public IActionResult GetById(long id)
{
// List of messages
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.R))
{
return(Forbid());
}
// Get data from database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4006,
new List <string>()
{
id.ToString()
}));
return(BadRequest(messages));
}
// Remove unnecessary data
rightsModel.Application = null;
rightsModel.Users = null;
return(Ok(rightsModel));
}
public IActionResult Put([FromBody] RightsModel fromBodyRightsModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Received rights ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyRightsModel.Application = authUserModel.Application;
// Rights must already exist in the database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, fromBodyRightsModel.Id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4003,
new List <string>()
{
fromBodyRightsModel.Application.LoginApplicationName,
fromBodyRightsModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// If the rights name was changed, the new one must be unique
if (rightsModel.Name != fromBodyRightsModel.Name)
{
var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
if (sameNameRights.Count() > 0)
{
messages.Add(new Message(MessageTypeEnum.Error,
4001,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(BadRequest(messages));
}
}
// Rights data validity and logic validity
messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
fromBodyRightsModel.DataDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
rightsRepository.SetNameAndData(rightsModel, fromBodyRightsModel.Name, fromBodyRightsModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
4007,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(Ok(messages));
}
public IActionResult DeleteById(long id)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRUD))
{
return(Forbid());
}
#region VALIDATIONS
// Rights must already exist in the database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4003,
new List <string>()
{
rightsModel.Application.LoginApplicationName,
rightsModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Check if no users are using rights to delete
var userRepository = new UserRepository(context);
var users = userRepository.GetByRightsId(rightsModel.Id);
if (users.Count() > 0)
{
var usernames = String.Join(", ", users.Select(u => u.GetUsername()));
messages.Add(new Message(MessageTypeEnum.Error,
4004,
new List <string>()
{
rightsModel.Name,
usernames
}));
return(BadRequest(messages));
}
#endregion
// Remove rights
rightsRepository.Remove(rightsModel);
messages.Add(new Message(MessageTypeEnum.Info,
4005,
new List <string>()
{
rightsModel.Name
}));
return(Ok(messages));
}