/// <summary>
/// Returns a formatted 403 error response using the message of the specified exception
/// </summary>
/// <param name="controller">The ApiController instance using the helper</param>
/// <param name="ex">The NotPermittedException to extract the message from</param>
public IHttpActionResult NotPermittedResponse(ApiController controller, NotPermittedException ex)
{
var response = new SimpleCommandResponseData();
response.Errors = new ValidationError[] { new ValidationError(ex.Message) };
response.IsValid = false;
return(new NegotiatedContentResult <SimpleCommandResponseData>(HttpStatusCode.Forbidden, response, controller));
}
/// <summary>
/// Returns a formatted 403 error response using the message of the specified exception
/// </summary>
/// <param name="controller">The Controller instance using the helper</param>
/// <param name="ex">The NotPermittedException to extract the message from</param>
public IActionResult NotPermittedResponse(ControllerBase controller, NotPermittedException ex)
{
var response = new SimpleCommandResponseData();
response.Errors = new ValidationError[] { new ValidationError(ex.Message) };
response.IsValid = false;
return(controller.StatusCode(403, response));
}
public JsonResult NotPermittedResponse(NotPermittedException ex)
{
var response = new ApiResponseHelperResult();
response.Errors = new ValidationError[] { new ValidationError(ex.Message) };
response.IsValid = false;
var jsonResult = CreateJsonResult(response, 403);
return(jsonResult);
}
public async Task TryCheckout(CheckoutDto dto)
{
await Execute(async() => {
using (UnitOfWork db = new UnitOfWork())
{
CheckPointEntity checkPoint = await db.GetRepo <CheckPointEntity>().Get(dto.CheckPointId.Value);
AccountEntity account = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);
if (dto.CurrentManufactoryId.Value != checkPoint.Manufactory1Id && dto.CurrentManufactoryId.Value != checkPoint.Manufactory2Id)
{
DataValidationException exception = new DataValidationException();
exception.Add(
typeof(CheckoutDto), nameof(CheckoutDto.CurrentManufactoryId),
$"{nameof(CheckoutDto.CurrentManufactoryId)} must be one of manufactories associated with check point"
);
throw exception;
}
CheckPointEventEntity checkPointEvent = new CheckPointEventEntity()
{
account_id = account.id,
check_point_id = checkPoint.id,
is_direct = checkPoint.Manufactory1Id == dto.CurrentManufactoryId.Value,
timespan = DateTime.Now
};
ManufactoryEntity targetManufactory = checkPointEvent.is_direct ? checkPoint.Manufactory2 : checkPoint.Manufactory1;
NotPermittedException ex = null;
if (account.Roles.SelectMany(r => r.ManufactoryPermissions).Any(m => m.id == targetManufactory.id))
{
checkPointEvent.log = $"Checkout to Manufactory #{targetManufactory.id} via Check Point ${checkPoint.id} by Account #{account.id}: SUCCESS";
}
else
{
checkPointEvent.log = $"Checkout to Manufactory #{targetManufactory.id} via Check Point ${checkPoint.id} by Account #{account.id}: ACCESS DENIED";
ex = new NotPermittedException(checkPointEvent.log);
}
await db.GetRepo <CheckPointEventEntity>().Create(checkPointEvent);
await db.Save();
if (ex != null)
{
throw ex;
}
}
});
}
public async Task TryEnter(EnterLeaveDto dto)
{
await Execute(async() => {
using (UnitOfWork db = new UnitOfWork())
{
EnterLeavePointEntity enterLeavePoint = await db.GetRepo <EnterLeavePointEntity>().Get(dto.EnterLeavePointId.Value);
AccountEntity account = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);
EnterLeavePointEventEntity enterLeavePointEvent = new EnterLeavePointEventEntity()
{
account_id = account.id,
enter_leave_point_id = enterLeavePoint.id,
is_enter = true,
timespan = DateTime.Now
};
NotPermittedException ex = null;
if (account.Roles.SelectMany(r => r.ManufactoryPermissions).Any(m => m.id == enterLeavePoint.Manufactory.id))
{
enterLeavePointEvent.log = $"Enter to Manufactory #{enterLeavePoint.Manufactory.id} via Enter Point ${enterLeavePoint.id} by Account #{account.id}: SUCCESS";
}
else
{
enterLeavePointEvent.log = $"Enter to Manufactory #{enterLeavePoint.Manufactory.id} via Enter Point ${enterLeavePoint.id} by Account #{account.id}: ACCESS DENIED";
ex = new NotPermittedException(enterLeavePointEvent.log);
}
await db.GetRepo <EnterLeavePointEventEntity>().Create(enterLeavePointEvent);
await db.Save();
if (ex != null)
{
throw ex;
}
}
});
}
public async Task TryInteract(PipelineItemInteractionDto dto)
{
await Execute(async() => {
using (UnitOfWork db = new UnitOfWork())
{
PipelineItemEntity pipelineItem = await db.GetRepo <PipelineItemEntity>().Get(dto.PipelineItemId.Value);
AccountEntity account = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);
PipelineItemInteractionEventEntity pipelineItemEvent = new PipelineItemInteractionEventEntity()
{
account_id = account.id,
pipeline_item_id = pipelineItem.id,
timespan = DateTime.Now
};
NotPermittedException ex = null;
if (account.Roles.SelectMany(r => r.PipelineItemPermissions).Any(m => m.id == pipelineItem.id))
{
pipelineItemEvent.log = $"Interaction with Pipeline item #{pipelineItem.id} by Account #{account.id}: SUCCESS";
}
else
{
pipelineItemEvent.log = $"Interaction with Pipeline item #{pipelineItem.id} by Account #{account.id}: ACCESS DENIED";
ex = new NotPermittedException(pipelineItemEvent.log);
}
await db.GetRepo <PipelineItemInteractionEventEntity>().Create(pipelineItemEvent);
await db.Save();
if (ex != null)
{
throw ex;
}
}
});
}
public async Task TryInteract(DetectorInteractionDto dto)
{
await Execute(async() => {
using (UnitOfWork db = new UnitOfWork())
{
DetectorEntity detector = await db.GetRepo <DetectorEntity>().Get(dto.DetectorId.Value);
AccountEntity account = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);
DetectorInteractionEventEntity detectorEvent = new DetectorInteractionEventEntity()
{
account_id = account.id,
detector_id = detector.id,
timespan = DateTime.Now
};
NotPermittedException ex = null;
if (account.Roles.SelectMany(r => r.DetectorPermissions).Any(m => m.id == detector.id))
{
detectorEvent.log = $"Interaction with Detector #{detector.id} by Account #{account.id}: SUCCESS";
}
else
{
detectorEvent.log = $"Interaction with Detector #{detector.id} by Account #{account.id}: ACCESS DENIED";
ex = new NotPermittedException(detectorEvent.log);
}
await db.GetRepo <DetectorInteractionEventEntity>().Create(detectorEvent);
await db.Save();
if (ex != null)
{
throw ex;
}
}
});
}
public async Task TryInteract(StorageCellInteractionDto dto)
{
await Execute(async() => {
using (UnitOfWork db = new UnitOfWork())
{
StorageCellEntity storageCell = await db.GetRepo <StorageCellEntity>().Get(dto.StorageCellId.Value);
AccountEntity account = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);
StorageCellEventEntity storageCellEvent = new StorageCellEventEntity()
{
account_id = account.id,
storage_cell_id = storageCell.id,
timespan = DateTime.Now
};
NotPermittedException ex = null;
if (account.Roles.SelectMany(r => r.StorageCellPermissions).Any(m => m.id == storageCell.id))
{
storageCellEvent.log = $"Interaction with Storage cell #{storageCell.id} by Account #{account.id}: SUCCESS";
}
else
{
storageCellEvent.log = $"Interaction with Storage cell #{storageCell.id} by Account #{account.id}: ACCESS DENIED";
ex = new NotPermittedException(storageCellEvent.log);
}
await db.GetRepo <StorageCellEventEntity>().Create(storageCellEvent);
await db.Save();
if (ex != null)
{
throw ex;
}
}
});
}
