Ejemplo n.º 1
0
        public async Task <ActionResult <ShoppingUserResult> > GetUsersInGroup(string id)
        {
            ShoppingUserResult result = new ShoppingUserResult();
            var user = await _userProvider.GetUserAsync();

            try
            {
                bool isUserInGroup = await _userGroups.UserIsInGroupAsync(id, user.Id);

                bool isAdmin = await _userProvider.IsUserAdminAsync();

                if (!(isAdmin || isUserInGroup))
                {
                    result.IsSuccessful = false;
                    result.ErrorMessages.Add("Not authorized");
                    return(Unauthorized(result));
                }

                var usersInGroup = await _userGroups.GetUsersInGroup(id);

                result.IsSuccessful = true;
                result.ResultData   = usersInGroup;
            }
            catch (ItemNotFoundException e)
            {
                result.IsSuccessful = false;
                result.ErrorMessages.Add(e.Message);
                return(NotFound(result));
            }
            return(Ok(result));
        }
Ejemplo n.º 2
0
        public async Task <ActionResult <ShoppingUserResult> > UpdateUserData(string id, [FromBody] ShoppingUserModel updatedData)
        {
            ShoppingUserResult result = new ShoppingUserResult();

            if (id != updatedData.Id)
            {
                result.IsSuccessful = false;
                result.ErrorMessages.Add($"Ids do not match");
                return(BadRequest(result));
            }
            if (!(await IsUserAuthorized(id)))
            {
                result.IsSuccessful = false;
                result.ErrorMessages.Add("Not authorized to access this resource");
                return(Unauthorized(result));
            }

            var updateResult = await _userRepository.UpdateUserData(id, updatedData);

            if (updateResult == null)
            {
                result.IsSuccessful = false;
                result.ErrorMessages.Add("Could not update user data");
                return(NotFound(result));
            }



            result.IsSuccessful = true;
            result.ResultData.Add(updateResult);

            return(Ok(result));
        }
Ejemplo n.º 3
0
        public async Task <ActionResult <ShoppingUserResult> > GetCurrentUser()
        {
            var currentUser = await _currentUserProvider.GetUserAsync();

            var result = new ShoppingUserResult()
            {
                IsSuccessful = true,
                ResultData   = new List <ShoppingUserModel>()
                {
                    currentUser
                }
            };

            return(Ok(result));
        }
Ejemplo n.º 4
0
        public async Task <ActionResult <ShoppingUserResult> > GetByIdAsync(string id)
        {
            ShoppingUserResult result = new ShoppingUserResult();

            var currentUser = await _currentUserProvider.GetUserAsync();

            var dbUser = await _userRepository.GetUserAsync(new ShoppingUserModel()
            {
                Id = id
            });

            if (dbUser == null)
            {
                _logger.LogDebug($"No user found with id {id}");
                result.IsSuccessful = false;
                result.ErrorMessages.Add("Not authorized");
                return(Unauthorized(result));
            }

            if (currentUser.Id != id)
            {
                var groupsInCommon = await _userGroupRepository.GetCommonGroupsAsync(currentUser.Id, id);

                if (groupsInCommon.Count == 0)
                {
                    result.IsSuccessful = false;
                    result.ErrorMessages.Add("Not authorized");
                    return(Unauthorized(result));
                }
            }

            result.IsSuccessful = true;
            result.ResultData   = new List <ShoppingUserModel>()
            {
                dbUser
            };
            return(Ok(result));
        }