private async Task <IActionResult> _GetByFilterPaged(string filter = null, int?page = null, int?pageSize = null)
{
try
{
var ret = (IEnumerable <Role>)null;
var authRet = await ControllerUtils.AuthorizeUserAsync(HttpContext, _context, _testUserName, _adminRoleName, _defaultRoleName, _authorizedRolesAdmins);
if (authRet.ErrorMessage != null)
{
return(BadRequest(authRet.ErrorMessage));
}
filter = ContextUtils.ConvertFilterToLinq(filter);
if (page.HasValue)
{
ret = string.IsNullOrEmpty(filter)
? _context.Roles.ToPagedList(page.Value, pageSize ?? _defaultPageSize)
: _context.Roles.FromSqlRaw($"SELECT * FROM dbo.Role WHERE ({filter})").ToPagedList(page.Value, pageSize ?? _defaultPageSize);
}
else
{
ret = string.IsNullOrEmpty(filter)
? await _context.Roles.ToListAsync()
: await _context.Roles.FromSqlRaw($"SELECT * FROM dbo.Role WHERE ({filter})").ToListAsync();
}
return(Ok(ret));
}
catch (SqlException e)
{
var columns = typeof(Role).GetProperties().Select(p => p.Name);
return(BadRequest("\nGetByFilter(filter) - Sql Exception: " + e.Message + "\n\n" + "Columns: " + String.Join(", ", columns)));
}
}
private async Task <IActionResult> _GetByUserIdFilter(int?userId = null, string filter = null, int?page = null, int?pageSize = null)
{
try
{
var ret = (IEnumerable <User>)null;
var authRet = await ControllerUtils.AuthorizeUserAsync(HttpContext, _context, _testUserName, _adminRoleName, _defaultRoleName, _authorizedRolesUsers);
if (authRet.ErrorMessage != null)
{
return(BadRequest(authRet.ErrorMessage));
}
var isAdmin = _authorizedRolesAdmins.Contains(authRet.ApiUserRole.Name);
if (!isAdmin)
{
if (userId.HasValue && userId.Value != authRet.ApiUser.Id)
{
return(BadRequest("You are not authorized to view other users details"));
}
userId = authRet.ApiUser.Id; // Only retrieve Users own meals
}
filter = ContextUtils.ConvertFilterToLinq(filter);
if (userId.HasValue)
{
if (page.HasValue)
{
ret = string.IsNullOrEmpty(filter)
? _context.Users.Where(u => u.Id == userId).ToPagedList(page.Value, pageSize ?? _defaultPageSize)
: _context.Users.FromSqlRaw($"SELECT * FROM dbo.[User] WHERE Id = {userId} AND ({filter})").ToPagedList(page.Value, pageSize ?? _defaultPageSize);
}
else
{
ret = string.IsNullOrEmpty(filter)
? await _context.Users.Where(u => u.Id == userId).ToListAsync()
: await _context.Users.FromSqlRaw($"SELECT * FROM dbo.[User] WHERE Id = {userId} AND ({filter})").ToListAsync();
}
}
else
{
if (page.HasValue)
{
ret = string.IsNullOrEmpty(filter)
? _context.Users.ToPagedList(page.Value, pageSize ?? _defaultPageSize)
: _context.Users.FromSqlRaw($"SELECT * FROM dbo.[User] WHERE ({filter})").ToPagedList(page.Value, pageSize ?? _defaultPageSize);
}
else
{
ret = string.IsNullOrEmpty(filter)
? await _context.Users.ToListAsync()
: await _context.Users.FromSqlRaw($"SELECT * FROM dbo.[User] WHERE ({filter})").ToListAsync();
}
}
return(Ok(ret));
}
catch (SqlException e)
{
var columns = typeof(User).GetProperties().Select(p => p.Name);
return(BadRequest("\nGetByFilter(filter) Sql Exception: " + e.Message + "\n\n" + "Columns: " + String.Join(", ", columns)));
}
}