }, PermissionType.Deny))
                    {
                        return false;
                    }
                    else
                    {
                        if (ExistsFeaturePermission(groupIds, new[] { feature.Id }, PermissionType.Grant))
                        {
                            return true;
                        }
                    }

                    feature = feature.Parent;
                }

                return false;
            }

            return false;
        }

        /// <summary>
        /// return true if user has edit rights
        /// </summary>
        /// <returns></returns>
        private bool hasUserEditAccessRights(long entityId)
        {
            #region security permissions and authorisations check
            // set edit rigths
            PermissionManager permissionManager = new PermissionManager();
            SubjectManager subjectManager = new SubjectManager();
            Security.Services.Objects.TaskManager securityTaskManager = new Security.Services.Objects.TaskManager();

            bool hasAuthorizationRights = false;

            User user = subjectManager.GetUserByName(GetUsernameOrDefault());
            long userid = -1;

            if (user != null)
            {
                userid = subjectManager.GetUserByName(GetUsernameOrDefault()).Id;

                //User has Access to Features
                //Area DCM
                //Controller "Create Dataset"
                //Action "*"
                Task task = securityTaskManager.GetTask("DCM", "CreateDataset", "*");
                if (task != null)
                {
                    hasAuthorizationRights = permissionManager.HasSubjectFeatureAccess(userid, task.Feature.Id);
                }

                return (hasAuthorizationRights);
            }
            else
            {
                return false;
            }

            #endregion
        }