private static AssignedProductDTO ConvertAssignment(AssignedProduct assignment) { return(new AssignedProductDTO { ProductId = assignment.Product.ProductId, EmployerId = assignment.Product.EmployerId, LicenseTypeId = assignment.Product.LicenseTypeId, MinimumRoleId = assignment.Product.MinimumRoleId, StartDate = assignment.Product.StartDate, EndDate = assignment.Product.EndDate, UserId = assignment.UserId, AssignmentDate = assignment.AssignmentDate }); }
//[Authorize(Roles = "SuperUser")] public async Task <ActionResult <AssignedProductDTO> > ProvideAccess(AssignedProductDTO productDTO) { //Use Identity Role to check if logged user is a superuser //Can wire up the AUTHORIZE attribute or custom check using the HttpClient object //if (currentUser.Role != superUser) //{ // _logger.LogWarning("Hack Attempt"); // return BadRequest(); //} var product = await _context.ProductLicenses .FirstOrDefaultAsync(p => p.ProductId == productDTO.ProductId && p.EmployerId == productDTO.EmployerId && p.LicenseTypeId == productDTO.LicenseTypeId); if (product == null) { return(NotFound()); } var assigned = new AssignedProduct { Product = product, UserId = productDTO.UserId, AssignmentDate = DateTime.UtcNow }; try { _context.AssignedProducts.Add(assigned); await _context.SaveChangesAsync(); } catch (Exception) { _logger.LogError("Error occurred Assigning a product"); throw; } return(CreatedAtAction("ProvideAccess", new { id = assigned.Id }, ConvertAssignment(assigned))); }