public IHttpActionResult UpdateApp(int id, AppDO app) { UnitUser unitUser = this.unitOfWork.DbContext.Set<UnitUser>().FirstOrDefault(e => e.UserId == this.userContext.UserId); ClassificationPermission editPermission = this.classificationRepository.GetByAlias("Edit"); ClassificationPermission readPermission = this.classificationRepository.GetByAlias("Read"); bool hasEditPermission = this.appRepository.HasPermission(unitUser.UnitId, id, editPermission.ClassificationPermissionId) && this.appRepository.HasPermission(unitUser.UnitId, id, readPermission.ClassificationPermissionId); if (!hasEditPermission) { return Unauthorized(); } var oldApp = this.appRepository.Find(id); oldApp.EnsureForProperVersion(app.Version); oldApp.AopEmployerId = app.AopEmployerId; oldApp.Email = app.Email; //I oldApp.STAopApplicationTypeId = app.STAopApplicationTypeId; oldApp.STObjectId = app.STObjectId; oldApp.STSubject = app.STSubject; oldApp.STCriteriaId = app.STCriteriaId; oldApp.STValue = app.STValue; oldApp.STRemark = app.STRemark; oldApp.STIsMilitary = app.STIsMilitary; oldApp.STNoteTypeId = app.STNoteTypeId; oldApp.STDocId = app.STDocId; oldApp.STChecklistId = app.STChecklistId; oldApp.STChecklistStatusId = app.STChecklistStatusId; oldApp.STNoteId = app.STNoteId; //II oldApp.NDAopApplicationTypeId = app.NDAopApplicationTypeId; oldApp.NDObjectId = app.NDObjectId; oldApp.NDSubject = app.NDSubject; oldApp.NDCriteriaId = app.NDCriteriaId; oldApp.NDValue = app.NDValue; oldApp.NDIsMilitary = app.NDIsMilitary; oldApp.NDROPIdNum = app.NDROPIdNum; oldApp.NDROPUnqNum = app.NDROPUnqNum; oldApp.NDROPDate = app.NDROPDate; oldApp.NDProcedureStatusId = app.NDProcedureStatusId; oldApp.NDRefusalReason = app.NDRefusalReason; oldApp.NDAppeal = app.NDAppeal; oldApp.NDRemark = app.NDRemark; oldApp.NDDocId = app.NDDocId; oldApp.NDChecklistId = app.NDChecklistId; oldApp.NDChecklistStatusId = app.NDChecklistStatusId; oldApp.NDReportId = app.NDReportId; //aop set oldapp.docid if not set this.unitOfWork.Save(); this.appRepository.ExecSpSetAopApplicationTokens(aopApplicationId: oldApp.AopApplicationId); this.appRepository.ExecSpSetAopApplicationUnitTokens(aopApplicationId: oldApp.AopApplicationId); return Ok(new { err = "", aopApplicationId = oldApp.AopApplicationId }); }
public IHttpActionResult GetApp(int id) { UnitUser unitUser = this.unitOfWork.DbContext.Set<UnitUser>().FirstOrDefault(e => e.UserId == this.userContext.UserId); ClassificationPermission readPermission = this.classificationRepository.GetByAlias("Read"); bool hasReadPermission = this.appRepository.HasPermission(unitUser.UnitId, id, readPermission.ClassificationPermissionId); if (!hasReadPermission) { return Unauthorized(); } AopApp app = this.appRepository.Find(id, e => e.CreateUnit, e => e.AopEmployer); if (app == null) { return NotFound(); } AppDO returnValue = new AppDO(app); #region DocRelations //ST if (app.STDocId.HasValue) { var dr = unitOfWork.DbContext.Set<DocRelation>() .Include(e => e.Doc.DocCasePartType) .Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User)) .Include(e => e.Doc.DocDirection) .Include(e => e.Doc.DocType) .Include(e => e.Doc.DocStatus) .FirstOrDefault(e => e.DocId == app.STDocId.Value); returnValue.STDocRelation = new DocRelationDO(dr); } if (app.STChecklistId.HasValue) { var dr = unitOfWork.DbContext.Set<DocRelation>() .Include(e => e.Doc.DocCasePartType) .Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User)) .Include(e => e.Doc.DocDirection) .Include(e => e.Doc.DocType) .Include(e => e.Doc.DocStatus) .FirstOrDefault(e => e.DocId == app.STChecklistId.Value); returnValue.STChecklistRelation = new DocRelationDO(dr); } if (app.STNoteId.HasValue) { var dr = unitOfWork.DbContext.Set<DocRelation>() .Include(e => e.Doc.DocCasePartType) .Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User)) .Include(e => e.Doc.DocDirection) .Include(e => e.Doc.DocType) .Include(e => e.Doc.DocStatus) .FirstOrDefault(e => e.DocId == app.STNoteId.Value); returnValue.STNoteRelation = new DocRelationDO(dr); } //ND if (app.NDDocId.HasValue) { var dr = unitOfWork.DbContext.Set<DocRelation>() .Include(e => e.Doc.DocCasePartType) .Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User)) .Include(e => e.Doc.DocDirection) .Include(e => e.Doc.DocType) .Include(e => e.Doc.DocStatus) .FirstOrDefault(e => e.DocId == app.NDDocId.Value); returnValue.NDDocRelation = new DocRelationDO(dr); } if (app.NDChecklistId.HasValue) { var dr = unitOfWork.DbContext.Set<DocRelation>() .Include(e => e.Doc.DocCasePartType) .Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User)) .Include(e => e.Doc.DocDirection) .Include(e => e.Doc.DocType) .Include(e => e.Doc.DocStatus) .FirstOrDefault(e => e.DocId == app.NDChecklistId.Value); returnValue.NDChecklistRelation = new DocRelationDO(dr); } if (app.NDReportId.HasValue) { var dr = unitOfWork.DbContext.Set<DocRelation>() .Include(e => e.Doc.DocCasePartType) .Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User)) .Include(e => e.Doc.DocDirection) .Include(e => e.Doc.DocType) .Include(e => e.Doc.DocStatus) .FirstOrDefault(e => e.DocId == app.NDReportId.Value); returnValue.NDReportRelation = new DocRelationDO(dr); } #endregion #region Set permissions List<vwAopApplicationUser> vwAopApplicationUsers = this.appRepository.GetvwAopApplicationUsersForAppByUnitId(id, unitUser); returnValue.CanRead = vwAopApplicationUsers.Any(e => e.AopApplicationId == app.AopApplicationId && e.ClassificationPermission.Alias == "Read"); returnValue.CanEdit = vwAopApplicationUsers.Any(e => e.AopApplicationId == app.AopApplicationId && e.ClassificationPermission.Alias == "Edit"); #endregion return Ok(returnValue); }