public async Task DeleteCommentAsync(int id) { Comment comment = await _dbContext.FindAsync <Comment>(id); if (!(await _businessSecurityService.HasWriteAccess(comment.IdUser))) { throw new SecurityException($"No access to comment, id: {id}"); } _dbContext.Remove(comment); await this._dbContext.SaveChangesAsync(); }
private async Task CheckAccessToCourseInstance(int idCourseInstance) { CourseInstance instance = await _dbContext.FindAsync <CourseInstance>(idCourseInstance); //Security Check bool hasWriteAccess = await _businessSecurityService.HasWriteAccess(instance.IdUser); //Security Check if (!hasWriteAccess) { throw new SecurityException("no access to this course instance"); } }
public async Task <QuestionDto> GetQuestionAsync(int id) { Question questionEntity = await _dbContext.FindAsync <Question>(id); if (questionEntity == null) { throw new EntityNotFoundException(id, typeof(Question)); } QuestionDto questionDto = new QuestionDto { Id = questionEntity.Id, Text = questionEntity.Text, Title = questionEntity.Title, QuestionType = questionEntity.QuestionType, Explanation = questionEntity.Explanation, Status = (int)questionEntity.Status, Language = questionEntity.Language.ToString(), }; //Authorization questionDto.IsEditable = await _businessSecurityService.HasWriteAccess(questionEntity.IdUser); //Vote-Statistics questionDto.Votes = await _commentsService.GetVoteAsync(id); //Options questionDto.Options = await _dbContext.QuestionOptions .Where(x => x.IdQuestion == id) .OrderBy(x => x.Id) .Select(x => new QuestionOptionDto { Id = x.Id, IsTrue = x.IsTrue, Text = x.Text, }).ToListAsync(); //Tags questionDto.Tags = await _dbContext.RelQuestionTags .Where(x => x.IdQuestion == id) .Select(x => new TagDto { Id = x.Tag.Id, Name = x.Tag.Name, Description = x.Tag.Description, ShortDescDe = x.Tag.ShortDescDe, ShortDescEn = x.Tag.ShortDescEn, IdTagType = (int)x.Tag.TagType, }).ToListAsync(); //Images questionDto.Images = await _dbContext.RelQuestionImages .Where(x => x.IdQuestion == id) .Select(x => new ImageDto { Id = x.Image.Id, IdBinary = x.Image.Binary.Id, Full = x.Image.Full, Height = x.Image.Height, Width = x.Image.Width, }).ToListAsync(); return(questionDto); }