private Outcome GetOutcome(Outcome request)
{
var id = request?.Id;
Outcome ret = null;
var query = DocQuery.ActiveQuery ?? Execute;
DocPermissionFactory.SetVisibleFields <Outcome>(currentUser, "Outcome", request.VisibleFields);
DocEntityOutcome entity = null;
if (id.HasValue)
{
entity = DocEntityOutcome.GetOutcome(id.Value);
}
if (null == entity)
{
throw new HttpError(HttpStatusCode.NotFound, $"No Outcome found for Id {id.Value}");
}
if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.VIEW))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have VIEW permission for this route.");
}
ret = entity?.ToDto();
return(ret);
}
public void Delete(Outcome request)
{
using (Execute)
{
Execute.Run(ssn =>
{
if (!(request?.Id > 0))
{
throw new HttpError(HttpStatusCode.NotFound, $"No Id provided for delete.");
}
var en = DocEntityOutcome.GetOutcome(request?.Id);
if (null == en)
{
throw new HttpError(HttpStatusCode.NotFound, $"No Outcome could be found for Id {request?.Id}.");
}
if (en.IsRemoved)
{
return;
}
if (!DocPermissionFactory.HasPermission(en, currentUser, DocConstantPermission.DELETE))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have DELETE permission for this route.");
}
en.Remove();
DocCacheClient.RemoveSearch(DocConstantModelName.OUTCOME);
DocCacheClient.RemoveById(request.Id);
});
}
}
public Outcome Post(OutcomeCopy request)
{
Outcome ret = null;
using (Execute)
{
Execute.Run(ssn =>
{
var entity = DocEntityOutcome.GetOutcome(request?.Id);
if (null == entity)
{
throw new HttpError(HttpStatusCode.NoContent, "The COPY request did not succeed.");
}
if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.ADD))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have ADD permission for this route.");
}
var pDocumentSets = entity.DocumentSets.ToList();
var pName = entity.Name;
if (!DocTools.IsNullOrEmpty(pName))
{
pName += " (Copy)";
}
var pURI = entity.URI;
if (!DocTools.IsNullOrEmpty(pURI))
{
pURI += " (Copy)";
}
#region Custom Before copyOutcome
#endregion Custom Before copyOutcome
var copy = new DocEntityOutcome(ssn)
{
Hash = Guid.NewGuid()
, Name = pName
, URI = pURI
};
foreach (var item in pDocumentSets)
{
entity.DocumentSets.Add(item);
}
#region Custom After copyOutcome
#endregion Custom After copyOutcome
copy.SaveChanges(DocConstantPermission.ADD);
ret = copy.ToDto();
});
}
return(ret);
}
private Outcome _AssignValues(Outcome request, DocConstantPermission permission, Session session)
{
if (permission != DocConstantPermission.ADD && (request == null || request.Id <= 0))
{
throw new HttpError(HttpStatusCode.NotFound, $"No record");
}
if (permission == DocConstantPermission.ADD && !DocPermissionFactory.HasPermissionTryAdd(currentUser, "Outcome"))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have ADD permission for this route.");
}
request.VisibleFields = request.VisibleFields ?? new List <string>();
Outcome ret = null;
request = _InitAssignValues <Outcome>(request, permission, session);
//In case init assign handles create for us, return it
if (permission == DocConstantPermission.ADD && request.Id > 0)
{
return(request);
}
var cacheKey = GetApiCacheKey <Outcome>(DocConstantModelName.OUTCOME, nameof(Outcome), request);
//First, assign all the variables, do database lookups and conversions
var pDocumentSets = request.DocumentSets?.ToList();
var pName = request.Name;
var pURI = request.URI;
DocEntityOutcome entity = null;
if (permission == DocConstantPermission.ADD)
{
var now = DateTime.UtcNow;
entity = new DocEntityOutcome(session)
{
Created = now,
Updated = now
};
}
else
{
entity = DocEntityOutcome.GetOutcome(request.Id);
if (null == entity)
{
throw new HttpError(HttpStatusCode.NotFound, $"No record");
}
}
//Special case for Archived
var pArchived = true == request.Archived;
if (DocPermissionFactory.IsRequestedHasPermission <bool>(currentUser, request, pArchived, permission, DocConstantModelName.OUTCOME, nameof(request.Archived)))
{
if (DocPermissionFactory.IsRequested(request, pArchived, entity.Archived, nameof(request.Archived)))
{
if (DocResources.Metadata.IsInsertOnly(DocConstantModelName.OUTCOME, nameof(request.Archived)) && DocConstantPermission.ADD != permission)
{
throw new HttpError(HttpStatusCode.Forbidden, $"{nameof(request.Archived)} cannot be modified once set.");
}
}
if (DocTools.IsNullOrEmpty(pArchived) && DocResources.Metadata.IsRequired(DocConstantModelName.OUTCOME, nameof(request.Archived)))
{
throw new HttpError(HttpStatusCode.BadRequest, $"{nameof(request.Archived)} requires a value.");
}
entity.Archived = pArchived;
if (DocPermissionFactory.IsRequested <bool>(request, pArchived, nameof(request.Archived)) && !request.VisibleFields.Matches(nameof(request.Archived), ignoreSpaces: true))
{
request.VisibleFields.Add(nameof(request.Archived));
}
}
if (DocPermissionFactory.IsRequestedHasPermission <string>(currentUser, request, pName, permission, DocConstantModelName.OUTCOME, nameof(request.Name)))
{
if (DocPermissionFactory.IsRequested(request, pName, entity.Name, nameof(request.Name)))
{
if (DocResources.Metadata.IsInsertOnly(DocConstantModelName.OUTCOME, nameof(request.Name)) && DocConstantPermission.ADD != permission)
{
throw new HttpError(HttpStatusCode.Forbidden, $"{nameof(request.Name)} cannot be modified once set.");
}
}
if (DocTools.IsNullOrEmpty(pName) && DocResources.Metadata.IsRequired(DocConstantModelName.OUTCOME, nameof(request.Name)))
{
throw new HttpError(HttpStatusCode.BadRequest, $"{nameof(request.Name)} requires a value.");
}
entity.Name = pName;
if (DocPermissionFactory.IsRequested <string>(request, pName, nameof(request.Name)) && !request.VisibleFields.Matches(nameof(request.Name), ignoreSpaces: true))
{
request.VisibleFields.Add(nameof(request.Name));
}
}
if (DocPermissionFactory.IsRequestedHasPermission <string>(currentUser, request, pURI, permission, DocConstantModelName.OUTCOME, nameof(request.URI)))
{
if (DocPermissionFactory.IsRequested(request, pURI, entity.URI, nameof(request.URI)))
{
if (DocResources.Metadata.IsInsertOnly(DocConstantModelName.OUTCOME, nameof(request.URI)) && DocConstantPermission.ADD != permission)
{
throw new HttpError(HttpStatusCode.Forbidden, $"{nameof(request.URI)} cannot be modified once set.");
}
}
if (DocTools.IsNullOrEmpty(pURI) && DocResources.Metadata.IsRequired(DocConstantModelName.OUTCOME, nameof(request.URI)))
{
throw new HttpError(HttpStatusCode.BadRequest, $"{nameof(request.URI)} requires a value.");
}
entity.URI = pURI;
if (DocPermissionFactory.IsRequested <string>(request, pURI, nameof(request.URI)) && !request.VisibleFields.Matches(nameof(request.URI), ignoreSpaces: true))
{
request.VisibleFields.Add(nameof(request.URI));
}
}
if (request.Locked)
{
entity.Locked = request.Locked;
}
entity.SaveChanges(permission);
if (DocPermissionFactory.IsRequestedHasPermission <List <Reference> >(currentUser, request, pDocumentSets, permission, DocConstantModelName.OUTCOME, nameof(request.DocumentSets)))
{
if (true == pDocumentSets?.Any())
{
var requestedDocumentSets = pDocumentSets.Select(p => p.Id).Distinct().ToList();
var existsDocumentSets = Execute.SelectAll <DocEntityDocumentSet>().Where(e => e.Id.In(requestedDocumentSets)).Select(e => e.Id).ToList();
if (existsDocumentSets.Count != requestedDocumentSets.Count)
{
var nonExists = requestedDocumentSets.Where(id => existsDocumentSets.All(eId => eId != id));
throw new HttpError(HttpStatusCode.NotFound, $"Cannot patch collection DocumentSets with objects that do not exist. No matching DocumentSets(s) could be found for Ids: {nonExists.ToDelimitedString()}.");
}
var toAdd = requestedDocumentSets.Where(id => entity.DocumentSets.All(e => e.Id != id)).ToList();
toAdd?.ForEach(id =>
{
var target = DocEntityDocumentSet.GetDocumentSet(id);
if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.ADD, targetEntity: target, targetName: nameof(Outcome), columnName: nameof(request.DocumentSets)))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have permission to add {nameof(request.DocumentSets)} to {nameof(Outcome)}");
}
entity.DocumentSets.Add(target);
});
var toRemove = entity.DocumentSets.Where(e => requestedDocumentSets.All(id => e.Id != id)).Select(e => e.Id).ToList();
toRemove.ForEach(id =>
{
var target = DocEntityDocumentSet.GetDocumentSet(id);
if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.REMOVE, targetEntity: target, targetName: nameof(Outcome), columnName: nameof(request.DocumentSets)))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have permission to remove {nameof(request.DocumentSets)} from {nameof(Outcome)}");
}
entity.DocumentSets.Remove(target);
});
}
else
{
var toRemove = entity.DocumentSets.Select(e => e.Id).ToList();
toRemove.ForEach(id =>
{
var target = DocEntityDocumentSet.GetDocumentSet(id);
if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.REMOVE, targetEntity: target, targetName: nameof(Outcome), columnName: nameof(request.DocumentSets)))
{
throw new HttpError(HttpStatusCode.Forbidden, "You do not have permission to remove {nameof(request.DocumentSets)} from {nameof(Outcome)}");
}
entity.DocumentSets.Remove(target);
});
}
if (DocPermissionFactory.IsRequested <List <Reference> >(request, pDocumentSets, nameof(request.DocumentSets)) && !request.VisibleFields.Matches(nameof(request.DocumentSets), ignoreSpaces: true))
{
request.VisibleFields.Add(nameof(request.DocumentSets));
}
}
DocPermissionFactory.SetVisibleFields <Outcome>(currentUser, nameof(Outcome), request.VisibleFields);
ret = entity.ToDto();
var cacheExpires = DocResources.Metadata.GetCacheExpiration(DocConstantModelName.OUTCOME);
DocCacheClient.Set(key: cacheKey, value: ret, entityId: request.Id, entityType: DocConstantModelName.OUTCOME, cacheExpires);
return(ret);
}
