public async Task <ActionResult <DogBiography> > Get(int id)
{
string requestUser = GetUserId();
DogBiography bio = await _service.GetDogBiography(id);
if (bio != null)
{
// return bio if user requesting biography is the dog's owner
if (requestUser == bio.OwnerId)
{
return(Ok(bio));
}
else
{
_logger.LogWarning($"Request user ({requestUser}) does not have the permission (non-owner) to get dog biography for dog Id: {bio.DogId}");
}
return(Unauthorized());
}
else // create new dog biography if it does not yet exist
{
string ownerId = await _userService.GetOwnerIdByDogId(id);
// create and return new biography if requester is dog owner
if (ownerId == requestUser)
{
return(Ok(await _service.CreateBiography(id, requestUser)));
}
else
{
_logger.LogWarning($"Request user ({requestUser}) does not have the permission (non-owner) to create new biography for dog owned by {ownerId}");
}
return(Unauthorized());
}
}
public async Task <IActionResult> Put(int id, DogBiography bio)
{
if (id != bio.DogId)
{
return(BadRequest());
}
// ensure user attempting to update biography is the dog owner
string dogOwnerId = await _userService.GetOwnerIdByDogId(bio.DogId);
string requestUser = GetUserId();
if (dogOwnerId == requestUser)
{
bool success = await _service.UpdateBiography(bio, requestUser);
if (success)
{
return(Ok());
}
else
{
_logger.LogError($"Failed to save Biography for {bio.DogId} by {requestUser}");
}
return(BadRequest());
}
else
{
// unauthorized: user attempting to update dog is not the owner
_logger.LogWarning($"Request user ({requestUser}) does not have permission (non-owner) to update dog biography for dog id {bio.DogId}");
return(Unauthorized());
}
}
/// <summary>
/// Updates single <see cref="Biography"/> entity
/// </summary>
/// <param name="bio">
/// <see cref="DogBiography"/> instance with which to update existing record
/// </param>
/// <param name="userId">User Id <see cref="string"/></param>
/// <returns>Updated (mapped) <see cref="DogBiography"/> instance</returns>
public async Task <bool> UpdateBiography(DogBiography bio, string userId)
{
Biography bioEntity = await _repository.FindBiography(bio.DogId);
_mapper.Map(bio, bioEntity);
bioEntity.LastModified = DateTime.Now;
bioEntity.LastModifiedBy = userId;
bool updated = await _repository.SaveBiography(bioEntity);
if (updated)
{
return(true);
}
else
{
return(false);
}
}
/// <summary> /// Initializes new <see cref="DogBiography"/> instance in state. /// </summary> public void NewBiography() => Biography = new DogBiography();
