public async Task <Opportunity> GetItemByIdAsync(string id, string requestId = "")
{
_logger.LogInformation($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync called.");
try
{
Guard.Against.NullOrEmpty(id, nameof(id), requestId);
var opportunitySiteList = new SiteList
{
SiteId = _appOptions.ProposalManagementRootSiteId,
ListId = _appOptions.OpportunitiesListId
};
var json = await _graphSharePointAppService.GetListItemByIdAsync(opportunitySiteList, id, "all", requestId);
Guard.Against.Null(json, nameof(json), requestId);
var opportunityJson = json["fields"]["OpportunityObject"].ToString();
var oppArtifact = JsonConvert.DeserializeObject <Opportunity>(opportunityJson.ToString(), new JsonSerializerSettings
{
MissingMemberHandling = MissingMemberHandling.Ignore,
NullValueHandling = NullValueHandling.Ignore
});
oppArtifact.Id = json["fields"]["id"].ToString();
// Check access
var checkAccess = await _opportunityFactory.CheckAccessAnyAsync(oppArtifact, requestId);
if (!checkAccess)
{
_logger.LogError($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync CheckAccessAny");
}
return(oppArtifact);
}
catch (Exception ex)
{
_logger.LogError($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync Service Exception: {ex}");
throw new ResponseException($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync Service Exception: {ex}");
}
}
public async Task <Opportunity> GetItemByIdAsync(string id, string requestId = "")
{
_logger.LogInformation($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync called.");
try
{
Guard.Against.NullOrEmpty(id, nameof(id), requestId);
var opportunitySiteList = new SiteList
{
SiteId = _appOptions.ProposalManagementRootSiteId,
ListId = _appOptions.OpportunitiesListId
};
//Granular Access : Start
var access = await CheckAccessAsync(PermissionNeededTo.ReadPartial, PermissionNeededTo.Read, PermissionNeededTo.ReadAll, requestId);
var currentUser = (_userContext.User.Claims).ToList().Find(x => x.Type == "preferred_username")?.Value;
if (!access.haveSuperAcess && !access.haveAccess && !access.havePartial)
{
// This user is not having any write permissions, so he won't be able to update
_logger.LogError($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync current user: {currentUser} AccessDeniedException");
throw new AccessDeniedException($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync current user: {currentUser} AccessDeniedException");
}
//Granular Access : End
var json = await _graphSharePointAppService.GetListItemByIdAsync(opportunitySiteList, id, "all", requestId);
Guard.Against.Null(json, nameof(json), requestId);
var opportunityJson = json["fields"]["OpportunityObject"].ToString();
var oppArtifact = JsonConvert.DeserializeObject <Opportunity>(opportunityJson.ToString(), new JsonSerializerSettings
{
MissingMemberHandling = MissingMemberHandling.Ignore,
NullValueHandling = NullValueHandling.Ignore
});
//Granular Access : Start
if (!access.haveSuperAcess)
{
if (!(oppArtifact.Content.TeamMembers).ToList().Any
(teamMember => teamMember.Fields.UserPrincipalName == currentUser))
{
// This user is not having any write permissions, so he won't be able to update
_logger.LogError($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync current user: {currentUser} AccessDeniedException");
throw new AccessDeniedException($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync current user: {currentUser} AccessDeniedException");
}
}
//Granular Access : End
oppArtifact.Id = json["fields"]["id"].ToString();
return(oppArtifact);
}
catch (Exception ex)
{
_logger.LogError($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync Service Exception: {ex}");
throw new ResponseException($"RequestId: {requestId} - OpportunityRepository_GetItemByIdAsync Service Exception: {ex}");
}
}
