Beispiel #1
0
        public async Task <IActionResult?> Run(
            [HttpTrigger(AuthorizationLevel.Anonymous, "put", Route = "dishes/{dishId}/rating")] HttpRequest req,
            string dishId
            )
        {
            var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync();

            if (!authenticationStatus)
            {
                return(authenticationResponse);
            }
            var dish = await _dishRepository.GetDishAsync(Guid.Parse(dishId));

            if (dish is null)
            {
                return(new BadRequestObjectResult("DISH_NOT_FOUND"));
            }
            var userId = Guid.Parse(req.HttpContext.User.GetNameIdentifierId() !);

            if (!_authz.Authorize(userId, dish.FamilyId, Resources.Dish, Actions.Update))
            {
                return(new UnauthorizedResult());
            }

            var dishRating = await req.GetBodyAs <UpdateDishRatingCommandModel>();

            if (dishRating is null || dishRating.FamilyMemberId is null)
            {
                return(new BadRequestObjectResult("MISSING_VALUES"));
            }
            var family = await _familyRepository.GetFamily(dish.FamilyId);

            var familyMemberId = Guid.Parse(dishRating.FamilyMemberId);
            var familyMember   = family !.FamilyMembers.FirstOrDefault(w => w.Id == familyMemberId);

            if (familyMember is null)
            {
                return(new BadRequestObjectResult("FAMILYMEMBER_NOT_FOUND_IN_FAMILY"));
            }

            // verify that you're rating as yourself or on behalf of a user that doesn't have autonomy - rating on behalf of other autonomus users is not allowed
            if (!familyMember.Id.Equals(userId) && familyMember.HasAutonomy)
            {
                return(new BadRequestObjectResult("NOT_ALLOWED"));
            }

            dish.SetRating(familyMemberId, dishRating.GetRatingInDomainFormat());
            await _dishRepository.SaveAsync(dish);

            return(new OkResult());
        }
Beispiel #2
0
        public async Task <IActionResult?> Run(
            [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "family/{familyId}/member")] HttpRequest req,
            string familyId)
        {
            var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync();

            if (!authenticationStatus)
            {
                return(authenticationResponse);
            }
            if (!_authz.Authorize(req.HttpContext.User.GetNameIdentifierId() !, familyId, Resources.Family, Actions.Update))
            {
                return(new UnauthorizedResult());
            }

            var familyGuid = Guid.Parse(familyId);

            if (familyGuid.Equals(Guid.Empty))
            {
                return(new BadRequestObjectResult("MISSING_FAMILYID"));
            }

            var command = await req.GetBodyAs <InviteFamilyMemberCommandModel>();

            if (string.IsNullOrEmpty(command.Email))
            {
                return(new BadRequestObjectResult("MISSING_EMAIL"));
            }

            var user = await _userRepository.GetUser(command.Email);

            if (user is null)
            {
                return(new NoContentResult());
            }

            var family = await _familyRepository.GetFamily(familyGuid);

            if (family is null)
            {
                return(new BadRequestObjectResult("NOT_FOUND_FAMILY"));
            }

            family.InviteFamilyMember(user.Id);
            await _familyRepository.SaveAsync(family);

            return(new OkResult());
        }
        public FamilyViewModel GetFamily(int Id)
        {
            var dataModel = _familyRepository.GetFamily(Id);

            return(familyMapping.MapToView(dataModel));
        }
Beispiel #4
0
        public IActionResult GetFamily(int id)
        {
            var family = _familyRepository.GetFamily(id);

            return(Ok(family));
        }