public async Task <IHttpActionResult> MoveAsync(string portalUri, string pageUri, [FromBody] string uri, CancellationToken cancellationToken)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var page = await _portalManager.GetPageByUriAsync(portal, pageUri, cancellationToken);

            if (page == null)
            {
                return(NotFound());
            }
            var referencePage = (uri == null) ? null : await _portalManager.GetPageByUriAsync(portal, uri, cancellationToken);

            var validationResult = await _portalManager.MovePageAsync(portal, page, referencePage, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }
Exemple #2
0
 public static async Task <HttpResponseMessage> CreateResponseAsync(
     [QueryParameter(Name = "login_process_id")] Guid credentialProcessId,
     [OptionalQueryParameter(Name = "ApiKeySecurity")] string apiSecurityKey,
     ApiSecurity apiSecurity,
     EastFive.Api.Azure.AzureApplication application, HttpRequestMessage request,
     RedirectResponse redirectResponse,
     ViewStringResponse viewResponse)
 {
     return(await await CredentialProcessDocument.FindByIdAsync(credentialProcessId,
                                                                async (document) =>
     {
         var providerKvp = await application.AuthorizationProviders
                           .Where(prov => prov.Value.GetType().FullName == document.Provider)
                           .FirstAsync(
             value => value,
             () => default(KeyValuePair <string, IProvideAuthorization>));
         var provider = providerKvp.Value;
         Enum.TryParse(document.Action, out AuthenticationActions action);
         return await ResponseController.CreateResponse(application, provider, document.Method, action,
                                                        document.SessionId, document.AuthorizationId, document.Token, document.RefreshToken,
                                                        document.GetValuesCredential(), request.RequestUri,
                                                        document.RedirectUrl.IsNullOrWhiteSpace(
                                                            () => null,
                                                            redirUrlString => new Uri(redirUrlString)),
                                                        (redirectUri, message) => redirectResponse(redirectUri),
                                                        (code, message, reason) => viewResponse($"<html><head><title>{reason}</title></head><body>{message}</body></html>", null),
                                                        application.Telemetry);
     },
                                                                () => viewResponse("", null).AsTask(),
                                                                BlackBarLabs.Persistence.Azure.StorageTables.AzureStorageRepository.CreateRepository(
                                                                    EastFive.Azure.AppSettings.ASTConnectionStringKey)));
 }
        public async Task <IHttpActionResult> PostContentAsync(string portalUri, string pageUri, [FromBody] SetPageBodyDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var page = await _portalManager.GetPageByUriAsync(portal, pageUri, PageField.All, cancellationToken);

            if (page == null)
            {
                return(NotFound());
            }

            page.HtmlContent  = model.HtmlContent;
            page.StyleContent = model.StyleContent;

            var validationResult = await _portalManager.ReplacePageAsync(portal, page, page, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok(ModelMapper.ToPageDto(page)));
        }
        public async Task <IHttpActionResult> PostFileAsync(int projectId, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            using (var content = await Request.Content.ReadAsFileStreamAsync(cancellationToken))
            {
                var contactManager = new ContactManager(_projectManager);
                switch (content.FileExtension.ToLower())
                {
                case ".xls":
                    await contactManager.ImportFromXlsAsync(project, content.FileStream, cancellationToken);

                    break;

                case ".xlsx":
                    await contactManager.ImportFromXlsxAsync(project, content.FileStream, cancellationToken);

                    break;

                default:
                    return(StatusCode(HttpStatusCode.UnsupportedMediaType));
                }
            }
            return(Ok());
        }
 public static async Task <HttpResponseMessage> GetAllSecureAsync(
     [QueryParameter(Name = "ApiKeySecurity")] string apiSecurityKey,
     [QueryParameter(Name = "authorization")] IRef <Authorization> authorizationRef,
     ApiSecurity apiSecurity,
     AzureApplication application,
     HttpRequestMessage request,
     MultipartResponseAsync <Authorization> onContent,
     RedirectResponse onSuccess,
     NotFoundResponse onNotFound,
     ForbiddenResponse onFailure)
 {
     return(await await authorizationRef.StorageGetAsync(
                async authorization =>
     {
         return await await Method.ById(authorization.Method, application,
                                        async method =>
         {
             return await await method.ParseTokenAsync(authorization.parameters, application,
                                                       (externalId, loginProvider) =>
             {
                 return Auth.Redirection.ProcessAsync(authorization,
                                                      async updatedAuth =>
                 {
                 }, method, externalId, authorization.parameters,
                                                      Guid.NewGuid(), request.RequestUri, application, loginProvider,
                                                      (uri) => onSuccess(uri),
                                                      (why) => onFailure().AddReason(why),
                                                      application.Telemetry);
             },
                                                       why => onFailure().AddReason(why).AsTask());
         },
                                        () => onFailure().AddReason("Method no longer supported").AsTask());
     },
                () => onNotFound().AsTask()));
 }
Exemple #6
0
        public async Task <IHttpActionResult> MoveAsync(int id, [FromBody] ActionSortOrderDto model, CancellationToken cancellationToken)
        {
            var action = await _projectManager.GetActionByIdAsync(id, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }
            var referenceAction = default(ActionItem);

            if (model != null)
            {
                referenceAction = await _projectManager.GetActionByIdAsync((int)model.ReferenceId, cancellationToken);

                if (referenceAction == null)
                {
                    return(NotFound());
                }
            }
            var project = await _projectManager.FindByIdAsync(action.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            var validationResult = await _projectManager.MoveActionBeforeAsync(project, action, referenceAction, cancellationToken);

            return(this.ValidationContent(validationResult));
        }
Exemple #7
0
        public async Task <IHttpActionResult> PutAsync(int id, [FromBody] ActionItemDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var action = await _projectManager.GetActionByIdAsync(id, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(action.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            action.Type         = model.Type;
            action.Enabled      = model.Enabled;
            action.Name         = model.Name;
            action.Options      = model.Options;
            action.ModifiedDate = DateTime.UtcNow;

            var validationResult = await _projectManager.ReplaceActionAsync(project, action, action, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(new ActionContentResult(_actionLinkService, action, this));
        }
        public async Task <IHttpActionResult> PutAsync(string uri, [FromBody] SetPortalHeadDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            ValidationResult validationResult;

            if (model.Uri != null)
            {
                validationResult = await _portalManager.SetUriAsync(portal, model.Uri, cancellationToken);

                if (!validationResult.Succeeded)
                {
                    return(this.ValidationContent(validationResult));
                }
            }

            portal.Name         = model.Name;
            portal.Description  = model.Description;
            portal.GATrackingId = model.GATrackingId;

            validationResult = await _portalManager.UpdateAsync(portal, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }

            return(Ok(ModelMapper.ToPortalDto(portal)));
        }
Exemple #9
0
        public async Task <IHttpActionResult> PutAsync(int id, [FromBody] MailMessageItemDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, MailMessageField.Project, cancellationToken);

            if (mailMessage == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(mailMessage.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            mailMessage.Subject = model.Subject;
            mailMessage.Body    = model.Body;
            var validationResult = await _projectManager.ReplaceMailMessageAsync(project, mailMessage, mailMessage, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok(mailMessage));
        }
   public override void OnAuthorization(System.Web.Http.Controllers.HttpActionContext actionContext)  
   {  
       if (actionContext.Request.Headers.Authorization == null)  
       {  
           actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);  
       }  
       else  
       {  
           // Gets header parameters  
           string authenticationString = actionContext.Request.Headers.Authorization.Parameter;  
           string originalString = Encoding.UTF8.GetString(Convert.FromBase64String(authenticationString));  
 
           // Gets username and password  
           string usrename = originalString.Split(':')[0];  
           string password = originalString.Split(':')[1];  
 
           // Validate username and password  
           if (!ApiSecurity.VaidateUser(usrename, password))  
           {  
               // returns unauthorized error  
               actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.Unauthorized);  
           }  
       }  
 
       base.OnAuthorization(actionContext);  
   }  
        public async Task <IHttpActionResult> DeleteAsync(AccessObjectType objectType, int objectId, [FromBody] string email, CancellationToken cancellationToken)
        {
            await ApiSecurity.AuthorizeAsync(objectType, objectId, AccessPermission.IsOwner, cancellationToken);

            AccessRuleItem trustee;

            if (email == null)
            {
                trustee = await _securityManager.GetAccessRuleAsync(objectType, objectId, cancellationToken);
            }
            else
            {
                trustee = await _securityManager.GetAccessRuleByUserEmailAsync(objectType, objectId, email, cancellationToken);
            }
            if (trustee == null)
            {
                ModelState.AddModelError("", string.Format(SecurityApiResources.UserNotFound, email ?? "Anyone"));
                return(BadRequest());
            }

            var validationResult = await _securityManager.RemoveAccessRuleAsync(objectType, objectId, trustee, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(StatusCode(HttpStatusCode.NoContent));
        }
Exemple #12
0
        public async Task <IHttpActionResult> PutAsync(int id, [FromBody] BusinessTagItemDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            var businessTag = await _projectManager.GetBusinessTagByIdAsync(id, cancellationToken);

            if (businessTag == null)
            {
                return(NotFound());
            }
            var project = await _projectManager.FindByIdAsync(businessTag.Project.Id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            businessTag.Name  = model.Name;
            businessTag.Color = model.Color;
            var validationResult = await _projectManager.ReplaceBusinessTagAsync(project, businessTag, businessTag, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(new BusinessTagContentResult(HttpStatusCode.OK, businessTag, this));
        }
        public async Task <IHttpActionResult> PostAsync(AccessObjectType objectType, int objectId, [FromBody] CreateAccessRuleDto model, CancellationToken cancellationToken)
        {
            if (model == null || !ModelState.IsValid)
            {
                return(BadRequest());
            }
            await ApiSecurity.AuthorizeAsync(objectType, objectId, AccessPermission.IsOwner, cancellationToken);

            ValidationResult validationResult;

            if (model.Anyone)
            {
                validationResult = await _securityManager.SetAccessRuleAsync(objectType, objectId, new AccessRuleItem { Permission = model.Permission, Visibility = model.Visibility }, cancellationToken);
            }
            else
            {
                var user = await _userManager.FindByEmailAsync(model.Email, cancellationToken);

                if (user == null)
                {
                    ModelState.AddModelError("", string.Format(SecurityApiResources.UserNotFound, model.Email));
                    return(BadRequest());
                }
                validationResult = await _securityManager.SetAccessRuleAsync(objectType, objectId, new AccessRuleItem { User = user, Permission = model.Permission, Visibility = model.Visibility }, cancellationToken);
            }
            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok(model));
        }
Exemple #14
0
        public async Task <IHttpActionResult> PostAsync(string portalUri, string mediaUri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            var media = default(MediaItem);

            using (var content = await Request.Content.ReadAsFileStreamAsync(cancellationToken))
            {
                var validationResult = await _portalManager.AddMediaAsync(
                    portal,
                    null,
                    media = new MediaItem
                {
                    Uri  = content.FileName,
                    Type = MimeMapping.GetMimeMapping(content.FileName),
                    Name = content.FileName
                },
                    content.FileStream,
                    cancellationToken);

                if (!validationResult.Succeeded)
                {
                    return(this.ValidationContent(validationResult));
                }
            }

            return(CreatedAtRoute(
                       "Portals.Media.GetByUri",
                       new RouteValueDictionary {
                ["portalUri"] = portal.Uri, ["mediaUri"] = media.Uri
            },
                       ModelMapper.ToMediaDto(media, uri => _portalManager.GetMediaLinkByUri(portal.Uri, uri))));
        }
        public async Task <IHttpActionResult> PostMasterPageByUriAsync(string uri, [FromBody] string masterPageUri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            ValidationResult validationResult;

            if (masterPageUri == null)
            {
                validationResult = await _portalManager.SetMasterPageAsync(portal, null, cancellationToken);
            }
            else
            {
                var masterPage = await _portalManager.GetPageByUriAsync(portal, masterPageUri, cancellationToken);

                if (masterPage == null)
                {
                    return(BadRequest(string.Format(PortalApiResources.PageNotFound, uri)));
                }
                validationResult = await _portalManager.SetMasterPageAsync(portal, masterPage, cancellationToken);
            }
            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }
        public async Task <IHttpActionResult> PostProjectByUriAsync(string uri, [FromBody] int?projectId, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);

            ProjectItem project = null;

            if (projectId != null)
            {
                project = await _projectManager.FindByIdAsync((int)projectId, cancellationToken);

                if (project == null)
                {
                    return(BadRequest(string.Format(PortalApiResources.ProjectNotFound, projectId)));
                }
                await ApiSecurity.AuthorizeAsync(project, AccessPermission.IsOwner, cancellationToken);
            }
            var validationResult = await _portalManager.SetProjectAsync(portal, project, cancellationToken);

            if (!validationResult.Succeeded)
            {
                return(this.ValidationContent(validationResult));
            }
            return(Ok());
        }
Exemple #17
0
        public IHttpActionResult Post(PostFlightRootObject _model, string user, string pass)
        {
            if (!ApiSecurity.Login(user, pass))
            {
                return(Unauthorized());
            }

            try
            {
                using (SunExpressEntities context = new SunExpressEntities())
                {
                    var pFList = _model.PostFlightData.PostFlight;

                    foreach (var item in pFList)
                    {
                        var postFlight = new Orm.PostFlight
                        {
                            AircraftRegistrationNo = item.AircraftRegistrationNo,
                            Airline            = item.Airline,
                            ArrivalTime        = item.ArrivalTime,
                            DepartureTime      = item.DepartureTime,
                            DestinationAirport = item.DestinationAirport,
                            FlightDate         = DateToOLEFormat(item.FlightDate),
                            FlightNum          = item.FlightNum,
                            OriginatingAirport = item.OriginatingAirport,
                            PassengerCount     = Convert.ToInt32(item.PassengerCount),
                        };

                        context.PostFlight.Add(postFlight);

                        context.SaveChanges();

                        int pFID = postFlight.PostFlightID;

                        if (item.Crews.CrewId.Count > 0)
                        {
                            foreach (var crew in item.Crews.CrewId)
                            {
                                var postFlightCrew = new PostFlightCrew();

                                postFlightCrew.CrewID       = crew;
                                postFlightCrew.PostFlightID = pFID;

                                context.PostFlightCrew.Add(postFlightCrew);
                            }
                        }

                        context.SaveChanges();
                    }
                }

                return(Ok("Saved Successfully"));
                //return Json("SavedSuccesfully");
            }
            catch (Exception ex)
            {
                return(BadRequest($" {ex.Message}, Error: Not Saved!"));
            }
        }
Exemple #18
0
        public async Task <IHttpActionResult> GetAllAsync(int projectId, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanView, cancellationToken);

            return(Ok(await _projectManager.GetBusinessTagsAsync(project, cancellationToken)));
        }
        public async Task <IHttpActionResult> GetByUriAsync(string uri, PortalQueryField fields, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, (PortalField)(fields & ~PortalQueryField.Pages), cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanView, cancellationToken);

            return(Ok(ModelMapper.ToPortalDto(portal, fields.HasFlag(PortalQueryField.Pages) ? await _portalManager.GetPagesAsync(portal, cancellationToken) : null)));
        }
Exemple #20
0
        public IActionResult Create(string username, string password)
        {
            _logger.LogInformation("Creating Token", username, password);

            if (ApiSecurity.AuthenticationIsValid(username, password))
            {
                return(new ObjectResult(ApiSecurity.GenerateToken()));
            }
            return(BadRequest());
        }
Exemple #21
0
        public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(id, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.IsOwner, cancellationToken);

            await _projectManager.DeleteAsync(project, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }
        public async Task <IHttpActionResult> DeleteAsync(string uri, CancellationToken cancellationToken)
        {
            var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);

            await ApiSecurity.AuthorizeAsync(portal, AccessPermission.IsOwner, cancellationToken);

            await _portalManager.DeleteAsync(portal, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }
Exemple #23
0
        public async Task <IHttpActionResult> GetByLinkAsync(string link, CancellationToken cancellationToken)
        {
            var actionLink = _actionLinkService.DecodeLink(link);
            var action     = await _projectManager.GetActionByIdAsync(actionLink.ActionId, cancellationToken);

            var contact = actionLink.ContactId != null ? await _projectManager.GetContactByIdAsync((int)actionLink.ContactId, ContactField.None, cancellationToken) : null;

            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);

            return(new ActionLinkContentResult(_actionLinkService, action, contact, actionLink.CustomUri, this));
        }
Exemple #24
0
        public async Task <IHttpActionResult> GetByIdAsync(int id, MailMessageField fields, CancellationToken cancellationToken)
        {
            var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, fields | MailMessageField.Project, cancellationToken);

            if (mailMessage == null)
            {
                return(NotFound());
            }
            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, mailMessage.Project.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(mailMessage));
        }
        public async Task <IHttpActionResult> DeleteAllAsync(int projectId, [FromBody] IEnumerable <int> model, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

            var contacts = await _projectManager.GetContactsAsync(project, model, ContactSortOrder.None, ContactField.None, cancellationToken);

            await _projectManager.RemoveContactsAsync(project, contacts, cancellationToken);

            return(StatusCode(HttpStatusCode.NoContent));
        }
        public async Task <IHttpActionResult> GetByIdAsync(int id, PageField fields, CancellationToken cancellationToken)
        {
            var page = await _portalManager.GetPageByIdAsync(id, fields | PageField.Portal, cancellationToken);

            if (page == null)
            {
                return(NotFound());
            }
            await ApiSecurity.AuthorizeAsync(AccessObjectType.Portal, page.Portal.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(ModelMapper.ToPageDto(page)));
        }
        public async Task <IHttpActionResult> GetById(int id, ContactField fields, CancellationToken cancellationToken)
        {
            var contact = await _projectManager.GetContactByIdAsync(id, fields | ContactField.Project, cancellationToken);

            if (contact == null)
            {
                return(NotFound());
            }

            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, contact.Project.Id, AccessPermission.CanView, cancellationToken);

            return(Ok(contact));
        }
Exemple #28
0
        public async Task <IHttpActionResult> GetByLinkIdAsync(int id, CancellationToken cancellationToken)
        {
            var action = await _projectManager.GetActionByLinkIdAsync(id, cancellationToken);

            if (action == null)
            {
                return(NotFound());
            }

            await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);

            return(new ActionContentResult(_actionLinkService, action, this));
        }
        public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
        {
            var contact = await _projectManager.GetContactByIdAsync(id, ContactField.Project, cancellationToken);

            if (contact != null)
            {
                var project = await _projectManager.FindByIdAsync(contact.Project.Id, cancellationToken);

                await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);

                await _projectManager.RemoveContactAsync(project, contact, cancellationToken);
            }
            return(StatusCode(HttpStatusCode.NoContent));
        }
Exemple #30
0
        public async Task <IHttpActionResult> GetByNameAsync(int projectId, string name, CancellationToken cancellationToken)
        {
            var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);

            await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanView, cancellationToken);

            var businessTag = await _projectManager.GetBusinessTagByNameAsync(project, name, cancellationToken);

            if (businessTag == null)
            {
                return(NotFound());
            }
            return(new BusinessTagContentResult(HttpStatusCode.OK, businessTag, this));
        }