public IActionResult GetAll()
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var userModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (userModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(userModel, (long)SystemDatasetsEnum.Rights, RightsEnum.R))
{
return(Forbid());
}
// Get data from database
var rightsRepository = new RightsRepository(context);
var rightsModelList = rightsRepository.GetAllByApplicationId(userModel.ApplicationId);
// Remove unnecessary data
foreach (var item in rightsModelList)
{
item.Application = null;
item.Users = null;
}
return(Ok(rightsModelList));
}
public IActionResult GetById(long id)
{
// List of messages
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.R))
{
return(Forbid());
}
// Get data from database
var userRepository = new UserRepository(context);
var userModel = userRepository.GetById(id);
if (userModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3006,
new List <string>()
{
id.ToString()
}));
return(BadRequest(messages));
}
// Prepare data for client
DataHelper dataHelper = new DataHelper(context, authUserModel.Application, (long)SystemDatasetsEnum.Users);
dataHelper.PrepareOneRecordForClient(userModel);
// Remove unnecessary data
userModel.Application.Users = null;
userModel.Application.Rights = null;
userModel.Application.Datas = null;
userModel.PasswordHash = null;
userModel.PasswordSalt = null;
userModel.Rights.Application = null;
userModel.Rights.Users = null;
return(Ok(userModel));
}
public IActionResult GetAll(long datasetId)
{
// List of messages
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Dataset descriptor
var datasetDescriptor = authUserModel.Application.ApplicationDescriptor.Datasets.FirstOrDefault(d => d.Id == datasetId);
if (datasetDescriptor == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2001,
new List <string>()
{
datasetId.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, datasetDescriptor.Id, RightsEnum.R))
{
return(Forbid());
}
// Get data from database
var dataRepository = new DataRepository(context);
var allDataModels = dataRepository.GetAllByApplicationIdAndDatasetId(authUserModel.ApplicationId, datasetDescriptor.Id);
// Prepare data for client
DataHelper dataHelper = new DataHelper(context, authUserModel.Application, datasetDescriptor.Id);
foreach (var item in allDataModels)
{
dataHelper.PrepareOneRecordForClient(item);
// Remove unnecessary data
item.Application = null;
}
return(Ok(allDataModels));
}
public IActionResult Get()
{
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization - none, because every logged user is authorized to read an own application descriptor.
return(Ok(authUserModel.Application.ApplicationDescriptor));
}
public IActionResult ResetPasswordById(long id)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRU))
{
return(Forbid());
}
// Get data from database
var userRepository = new UserRepository(context);
var userModel = userRepository.GetById(authUserModel.ApplicationId, id);
if (userModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3004,
new List <string>()
{
authUserModel.Application.LoginApplicationName,
id.ToString()
}));
return(BadRequest(messages));
}
// Reset password
userRepository.ResetPassword(userModel);
messages.Add(new Message(MessageTypeEnum.Info,
3008,
new List <string>()
{
userModel.GetUsername()
}));
return(Ok(messages));
}
public IActionResult GetAll()
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.R))
{
return(Forbid());
}
// Get data from database
var userRepository = new UserRepository(context);
var allUserModels = userRepository.GetAllByApplicationId(authUserModel.ApplicationId);
// Prepare data for client
DataHelper dataHelper = new DataHelper(context, authUserModel.Application, (long)SystemDatasetsEnum.Users);
foreach (var row in allUserModels)
{
dataHelper.PrepareOneRecordForClient(row);
// Remove unnecessary data
row.Application.Users = null;
row.Application.Rights = null;
row.Application.Datas = null;
row.PasswordHash = null;
row.PasswordSalt = null;
row.Rights.Application = null;
row.Rights.Users = null;
}
return(Ok(allUserModels));
}
public IActionResult GetById(long id)
{
// List of messages
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.R))
{
return(Forbid());
}
// Get data from database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4006,
new List <string>()
{
id.ToString()
}));
return(BadRequest(messages));
}
// Remove unnecessary data
rightsModel.Application = null;
rightsModel.Users = null;
return(Ok(rightsModel));
}
public IActionResult GetByIdFromToken()
{
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization - none, because every logged user is authorized to read own rights.
// Remove unnecessary data
var rightsModel = authUserModel.Rights;
rightsModel.Application = null;
rightsModel.Users = null;
return(Ok(rightsModel));
}
public IActionResult Put([FromBody] RightsModel fromBodyRightsModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Received rights ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyRightsModel.Application = authUserModel.Application;
// Rights must already exist in the database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, fromBodyRightsModel.Id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4003,
new List <string>()
{
fromBodyRightsModel.Application.LoginApplicationName,
fromBodyRightsModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// If the rights name was changed, the new one must be unique
if (rightsModel.Name != fromBodyRightsModel.Name)
{
var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
if (sameNameRights.Count() > 0)
{
messages.Add(new Message(MessageTypeEnum.Error,
4001,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(BadRequest(messages));
}
}
// Rights data validity and logic validity
messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
fromBodyRightsModel.DataDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
rightsRepository.SetNameAndData(rightsModel, fromBodyRightsModel.Name, fromBodyRightsModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
4007,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(Ok(messages));
}
public IActionResult PasswordChange([FromBody] PasswordChangeStructure passwords)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization - none, because every logged user is authorized to change an own password.
#region VALIDATIONS
// All passwords must not be null or empty strings
if (String.IsNullOrEmpty(passwords.OldPassword) ||
String.IsNullOrEmpty(passwords.NewPassword) ||
String.IsNullOrEmpty(passwords.NewPasswordCopy))
{
messages.Add(new Message(MessageTypeEnum.Error,
5001,
new List <string>()));
return(BadRequest(messages));
}
// Both new passwords must be equal
if (passwords.NewPassword != passwords.NewPasswordCopy)
{
messages.Add(new Message(MessageTypeEnum.Error,
5002,
new List <string>()));
return(BadRequest(messages));
}
// Old password must be correct
if (authUserModel.PasswordHash != PasswordHelper.ComputeHash(authUserModel.PasswordSalt + passwords.OldPassword))
{
messages.Add(new Message(MessageTypeEnum.Error,
5003,
new List <string>()));
return(BadRequest(messages));
}
// If passwords are required to be safer by application descriptor
if (authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Safer == true)
{
var sharedValidationHelper = new SharedValidationHelper();
if (!sharedValidationHelper.IsPasswordSafer(passwords.NewPassword))
{
messages.Add(new Message(MessageTypeEnum.Error,
5004,
new List <string>()));
return(BadRequest(messages));
}
}
// If minimal password length is set
var minPasswordLength = authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor.PasswordAttribute.Min;
if (minPasswordLength != null)
{
if (passwords.NewPassword.Length < minPasswordLength)
{
messages.Add(new Message(MessageTypeEnum.Error,
5006,
new List <string>()
{
minPasswordLength.ToString(),
passwords.NewPassword.Length.ToString()
}));
return(BadRequest(messages));
}
}
#endregion
// Setting new password
var userRepository = new UserRepository(context);
userRepository.SetPassword(authUserModel, passwords.NewPassword);
messages.Add(new Message(MessageTypeEnum.Info,
5005,
new List <string>()));
return(Ok(messages));
}
public IActionResult DeleteById(long id)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CRUD))
{
return(Forbid());
}
#region VALIDATIONS
// Rights must already exist in the database
var rightsRepository = new RightsRepository(context);
var rightsModel = rightsRepository.GetById(authUserModel.ApplicationId, id);
if (rightsModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
4003,
new List <string>()
{
rightsModel.Application.LoginApplicationName,
rightsModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Check if no users are using rights to delete
var userRepository = new UserRepository(context);
var users = userRepository.GetByRightsId(rightsModel.Id);
if (users.Count() > 0)
{
var usernames = String.Join(", ", users.Select(u => u.GetUsername()));
messages.Add(new Message(MessageTypeEnum.Error,
4004,
new List <string>()
{
rightsModel.Name,
usernames
}));
return(BadRequest(messages));
}
#endregion
// Remove rights
rightsRepository.Remove(rightsModel);
messages.Add(new Message(MessageTypeEnum.Info,
4005,
new List <string>()
{
rightsModel.Name
}));
return(Ok(messages));
}
public IActionResult Put([FromBody] UserModel fromBodyUserModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Received user ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyUserModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyUserModel.Application = authUserModel.Application;
// User must already exist in the database
var userRepository = new UserRepository(context);
var userModel = userRepository.GetById(authUserModel.ApplicationId, fromBodyUserModel.Id);
if (userModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3004,
new List <string>()
{
fromBodyUserModel.Application.LoginApplicationName,
fromBodyUserModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// New username must be nonempty
if (string.IsNullOrEmpty(fromBodyUserModel.GetUsername()))
{
messages.Add(new Message(MessageTypeEnum.Error,
3001,
new List <string>()));
return(BadRequest(messages));
}
// If the username was changed, the new one must be unique
if (userModel.GetUsername() != fromBodyUserModel.GetUsername())
{
var sameNameUser = userRepository.GetByApplicationIdAndUsername(authUserModel.ApplicationId, fromBodyUserModel.GetUsername());
if (sameNameUser != null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3002,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(BadRequest(messages));
}
}
// Input data validations
var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application);
messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor,
fromBodyUserModel.DataDictionary,
validReferencesIdsDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
userRepository.SetRightsIdAndData(userModel, fromBodyUserModel.RightsId, fromBodyUserModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
3007,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(Ok(messages));
}
public IActionResult Create([FromBody] UserModel fromBodyUserModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CR))
{
return(Forbid());
}
#region VALIDATIONS
// New user ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyUserModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyUserModel.Application = authUserModel.Application;
// New username must be nonempty
if (String.IsNullOrEmpty(fromBodyUserModel.GetUsername()))
{
messages.Add(new Message(MessageTypeEnum.Error,
3001,
new List <string>()));
return(BadRequest(messages));
}
// New username must be unique
var userRepository = new UserRepository(context);
var sameNameUser = userRepository.GetByApplicationIdAndUsername(authUserModel.ApplicationId, fromBodyUserModel.GetUsername());
if (sameNameUser != null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3002,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(BadRequest(messages));
}
// Input data validations
var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application);
messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(authUserModel.Application.ApplicationDescriptor.SystemDatasets.UsersDatasetDescriptor,
fromBodyUserModel.DataDictionary,
validReferencesIdsDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
// Reset password to default
userRepository.ResetPassword(fromBodyUserModel);
// Set defalut language from application
fromBodyUserModel.Language = fromBodyUserModel.Application.ApplicationDescriptor.DefaultLanguage;
userRepository.Add(fromBodyUserModel);
messages.Add(new Message(MessageTypeEnum.Info,
3003,
new List <string>()
{
fromBodyUserModel.GetUsername()
}));
return(Ok(messages));
}
public IActionResult Put([FromBody] DataModel fromBodyDataModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Dataset descriptor
var datasetDescriptor = authUserModel.Application.ApplicationDescriptor.Datasets.FirstOrDefault(d => d.Id == fromBodyDataModel.DatasetId);
if (datasetDescriptor == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2001,
new List <string>()
{
fromBodyDataModel.DatasetId.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, datasetDescriptor.Id, RightsEnum.CRU))
{
return(Forbid());
}
#region VALIDATIONS
// Recieved data ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyDataModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyDataModel.Application = authUserModel.Application;
// Data must already exist in the database
var dataRepository = new DataRepository(context);
var dataModel = dataRepository.GetById(fromBodyDataModel.ApplicationId, fromBodyDataModel.DatasetId, fromBodyDataModel.Id);
if (dataModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2003,
new List <string>()
{
fromBodyDataModel.Application.LoginApplicationName,
datasetDescriptor.Name,
fromBodyDataModel.Id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Input data validations
var validReferencesIdsDictionary = controllerHelper.GetAllReferencesIdsDictionary(authUserModel.Application);
messages = sharedValidationHelper.ValidateDataByApplicationDescriptor(datasetDescriptor,
fromBodyDataModel.DataDictionary,
validReferencesIdsDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
dataRepository.SetData(dataModel, fromBodyDataModel.DataDictionary);
messages.Add(new Message(MessageTypeEnum.Info,
2005,
new List <string>()
{
datasetDescriptor.Name
}));
return(Ok(messages));
}
public IActionResult DeleteById(long datasetId, long id)
{
// List of messages
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Dataset descriptor
var datasetDescriptor = authUserModel.Application.ApplicationDescriptor.Datasets.FirstOrDefault(d => d.Id == datasetId);
if (datasetDescriptor == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2001,
new List <string>()
{
datasetId.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, datasetDescriptor.Id, RightsEnum.CRUD))
{
return(Forbid());
}
#region VALIDATIONS
// Get data from database
var dataRepository = new DataRepository(context);
var dataModel = dataRepository.GetById(authUserModel.ApplicationId, datasetDescriptor.Id, id);
if (dataModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
2006,
new List <string>()
{
id.ToString(),
datasetDescriptor.Name
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Delete validity check
using (var transaction = context.Database.BeginTransaction())
{
// Set to delete or remove all references from data referencing dataModel to delete
if (controllerHelper.IfCanBeDeletedPerformDeleteActions(authUserModel, dataModel))
{
// Remove model itself
dataRepository.Remove(dataModel);
// Save all performed changes into the database
transaction.Commit();
messages.Add(new Message(MessageTypeEnum.Info,
2004,
new List <string>()
{
datasetDescriptor.Name
}));
return(Ok(messages));
}
// DataModel to delete or other model that should be deleted can not be deleted
transaction.Rollback();
messages.Add(new Message(MessageTypeEnum.Error,
2012,
new List <string>()));
return(BadRequest(messages));
}
#endregion
}
public IActionResult Create([FromBody] RightsModel fromBodyRightsModel)
{
// List of messages to return to the client
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Rights, RightsEnum.CR))
{
return(Forbid());
}
#region VALIDATIONS
// New rights ApplicationId must be the same as of authorized user
var sharedValidationHelper = new SharedValidationHelper();
messages = sharedValidationHelper.ValidateApplicationId(fromBodyRightsModel.ApplicationId, authUserModel.ApplicationId);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
fromBodyRightsModel.Application = authUserModel.Application;
// New rights must have a unique name
var rightsRepository = new RightsRepository(context);
var sameNameRights = rightsRepository.GetByApplicationIdAndName(authUserModel.ApplicationId, fromBodyRightsModel.Name);
if (sameNameRights.Count() > 0)
{
messages.Add(new Message(MessageTypeEnum.Error,
4001,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(BadRequest(messages));
}
// Rights data validity and logic validity
messages = sharedValidationHelper.ValidateRights(authUserModel.Application.ApplicationDescriptor,
fromBodyRightsModel.DataDictionary);
if (messages.Count != 0)
{
return(BadRequest(messages));
}
#endregion
rightsRepository.Add(fromBodyRightsModel);
messages.Add(new Message(MessageTypeEnum.Info,
4002,
new List <string>()
{
fromBodyRightsModel.Name
}));
return(Ok(messages));
}
public IActionResult DeleteById(long id)
{
// List of messages
var messages = new List <Message>();
// Authentication
var controllerHelper = new ControllerHelper(context);
var authUserModel = controllerHelper.Authenticate(HttpContext.User.Identity as ClaimsIdentity);
if (authUserModel == null)
{
return(Unauthorized());
}
// Authorization
if (!AuthorizationHelper.IsAuthorized(authUserModel, (long)SystemDatasetsEnum.Users, RightsEnum.CRUD))
{
return(Forbid());
}
#region VALIDATIONS
// Get data from database
var userRepository = new UserRepository(context);
var userModel = userRepository.GetById(authUserModel.ApplicationId, id);
if (userModel == null)
{
messages.Add(new Message(MessageTypeEnum.Error,
3004,
new List <string>()
{
authUserModel.Application.LoginApplicationName,
id.ToString()
}));
Logger.LogMessagesToConsole(messages);
return(BadRequest(messages));
}
// Can not delete last user of the application
if (userRepository.GetAllByApplicationId(authUserModel.ApplicationId).Count() <= 1)
{
messages.Add(new Message(MessageTypeEnum.Error,
3013,
new List <string>()));
return(BadRequest(messages));
}
// Delete validity check
using (var transaction = context.Database.BeginTransaction())
{
// Set to delete or remove all references from data referencing userModel to delete
if (controllerHelper.IfCanBeDeletedPerformDeleteActions(authUserModel, userModel))
{
// Remove model itself
userRepository.Remove(userModel);
// Save all performed changes into the database
transaction.Commit();
messages.Add(new Message(MessageTypeEnum.Info,
3005,
new List <string>()
{
userModel.GetUsername()
}));
return(Ok(messages));
}
// UserModel to delete or other model that should be deleted can not be deleted
transaction.Rollback();
messages.Add(new Message(MessageTypeEnum.Error,
3014,
new List <string>()));
return(BadRequest(messages));
}
#endregion
}