public async Task <ActionResult <JObject> > EditSystem([FromBody] JObject changes)
{
await using var conn = await _db.Obtain();
var system = await _repo.GetSystem(conn, User.CurrentSystem());
SystemPatch patch;
try
{
patch = JsonModelExt.ToSystemPatch(changes);
patch.CheckIsValid();
}
catch (JsonModelParseError e)
{
return(BadRequest(e.Message));
}
catch (InvalidPatchException e)
{
return(BadRequest($"Request field '{e.Message}' is invalid."));
}
system = await _repo.UpdateSystem(conn, system !.Id, patch);
return(Ok(system.ToJson(User.ContextFor(system))));
}
public async Task <ActionResult <JObject> > PatchMember(string hid, [FromBody] JObject changes)
{
await using var conn = await _db.Obtain();
var member = await conn.QueryMemberByHid(hid);
if (member == null)
{
return(NotFound("Member not found."));
}
var res = await _auth.AuthorizeAsync(User, member, "EditMember");
if (!res.Succeeded)
{
return(Unauthorized($"Member '{hid}' is not part of your system."));
}
MemberPatch patch;
try
{
patch = JsonModelExt.ToMemberPatch(changes);
}
catch (JsonModelParseError e)
{
return(BadRequest(e.Message));
}
var newMember = await conn.UpdateMember(member.Id, patch);
return(Ok(newMember.ToJson(User.ContextFor(newMember))));
}
public async Task <ActionResult <JObject> > PostMember([FromBody] JObject properties)
{
if (!properties.ContainsKey("name"))
{
return(BadRequest("Member name must be specified."));
}
var systemId = User.CurrentSystem();
await using var conn = await _db.Obtain();
var systemData = await _repo.GetSystem(conn, systemId);
// Enforce per-system member limit
var memberCount = await conn.QuerySingleAsync <int>("select count(*) from members where system = @System", new { System = systemId });
var memberLimit = systemData?.MemberLimitOverride ?? Limits.MaxMemberCount;
if (memberCount >= memberLimit)
{
return(BadRequest($"Member limit reached ({memberCount} / {memberLimit})."));
}
await using var tx = await conn.BeginTransactionAsync();
var member = await _repo.CreateMember(conn, systemId, properties.Value <string>("name"), transaction : tx);
MemberPatch patch;
try
{
patch = JsonModelExt.ToMemberPatch(properties);
patch.CheckIsValid();
}
catch (JsonModelParseError e)
{
await tx.RollbackAsync();
return(BadRequest(e.Message));
}
catch (InvalidPatchException e)
{
await tx.RollbackAsync();
return(BadRequest($"Request field '{e.Message}' is invalid."));
}
member = await _repo.UpdateMember(conn, member.Id, patch, transaction : tx);
await tx.CommitAsync();
return(Ok(member.ToJson(User.ContextFor(member))));
}
public async Task <ActionResult <JObject> > EditSystem([FromBody] JObject changes)
{
var system = await _db.Execute(c => c.QuerySystem(User.CurrentSystem()));
SystemPatch patch;
try
{
patch = JsonModelExt.ToSystemPatch(changes);
}
catch (JsonModelParseError e)
{
return(BadRequest(e.Message));
}
await _db.Execute(conn => conn.UpdateSystem(system.Id, patch));
return(Ok(system.ToJson(User.ContextFor(system))));
}
public async Task <ActionResult <JObject> > PostMember([FromBody] JObject properties)
{
var system = User.CurrentSystem();
if (!properties.ContainsKey("name"))
{
return(BadRequest("Member name must be specified."));
}
await using var conn = await _db.Obtain();
// Enforce per-system member limit
var memberCount = await conn.QuerySingleAsync <int>("select count(*) from members where system = @System", new { System = system });
if (memberCount >= Limits.MaxMemberCount)
{
return(BadRequest($"Member limit reached ({memberCount} / {Limits.MaxMemberCount})."));
}
var member = await conn.CreateMember(system, properties.Value <string>("name"));
MemberPatch patch;
try
{
patch = JsonModelExt.ToMemberPatch(properties);
}
catch (JsonModelParseError e)
{
return(BadRequest(e.Message));
}
member = await conn.UpdateMember(member.Id, patch);
return(Ok(member.ToJson(User.ContextFor(member))));
}
