public async Task <IActionResult?> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "put", Route = "dishes/{dishId}/rating")] HttpRequest req,
string dishId
)
{
var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync();
if (!authenticationStatus)
{
return(authenticationResponse);
}
var dish = await _dishRepository.GetDishAsync(Guid.Parse(dishId));
if (dish is null)
{
return(new BadRequestObjectResult("DISH_NOT_FOUND"));
}
var userId = Guid.Parse(req.HttpContext.User.GetNameIdentifierId() !);
if (!_authz.Authorize(userId, dish.FamilyId, Resources.Dish, Actions.Update))
{
return(new UnauthorizedResult());
}
var dishRating = await req.GetBodyAs <UpdateDishRatingCommandModel>();
if (dishRating is null || dishRating.FamilyMemberId is null)
{
return(new BadRequestObjectResult("MISSING_VALUES"));
}
var family = await _familyRepository.GetFamily(dish.FamilyId);
var familyMemberId = Guid.Parse(dishRating.FamilyMemberId);
var familyMember = family !.FamilyMembers.FirstOrDefault(w => w.Id == familyMemberId);
if (familyMember is null)
{
return(new BadRequestObjectResult("FAMILYMEMBER_NOT_FOUND_IN_FAMILY"));
}
// verify that you're rating as yourself or on behalf of a user that doesn't have autonomy - rating on behalf of other autonomus users is not allowed
if (!familyMember.Id.Equals(userId) && familyMember.HasAutonomy)
{
return(new BadRequestObjectResult("NOT_ALLOWED"));
}
dish.SetRating(familyMemberId, dishRating.GetRatingInDomainFormat());
await _dishRepository.SaveAsync(dish);
return(new OkResult());
}
public async Task <IActionResult?> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "family/{familyId}/member")] HttpRequest req,
string familyId)
{
var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync();
if (!authenticationStatus)
{
return(authenticationResponse);
}
if (!_authz.Authorize(req.HttpContext.User.GetNameIdentifierId() !, familyId, Resources.Family, Actions.Update))
{
return(new UnauthorizedResult());
}
var familyGuid = Guid.Parse(familyId);
if (familyGuid.Equals(Guid.Empty))
{
return(new BadRequestObjectResult("MISSING_FAMILYID"));
}
var command = await req.GetBodyAs <InviteFamilyMemberCommandModel>();
if (string.IsNullOrEmpty(command.Email))
{
return(new BadRequestObjectResult("MISSING_EMAIL"));
}
var user = await _userRepository.GetUser(command.Email);
if (user is null)
{
return(new NoContentResult());
}
var family = await _familyRepository.GetFamily(familyGuid);
if (family is null)
{
return(new BadRequestObjectResult("NOT_FOUND_FAMILY"));
}
family.InviteFamilyMember(user.Id);
await _familyRepository.SaveAsync(family);
return(new OkResult());
}
public FamilyViewModel GetFamily(int Id)
{
var dataModel = _familyRepository.GetFamily(Id);
return(familyMapping.MapToView(dataModel));
}
public IActionResult GetFamily(int id)
{
var family = _familyRepository.GetFamily(id);
return(Ok(family));
}
