using System;

using System.Collections;

using System.Collections.Generic;

using System.Linq;

public class Program

{

    public static void Main()

    {

        PermissionChecker chk = new PermissionChecker();

        Console.WriteLine(chk.UserHasPermission(TestData.ContactAId, TestData.AccessRightId)); // true

        Console.WriteLine(chk.UserHasPermission(TestData.ContactBId, TestData.AccessRightId)); // false

    }

}

​

public class PermissionChecker {

    public bool UserHasPermission(Guid userId, Guid permissionId) {

        var user = GetUser(userId);

        if(user == null) return false;

        if(user.AccessRights.Contains(permissionId)) return true;

        return false;

    }

    private Contact GetUser(Guid userId) {

        using(var dc = new DataContext())

        {

            return dc.Contacts.FirstOrDefault(x => x.ContactId == userId);

        }

    }

}

​

​

public class Contact {

    public Guid ContactId { get; set; }

    public List<Guid> AccessRights { get; set; }

}

​

public class DataContext : IDisposable {

    // Mockup object - do not change

    public IQueryable<Contact> Contacts { get; private set; } = new List<Contact> { TestData.ContactA, TestData.ContactB }.AsQueryable();

    public void Dispose() { Contacts = null; }

}

​

public static class TestData {

    public static Contact ContactA => new Contact { ContactId = ContactAId, AccessRights = new List<Guid> { AccessRightId } };

    public static Contact ContactB => new Contact { ContactId = ContactBId, AccessRights = new List<Guid>() };

    public static readonly Guid ContactAId = new Guid("aea34bf3-90a7-42b0-4e87-b7f57a31fcf8");

    public static readonly Guid ContactBId = new Guid("2a9a1679-031b-f3a5-4ead-74925f440fa7");

    public static readonly Guid AccessRightId = new Guid("b1e796e8-d09d-b88b-41f1-b21d39d95750");

}

​