public IHttpActionResult Get(int id) { try { var identity = HttpContext.Current.User.Identity as ClaimsIdentity; OGE450User = UserInfo.GetUser(identity); var form = OGEForm450.Get(id); if (form != null) { // Return unauthorized if user is not admin or reviewer and trying to access someone elses filing if (!OGE450User.IsAdmin && !OGE450User.IsReviewer && form.Filer != OGE450User.Upn) { return(Unauthorized()); } SetReportableInformation(form); return(Json(form, CamelCase)); } else { return(BadRequest("Form not found.")); } } catch (Exception ex) { return(HandleException(ex)); } }
public IHttpActionResult Update(ExtensionRequest item) { var oldItem = ExtensionRequest.Get(item.Id); var identity = HttpContext.Current.User.Identity as ClaimsIdentity; OGE450User = UserInfo.GetUser(identity); try { // Can only access extensions if is a reviewer or admin or if it is your extension request if (OGE450User.IsReviewer || OGE450User.IsAdmin || OGE450User.CurrentFormId == item.OGEForm450Id) { var result = item.RunBusinessRules(OGE450User, oldItem); if (result == "") { var ext = item.Save(); if (item.Status == "Approved") { var form = OGEForm450.Get(item.OGEForm450Id); form.Extend(item); } item.ProcessEmails(); return(Json(ext, CamelCase)); } else { throw new Exception(result); } } else { return(Unauthorized()); } } catch (Exception ex) { return(HandleException(ex)); } }
public IHttpActionResult Update(OGEForm450 item) { try { var identity = HttpContext.Current.User.Identity as ClaimsIdentity; OGE450User = UserInfo.GetUser(identity); // Return unauthorized if user is not admin or reviewer and trying to update someone elses filing if (!OGE450User.IsAdmin && !OGE450User.IsReviewer && item.Filer != OGE450User.Upn) { return(Unauthorized()); } item = ClearEmptyReportableInformation(item); var oldItem = OGEForm450.Get(item.Id); var filer = UserInfo.GetUser(item.Filer); item.AppUser = OGE450User.DisplayName; item.CorrelationId = Guid.NewGuid().ToString(); if (item.ReportableInformationList != null) { item.ReportableInformationList.ForEach(x => x.CorrelationId = item.CorrelationId); item.ReportableInformationList.ForEach(x => x.AppUser = item.AppUser); } item.RunBusinessRules(OGE450User, filer, oldItem); if (item.ReportableInformationList != null) { item.SaveReportableInformation(); } var form = item.Save(); if (form.FormStatus == Constants.FormStatus.CERTIFIED) { Employee.FormCertified(form); var extensions = ExtensionRequest.GetPendingExtensions(form.Id); foreach (ExtensionRequest ext in extensions) { // If there are any pending requests for this form, cancel them. ext.Status = Constants.ExtensionStatus.CANCELED; ext.Save(); } } // wait until after Save to process emails, if an error occurs it will be caught and the emails will not get processed. item.ProcessEmails(); SetReportableInformation(form); return(Json(form, CamelCase)); } catch (Exception ex) { return(HandleException(ex)); } }