public IHttpActionResult Put(int id, [FromBody] ProductData value)
{
string token = GetAuthToken();
IHttpActionResult validation = ValidateOwnerProduct(token, id);
if (validation != null)
{
return(validation);
}
validation = ValidateProductData(value, token, true);
if (validation != null)
{
return(validation);
}
DataAccessSoapClient ws = new DataAccessSoapClient();
var binding = ws.ChannelFactory.Endpoint.Binding as BasicHttpBinding;
binding.MaxReceivedMessageSize = int.MaxValue;
Product target = ws.FindProduct(new DataAccessWS.Security {
BinarySecurityToken = token
}, id);
assignProperties(target, value, token);
target.Id = id;
Product updated = ws.UpdateProduct(new DataAccessWS.Security {
BinarySecurityToken = token
}, target);
return(Ok(CreateRestProduct(updated)));
}
private bool ValidateProductExists(string token, long id)
{
DataAccessSoapClient dataWS = new DataAccessSoapClient();
var binding = dataWS.ChannelFactory.Endpoint.Binding as BasicHttpBinding;
binding.MaxReceivedMessageSize = int.MaxValue;
Product target = dataWS.FindProduct(new DataAccessWS.Security {
BinarySecurityToken = token
}, id);
return(target != null);
}
public IHttpActionResult Get(int id)
{
string token = GetAuthToken();
IHttpActionResult validation = ValidateToken(token);
if (validation != null)
{
return(validation);
}
if (!ValidateProductExists(token, id))
{
return(NotFound());
}
DataAccessSoapClient ws = new DataAccessSoapClient();
var binding = ws.ChannelFactory.Endpoint.Binding as BasicHttpBinding;
binding.MaxReceivedMessageSize = int.MaxValue;
Product product = ws.FindProduct(new DataAccessWS.Security {
BinarySecurityToken = token
}, id);
return(Ok(CreateRestProduct(product)));
}
private IHttpActionResult ValidateOwnerProduct(string token, long productId)
{
try
{
IdentityWSSoapClient ws = new IdentityWSSoapClient();
IdentityData identity = ws.GetIdentity(new IdentityWS.Security {
BinarySecurityToken = token
});
if (identity == null)
{
return(Unauthorized());
}
DataAccessSoapClient dataWS = new DataAccessSoapClient();
var binding = dataWS.ChannelFactory.Endpoint.Binding as BasicHttpBinding;
binding.MaxReceivedMessageSize = int.MaxValue;
Product target = dataWS.FindProduct(new DataAccessWS.Security {
BinarySecurityToken = token
}, productId);
if (target == null)
{
return(NotFound());
}
User owner = dataWS.FindUser(new DataAccessWS.Security {
BinarySecurityToken = token
}, target.seller_id);
if (!owner.Username.Equals(identity.Username))
{
return(Unauthorized());
}
}
catch (FaultException ex)
{
return(BadRequest("Invalid security token"));
}
return(null);
}