using SharepointToolbox.Web.Core.Models; namespace SharepointToolbox.Web.Core.Helpers; public static class PermissionLevelMapping { public record MappingResult(string Label, RiskLevel RiskLevel); private static readonly Dictionary Mappings = new(StringComparer.OrdinalIgnoreCase) { ["Full Control"] = new("Full control (can manage everything)", RiskLevel.High), ["Site Collection Administrator"] = new("Site collection admin (full control)", RiskLevel.High), ["Contribute"] = new("Can edit files and list items", RiskLevel.Medium), ["Edit"] = new("Can edit files, lists, and pages", RiskLevel.Medium), ["Design"] = new("Can edit pages and use design tools", RiskLevel.Medium), ["Approve"] = new("Can approve content and list items", RiskLevel.Medium), ["Manage Hierarchy"] = new("Can create sites and manage pages", RiskLevel.Medium), ["Read"] = new("Can view files and pages", RiskLevel.Low), ["Restricted Read"] = new("Can view pages only (no download)", RiskLevel.Low), ["View Only"] = new("Can view files in browser only", RiskLevel.ReadOnly), ["Restricted View"] = new("Restricted view access", RiskLevel.ReadOnly), }; public static MappingResult GetMapping(string roleName) { if (string.IsNullOrWhiteSpace(roleName)) return new(roleName, RiskLevel.Low); return Mappings.TryGetValue(roleName.Trim(), out var result) ? result : new(roleName.Trim(), RiskLevel.Medium); } public static IReadOnlyList GetMappings(string permissionLevels) { if (string.IsNullOrWhiteSpace(permissionLevels)) return Array.Empty(); return permissionLevels.Split(';', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries) .Select(GetMapping).ToList(); } public static RiskLevel GetHighestRisk(string permissionLevels) { var mappings = GetMappings(permissionLevels); if (mappings.Count == 0) return RiskLevel.Low; return mappings.Min(m => m.RiskLevel); } public static string GetSimplifiedLabels(string permissionLevels) => string.Join("; ", GetMappings(permissionLevels).Select(m => m.Label)); }