Beispiel #1
0
        public async Task <IHttpActionResult> Delete(Guid id)
        {
            var identity   = User.Identity as ClaimsIdentity;
            var privileged = identity.HasClaim(ClaimsIdentity.DefaultRoleClaimType, "Admin");

            var fr8AccountId   = identity.GetUserId();
            var planTemplateCM = await _planTemplate.Get(fr8AccountId, id);

            if (planTemplateCM != null)
            {
                if (planTemplateCM.OwnerId != fr8AccountId && !privileged)
                {
                    return(Unauthorized());
                }
                await _planTemplate.Remove(fr8AccountId, id);
            }
            //if planTemplate is not in MT we should delete it from azure search
            await _searchProvider.Remove(id);

            return(Ok());
        }
Beispiel #2
0
        public async Task Unpublish(Guid planId, string userId, bool privileged)
        {
            //TODO: add security check with new security model
            //var identity = User.Identity as ClaimsIdentity;
            //var privileged = identity.HasClaim(ClaimsIdentity.DefaultRoleClaimType, "Admin");
            //var fr8AccountId = identity.GetUserId();

            var planTemplateCM = await _planTemplate.Get(userId, planId);

            if (planTemplateCM != null)
            {
                if (planTemplateCM.OwnerId != userId && !privileged)
                {
                    throw new UnauthorizedAccessException(); // Unauthorized();
                }
                await _planTemplate.Remove(userId, planId);

                await _searchProvider.Remove(planId);
            }


            //var uri = new Uri(CloudConfigurationManager.GetSetting("PlanDirectoryUrl") + "/api/v1/plan_templates/?id=" + planId);
            //var headers = await _hmacService.GenerateHMACHeader(
            //    uri,
            //    "PlanDirectory",
            //    CloudConfigurationManager.GetSetting("PlanDirectorySecret"),
            //    userId
            //);

            //await _client.DeleteAsync(uri, headers: headers);

            // Notify user that plan successfully deleted
            _pusherNotifier.NotifyUser(new NotificationMessageDTO
            {
                NotificationType = NotificationType.GenericSuccess,
                Subject          = "Success",
                Message          = $"Plan Unpublished.",
                Collapsed        = false
            }, userId);
        }