public async Task <Guid> CreateAsync(Booking booking)
{
PaymentSummary payment = await _paymentRepository.GetSumOfPaymentsByBookingAsync(booking);
var deleted = DeletedBooking.FromBooking(booking, payment.Total);
using (var db = DbUtil.Open())
{
Guid id = await db.ExecuteScalarAsync <Guid>("insert into [DeletedBooking] ([CruiseId], [Reference], [FirstName], [LastName], [Email], [PhoneNo], [TotalPrice], [AmountPaid], [Created], [Updated]) output inserted.[Id] values (@CruiseId, @Reference, @FirstName, @LastName, @Email, @PhoneNo, @TotalPrice, @AmountPaid, @Created, @Updated)",
new { CruiseId = deleted.CruiseId, Reference = deleted.Reference, FirstName = deleted.FirstName, LastName = deleted.LastName, Email = deleted.Email, PhoneNo = deleted.PhoneNo, TotalPrice = deleted.TotalPrice, AmountPaid = deleted.AmountPaid, Created = deleted.Created, Updated = deleted.Updated });
return(id);
}
}
public async Task <IHttpActionResult> Get(string reference)
{
try
{
Event evnt = await _eventRepository.GetActiveAsync();
if (null == evnt)
{
return(NotFound());
}
if (IsUnauthorized(reference))
{
return(BadRequest("Request is unauthorized, or not logged in as the booking it's trying to read."));
}
Booking booking = await _bookingRepository.FindByReferenceAsync(reference);
if (null == booking)
{
return(NotFound());
}
Event activeEvent = await _eventRepository.GetActiveAsync();
if (!AuthContext.IsAdmin && !booking.EventId.Equals(activeEvent?.Id))
{
return(BadRequest("Request is unauthorized, or booking belongs to an inactive event."));
}
BookingPax[] pax = await _bookingRepository.GetPaxForBookingAsync(booking);
PaymentSummary payment = await _paymentRepository.GetSumOfPaymentsByBookingAsync(booking);
BookingSource result = BookingSource.FromBooking(booking, pax, payment);
if (!AuthContext.IsAdmin)
{
result.InternalNotes = null; // Do not leak internal notes to non-admins
}
return(this.OkNoCache(result));
}
catch (Exception ex)
{
_log.Error(ex, $"An unexpected exception occurred while getting the booking with reference {reference}.");
throw;
}
}
public async Task <IHttpActionResult> Get(string reference)
{
try
{
if (!AuthContext.IsAdmin && !String.Equals(AuthContext.UserName, reference, StringComparison.InvariantCultureIgnoreCase))
{
return(BadRequest("Request is unauthorized, or not logged in as the booking it's trying to read."));
}
Booking booking = await _bookingRepository.FindByReferenceAsync(reference);
if (null == booking)
{
return(NotFound());
}
Cruise activeCruise = await _cruiseRepository.GetActiveAsync();
if (!AuthContext.IsAdmin && !booking.CruiseId.Equals(activeCruise?.Id))
{
return(BadRequest("Request is unauthorized, or booking belongs to an inactive cruise."));
}
BookingCabinWithPax[] cabins = await _bookingRepository.GetCabinsForBookingAsync(booking);
BookingProduct[] products = await _productRepository.GetProductsForBookingAsync(booking);
PaymentSummary payment = await _paymentRepository.GetSumOfPaymentsByBookingAsync(booking);
BookingSource result = BookingSource.FromBooking(booking, cabins, products, payment);
if (!AuthContext.IsAdmin)
{
result.InternalNotes = null; // Do not leak internal notes to non-admins
}
return(this.OkNoCache(result));
}
catch (Exception ex)
{
_log.Error(ex, $"An unexpected exception occurred while getting the booking with reference {reference}.");
throw;
}
}