private ApiErrorItem? ValidateGroups()

in src/Unosquare.PassCore.PasswordProvider/PasswordChangeProvider.cs [158:192]

• 30 lines of code
• 6 McCabe index (conditional complexity)

        private ApiErrorItem? ValidateGroups(UserPrincipal userPrincipal)
        {
            try
            {
                PrincipalSearchResult<Principal> groups;

                try
                {
                    groups = userPrincipal.GetGroups();
                }
                catch (Exception exception)
                {
                    _logger.LogError(new EventId(887), exception, nameof(ValidateGroups));

                    groups = userPrincipal.GetAuthorizationGroups();
                }

                if (_options.RestrictedADGroups != null)
                    if (groups.Any(x => _options.RestrictedADGroups.Contains(x.Name)))
                    {
                        return new ApiErrorItem(ApiErrorCode.ChangeNotPermitted,
                            "The User principal is listed as restricted");
                    }

                return groups?.Any(x => _options.AllowedADGroups?.Contains(x.Name) != false) == true
                    ? null
                    : new ApiErrorItem(ApiErrorCode.ChangeNotPermitted, "The User principal is not listed as allowed");
            }
            catch (Exception exception)
            {
                _logger.LogError(new EventId(888), exception, nameof(ValidateGroups));
            }

            return null;
        }