public async Task <IActionResult> GetUser(int userId)
{
User currentUser = await HttpContext.GetContextUser(userService)
.ConfigureAwait(false);
bool isAllowed = await authorizationHelper.UserIsAllowed(currentUser,
nameof(Defaults.Scopes.UserRead),
nameof(Defaults.Scopes.InstitutionUserRead),
userId);
if (!isAllowed)
{
return(Forbid());
}
if (userId < 0)
{
ProblemDetails problem = new ProblemDetails
{
Title = "Failed getting the user account.",
Detail =
"The user id is less then zero and therefore cannot exist in the database.",
Instance = "EAF7FEA1-47E9-4CF8-8415-4D3BC843FB71"
};
return(BadRequest(problem));
}
User user = await userService.FindAsync(userId);
if (user == null)
{
ProblemDetails problem = new ProblemDetails
{
Title = "Failed getting the user account.",
Detail = "The user could not be found in the database.",
Instance = "140B718F-9ECD-4F68-B441-F85C1DC7DC32"
};
return(NotFound(problem));
}
return(Ok(mapper.Map <User, UserResourceResult>(user)));
}
public async Task <IActionResult> DeleteEmbeddedProject(string guid)
{
EmbeddedProject embeddedProject = await embedService.FindAsync(new Guid(guid));
if (embeddedProject == null)
{
ProblemDetails problem = new ProblemDetails
{
Title = "Embedded project not found.",
Detail = "There was no embedded project found with this GUID.",
Instance = "35730158-1DED-4767-9C70-253C7A975715"
};
return(NotFound(problem));
}
string identity = HttpContext.User.GetIdentityId(HttpContext);
User user = await userService.GetUserByIdentityIdAsync(identity);
bool isAllowed = await authorizationHelper.UserIsAllowed(user,
nameof(Defaults.Scopes.EmbedWrite),
nameof(Defaults.Scopes.InstitutionEmbedWrite),
embeddedProject.UserId);
if (!(embeddedProject.User.IdentityId == identity || isAllowed))
{
ProblemDetails problem = new ProblemDetails
{
Title = "User is not allowed to delete the embedded project.",
Detail =
"The user does not own the project and does not have enough privileges to delete an embed project.",
Instance = "35730158-1DED-4767-9C70-253C7A975715"
};
return(Unauthorized(problem));
}
await embedService.RemoveAsync(embeddedProject.Id);
embedService.Save();
return(Ok());
}
public async Task <IActionResult> DeleteProject(int projectId)
{
Project project = await projectService.FindAsync(projectId)
.ConfigureAwait(false);
if (project == null)
{
ProblemDetails problem = new ProblemDetails
{
Title = "Failed to delete the project.",
Detail = "The project could not be found in the database.",
Instance = "AF63CF48-ECAA-4996-BAA0-BF52926D12AC"
};
return(NotFound(problem));
}
User user = await HttpContext.GetContextUser(userService)
.ConfigureAwait(false);
bool isAllowed = await authorizationHelper.UserIsAllowed(user,
nameof(Defaults.Scopes.ProjectWrite),
nameof(Defaults.Scopes.InstitutionProjectWrite),
project.UserId);
if (!(project.UserId == user.Id || isAllowed))
{
ProblemDetails problem = new ProblemDetails
{
Title = "Failed to delete the project.",
Detail = "The user is not allowed to delete the project.",
Instance = "D0363680-5B4F-40A1-B381-0A7544C70164"
};
return(Unauthorized(problem));
}
if (project.ProjectIconId.HasValue)
{
// We need to delete the old file.
File fileToDelete = await fileService.FindAsync(project.ProjectIconId.Value);
try
{
// Remove the file from the database
await fileService.RemoveAsync(fileToDelete.Id)
.ConfigureAwait(false);
fileService.Save();
// Remove the file from the filesystem
fileUploader.DeleteFileFromDirectory(fileToDelete);
} catch (FileNotFoundException)
{
ProblemDetails problem = new ProblemDetails
{
Title = "File could not be deleted because the path does not exist.",
Detail = "File could not be found.",
Instance = "367594c4-1fab-47ae-beb4-a41b53c65a18"
};
return(NotFound(problem));
}
}
await projectService.RemoveAsync(projectId)
.ConfigureAwait(false);
projectService.Save();
return(Ok());
}
