public async Task <ActionResult> CreateOffer(OfferDto offer)
{
await _posAuthLoader.AssertResourceAccessAsync(User, offer.PointOfSaleId, IsAuthorizedUserPolicy.Instance);
var cmd = new CreateOffer(Guid.NewGuid(), offer.PointOfSaleId, offer.ProductId, offer.RecommendedPrice, offer.StockItemId, offer.ValidSince, offer.ValidUntil);
return(await SendAndHandleIdentifierResultCommand(cmd, nameof(GetOffer)));
}
public async Task <ActionResult <IPagedResult <StockItem> > > BrowseStockItemsAtPointOfSale(Guid posId, [FromQuery] BrowseStockItems query)
{
if (query.AtPointOfSaleId != null && query.AtPointOfSaleId != posId)
{
return(BadRequest($"The '{nameof(query.AtPointOfSaleId)}' query option must equal the ID from URL or must be left unset"));
}
await _posAuthLoader.AssertResourceAccessAsync(User, posId, IsAuthorizedUserPolicy.Instance);
return(Collection(await _stockItemsService.BrowseStockItems(query.Bind(q => q.AtPointOfSaleId, posId))));
}
public async Task <ActionResult <IPagedResult <AssignmentToPointOfSale> > > BrowseAssignmentsToSpecificPointOfSale(Guid posId, [FromQuery] BrowseAssignmentsToPointOfSale query)
{
await _posAuthLoader.AssertResourceAccessAsync(User, posId, IsAuthorizedUserPolicy.Instance);
return(Collection(await _identityService.BrowseAssignmentsToPointOfSale(query)));
}
public async Task <ActionResult> CreateAuthorizedUser(Guid id, Guid userId, UserAuthorizationDto userAuthorization)
{
await _authLoader.AssertResourceAccessAsync(User, id, IsOwnerPolicy.Instance);
return(await SendAndHandleOperationCommand(new CreatePointOfSaleUserAuthorization(id, userId, userAuthorization.Level)));
}
