public IHttpActionResult Put(int id, [FromBody] ProductData value) { string token = GetAuthToken(); IHttpActionResult validation = ValidateOwnerProduct(token, id); if (validation != null) { return(validation); } validation = ValidateProductData(value, token, true); if (validation != null) { return(validation); } DataAccessSoapClient ws = new DataAccessSoapClient(); var binding = ws.ChannelFactory.Endpoint.Binding as BasicHttpBinding; binding.MaxReceivedMessageSize = int.MaxValue; Product target = ws.FindProduct(new DataAccessWS.Security { BinarySecurityToken = token }, id); assignProperties(target, value, token); target.Id = id; Product updated = ws.UpdateProduct(new DataAccessWS.Security { BinarySecurityToken = token }, target); return(Ok(CreateRestProduct(updated))); }
private bool ValidateProductExists(string token, long id) { DataAccessSoapClient dataWS = new DataAccessSoapClient(); var binding = dataWS.ChannelFactory.Endpoint.Binding as BasicHttpBinding; binding.MaxReceivedMessageSize = int.MaxValue; Product target = dataWS.FindProduct(new DataAccessWS.Security { BinarySecurityToken = token }, id); return(target != null); }
public IHttpActionResult Get(int id) { string token = GetAuthToken(); IHttpActionResult validation = ValidateToken(token); if (validation != null) { return(validation); } if (!ValidateProductExists(token, id)) { return(NotFound()); } DataAccessSoapClient ws = new DataAccessSoapClient(); var binding = ws.ChannelFactory.Endpoint.Binding as BasicHttpBinding; binding.MaxReceivedMessageSize = int.MaxValue; Product product = ws.FindProduct(new DataAccessWS.Security { BinarySecurityToken = token }, id); return(Ok(CreateRestProduct(product))); }
private IHttpActionResult ValidateOwnerProduct(string token, long productId) { try { IdentityWSSoapClient ws = new IdentityWSSoapClient(); IdentityData identity = ws.GetIdentity(new IdentityWS.Security { BinarySecurityToken = token }); if (identity == null) { return(Unauthorized()); } DataAccessSoapClient dataWS = new DataAccessSoapClient(); var binding = dataWS.ChannelFactory.Endpoint.Binding as BasicHttpBinding; binding.MaxReceivedMessageSize = int.MaxValue; Product target = dataWS.FindProduct(new DataAccessWS.Security { BinarySecurityToken = token }, productId); if (target == null) { return(NotFound()); } User owner = dataWS.FindUser(new DataAccessWS.Security { BinarySecurityToken = token }, target.seller_id); if (!owner.Username.Equals(identity.Username)) { return(Unauthorized()); } } catch (FaultException ex) { return(BadRequest("Invalid security token")); } return(null); }