//[Permission(Action = ActionName.CanCreate)]
public IHttpActionResult Create([FromBody] AppRoleDto role)
{
return(CreateResponse(() =>
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var model = Mapper.Map <AppRoleDto, AppRole>(role);
RoleManager.Create(model);
//add new permissions for role
foreach (var permission in role.Permissions)
{
_permissionService.Add(new Permission
{
RoleId = model.Id,
FunctionId = permission.FunctionId,
CanRead = permission.CanRead,
CanUpdate = permission.CanUpdate,
CanDelete = permission.CanDelete,
CanCreate = permission.CanCreate
});
}
UnitOfWork.Commit();
return Created(new Uri(Request.RequestUri + "/" + model.Id), role);
}));
}
//[Permission(Action = ActionName.CanUpdate)]
public IHttpActionResult Edit(string id, [FromBody] AppRoleDto role)
{
return(CreateResponse(() =>
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var model = RoleManager.FindById(id);
if (model == null)
{
return Content(HttpStatusCode.NotFound, ApiMessage.RoleNotFound);
}
Mapper.Map(role, model);
RoleManager.Update(model);
// update permisison for role
foreach (var permission in role.Permissions)
{
var permissionInDb = _permissionService.Get(permission.RoleId, permission.FunctionId);
permissionInDb.CanCreate = permission.CanCreate;
permissionInDb.CanDelete = permission.CanDelete;
permissionInDb.CanRead = permission.CanRead;
permissionInDb.CanUpdate = permission.CanUpdate;
_permissionService.Update(permissionInDb);
}
UnitOfWork.Commit();
return StatusCode(HttpStatusCode.NoContent);
}));
}
