public async Task <IActionResult> Run( [HttpTrigger(Constants.AUTHORIZATION_LEVEL, "get", Route = "getorcreatetaskactivitylist"), ] HttpRequest req, ILogger log) { var startDate = req.Query.GetValue <DateTime>("weekstartdate").StartOfDay(); var taskWeekId = req.Query.GetValue <int>("taskweekid"); var callingUserIdentifier = req.GetUserIdentifier(); log.LogTrace($"GetTaskActivityListByDay function processed a request by userIdentifier={callingUserIdentifier}, startDate={startDate}."); List <TaskActivity> taskActivityList = null; try { TaskWeek taskWeek = null; if (taskWeekId > 0) { taskWeek = await _taskWeekService.Get(taskWeekId); if (taskWeek.UserIdentifier != callingUserIdentifier && !await _authorizationService.IsInRole(callingUserIdentifier, Constants.Role.Parent)) { var targetAccount = await _authorizationService.GetAccount(taskWeek.UserIdentifier); var callingAccount = await _authorizationService.GetAccount(callingUserIdentifier); throw new SecurityException($"Unauthorized access of taskweek for {targetAccount.Name} by {callingAccount.Name}"); } } else { if (await _authorizationService.IsInRole(callingUserIdentifier, Constants.Role.Parent)) { throw new SecurityException("Invalid attempt by parent to retrieve or create a taskweek by date"); } taskWeek = await _taskWeekService.Get(callingUserIdentifier, startDate); } taskActivityList = await _taskActivityService.GetOrCreate(taskWeek); } catch (Exception exception) { return(new BadRequestObjectResult(new BadRequestErrorMessageResult(exception.Message))); } return(new OkObjectResult(taskActivityList)); }
public async Task <IActionResult> Run( [HttpTrigger(Constants.AUTHORIZATION_LEVEL, "get", Route = "taskweekset")] HttpRequest req, ILogger log) { List <TaskWeek> result = null; try { var userIdentifier = await GetTargetUserIdentifier(req); int taskWeekId; if (req.Query.ContainsKey("taskweekid")) { taskWeekId = req.Query.GetValue <int>("taskweekid"); var taskWeek = await _taskWeekService.Get(taskWeekId); result = new List <TaskWeek>() { taskWeek }; } else { var dateStart = req.Query.GetValueOrDefault <DateTime>("startdate"); Ensure.That(dateStart.HasValue).IsTrue(); dateStart = dateStart.Value.FirstDayOfWeek(); var dateEnd = req.Query.GetValueOrDefault <DateTime>("enddate"); if (!dateEnd.HasValue) { dateEnd = dateStart; } dateEnd = dateEnd.Value.LastDayOfWeek(); log.LogTrace($"GetTaskWeek triggered with Date from {dateStart} to {dateEnd}"); if (userIdentifier == GetCallingUserIdentifier(req) && await IsParent(req)) { result = await _taskWeekService.GetListByRange(dateStart, dateEnd); } else { result = await _taskWeekService.GetListByRange(dateStart, dateEnd, userIdentifier); } } } catch (Exception exception) { return(new BadRequestObjectResult($"Error trying to execute GetTaskWeekList. {exception.Message}")); } return(new OkObjectResult(result)); }
public async Task <IActionResult> Run( [HttpTrigger(Constants.AUTHORIZATION_LEVEL, "get", Route = "getorcreatetaskweek"), ] HttpRequest req, ILogger log) { var userIdentifier = req.GetUserIdentifier(); var startDate = req.Query.GetValue <DateTime>("startdate").StartOfDay(); log.LogTrace($"GetTaskActivityListByDay function processed a request for userIdentifier={userIdentifier}, startDate={startDate}."); TaskWeek taskWeek = null; try { Ensure.That(req.Query.ContainsKey("startdate")).IsTrue(); taskWeek = await _taskWeekService.Get(userIdentifier, startDate); if (taskWeek == null) { var callingAccount = await _authorizationService.GetAccount(userIdentifier); if (await IsParent(req)) { throw new SecurityException($"Invalid attempt by {callingAccount.Name} to create a new task week."); } taskWeek = await _taskWeekService.Create(userIdentifier, startDate); var account = await _accountService.GetByUser(userIdentifier); account.ActiveTaskWeekId = taskWeek.Id; await _accountService.Update(account); } if (taskWeek.UserIdentifier != userIdentifier && !await IsInRole(userIdentifier, Constants.Role.Parent)) { throw new SecurityException("Invalid attempt to access a record by an invalid user"); } } catch (Exception exception) { return(new BadRequestObjectResult(new BadRequestErrorMessageResult(exception.Message))); } return(new OkObjectResult(taskWeek)); }