public BoxModule(IBoxService boxService) : base("boxes")
{
this.RequiresAuthentication();
Get("", async args => await boxService.GetNamesForUserAsync(CurrentUsername));
Get("{name}", async args =>
{
var name = (string)args.name;
var hasAccess = await boxService.HasAccessAsync(name, CurrentUsername);
if (!hasAccess)
{
return(HttpStatusCode.Forbidden);
}
var box = await boxService.GetAsync(name);
if (box == null)
{
return(HttpStatusCode.NotFound);
}
return(new
{
name = box.Name,
owner = box.Owner,
createdAt = box.CreatedAt.FormatToString(),
updatedAt = box.UpdatedAt.FormatToString(),
entries = box.Entries.Select(x => x.Key).ToList(),
users = box.Users.Select(x => new
{
username = x.Username,
role = x.Role.ToString().ToLowerInvariant(),
isActive = x.IsActive
})
});
});
Post("{name}", async args =>
{
var name = (string)args.name;
await boxService.CreateAsync(name, CurrentUsername);
return(Created($"boxes/{name}"));
});
Delete("{name}", async args =>
{
var name = (string)args.name;
var hasAccess = await boxService.HasManagementAccess(name, CurrentUsername);
if (!hasAccess)
{
return(HttpStatusCode.Forbidden);
}
await boxService.DeleteAsync(name);
return(HttpStatusCode.NoContent);
});
}
