private static AssignedProductDTO ConvertAssignment(AssignedProduct assignment)
{
return(new AssignedProductDTO
{
ProductId = assignment.Product.ProductId,
EmployerId = assignment.Product.EmployerId,
LicenseTypeId = assignment.Product.LicenseTypeId,
MinimumRoleId = assignment.Product.MinimumRoleId,
StartDate = assignment.Product.StartDate,
EndDate = assignment.Product.EndDate,
UserId = assignment.UserId,
AssignmentDate = assignment.AssignmentDate
});
}
//[Authorize(Roles = "SuperUser")]
public async Task <ActionResult <AssignedProductDTO> > ProvideAccess(AssignedProductDTO productDTO)
{
//Use Identity Role to check if logged user is a superuser
//Can wire up the AUTHORIZE attribute or custom check using the HttpClient object
//if (currentUser.Role != superUser)
//{
// _logger.LogWarning("Hack Attempt");
// return BadRequest();
//}
var product = await _context.ProductLicenses
.FirstOrDefaultAsync(p => p.ProductId == productDTO.ProductId && p.EmployerId == productDTO.EmployerId && p.LicenseTypeId == productDTO.LicenseTypeId);
if (product == null)
{
return(NotFound());
}
var assigned = new AssignedProduct
{
Product = product,
UserId = productDTO.UserId,
AssignmentDate = DateTime.UtcNow
};
try
{
_context.AssignedProducts.Add(assigned);
await _context.SaveChangesAsync();
}
catch (Exception)
{
_logger.LogError("Error occurred Assigning a product");
throw;
}
return(CreatedAtAction("ProvideAccess", new { id = assigned.Id }, ConvertAssignment(assigned)));
}
