/// <summary>
/// Can do Permission to Document
/// </summary>
/// <param name="permission">The Permission.</param>
/// <param name="document">The Document.</param>
/// <returns>True if can.</returns>
protected bool CanAsync(Permission permission, ILocationPath document)
{
var authorizationResult = AuthorizationService
.AuthorizeAsync(User, document, new PermissionRequirement(permission)).Result;
return(authorizationResult.Succeeded);
}
private async Task <ActionResult <PutCaseBreakdownEventResponse> > UpsertEvent <TEvent, TRequest>(
string examinationId,
Permission permission,
[FromBody] TRequest caseBreakdownEvent)
where TEvent : IEvent
{
if (!ModelState.IsValid)
{
return(BadRequest(new PutCaseBreakdownEventResponse()));
}
if (caseBreakdownEvent == null)
{
return(BadRequest(new PutCaseBreakdownEventResponse()));
}
var user = await CurrentUser();
var theEvent = Mapper.Map <TEvent>(caseBreakdownEvent);
theEvent = SetEventUserStatuses(theEvent, user);
var examination =
await _examinationRetrievalService.Handle(new ExaminationRetrievalQuery(examinationId, user));
if (examination == null)
{
return(NotFound(new PutCaseBreakdownEventResponse()));
}
if (!CanAsync(permission, examination))
{
return(Forbid());
}
var result = await _eventCreationService.Handle(new CreateEventQuery(examinationId, theEvent));
if (result == null)
{
return(NotFound(new PutCaseBreakdownEventResponse()));
}
var patientCard = Mapper.Map <PatientCardItem>(result.Examination);
var res = new PutCaseBreakdownEventResponse
{
Header = patientCard,
EventId = result.EventId
};
return(Ok(res));
}
/// <summary>
/// Locations With Permission.
/// </summary>
/// <param name="permission">Permission.</param>
/// <returns>List of Location Ids.</returns>
protected async Task <IEnumerable <string> > LocationsWithPermission(Permission permission)
{
var currentUser = await CurrentUser();
return(PermissionService.LocationIdsWithPermission(currentUser, permission).Distinct());
}