public async Task <IActionResult> Search([FromBody] SearchModel <OrderSearchModel> searchModel) { var websiteId = TokenRole.Equals(nameof(Role.SuperAdmin)) ? (int?)null : WebsiteId; var orders = await this.orderService.SearchAsync(websiteId, searchModel); return(Ok(new ApiResponse <PaginationResponse <List <OrderModel> > >(orders))); }
public async Task <IActionResult> Post(UserModel userModel) { //Prevent Administrator create user on other website if (TokenRole != null && TokenRole.Equals(nameof(Role.Administrator)) && this.TokenWebsiteId != this.WebsiteId) { return(Ok(new ApiResponse <UserModel>( Structure.Enums.StatusCode.Forbidden, Constants.MessageResponse.ForbiddenError))); } Role role; int websiteId; //If token role is super admin => create administrator user else create normal user if (TokenRole != null && TokenRole.Equals(nameof(Role.SuperAdmin))) { role = Role.Administrator; websiteId = userModel.WebsiteId; } else { role = Role.User; websiteId = this.WebsiteId; } await userService.CreateAsync(websiteId, role, userModel); return(Ok(new ApiResponse <UserModel>())); }
public async Task <IActionResult> ChangeStatus(int id, [FromBody] Status status) { var websiteId = TokenRole.Equals(nameof(Role.SuperAdmin)) ? (int?)null : this.WebsiteId; await userService.ChangeStatusAsync(websiteId, id, (int)status); return(Ok(new ApiResponse <UserModel>())); }
public async Task <IActionResult> Put(int id, UserUpdateModel userModel) { var websiteId = TokenRole.Equals(nameof(Role.SuperAdmin)) ? userModel.WebsiteId : this.WebsiteId; await userService.UpdateAsync(websiteId, id, userModel); return(Ok(new ApiResponse <UserUpdateModel>())); }
public async Task <IActionResult> Get(int id) { //Prevent user get information of other user if (TokenRole.Equals(nameof(Role.User)) && this.UserId != id) { return(Ok(new ApiResponse <UserModel>( Structure.Enums.StatusCode.Forbidden, Constants.MessageResponse.ForbiddenError))); } var websiteId = TokenRole.Equals(nameof(Role.SuperAdmin)) ? (int?)null : this.WebsiteId; var user = await userService.GetByIdAsync(websiteId, id); return(Ok(new ApiResponse <UserModel>(user))); }