Exemple #1
0
        // GET api/<controller>
        /// <summary>
        /// Get Memories
        /// </summary>
        /// <remarks>
        /// Lists all memories, possibly just memories for user logged in for baby
        /// </remarks>
        public async Task <List <Dictionary <string, object> > > Get()
        {
            var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization);

            if (currentUser == null)
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }

            var parameters = Request.GetQueryNameValuePairs().ToList();

            List <Memory> memories;

            switch (currentUser.Role)
            {
            case "admin":
                memories = _dataHelpers.GetMemoriesForAdminRole(parameters);
                break;

            default:
                memories = _dataHelpers.GetMemoriesForNonAdminRole(currentUser, parameters);
                break;
            }

            return(memories.Select(memory => ResponseDictionary(memory)).ToList());
        }
Exemple #2
0
        // Get: api/user/5
        /// <summary>
        /// Get user by Id
        /// </summary>
        /// <remarks>
        /// For Admin User returns any user.
        /// For non-admin user, only returns info for the user.
        /// </remarks>
        /// <param name="id"></param>
        /// <returns>User</returns>
        /// <response code="401">Unauthorized: due to user not token not authorized or the request is not available to user role</response>
        /// <exception cref="HttpResponseException"></exception>
        //[SwaggerResponse(HttpStatusCode.OK, "User that was found", typeof(User))]
        public async Task <IHttpActionResult> Get(string id)
        {
            var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization);

            if (currentUser is null)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }

            if (currentUser.Id != id && currentUser.Role != BabyMemoryConstants.AdminUserRole)
            {
                throw new HttpResponseException(HttpStatusCode.BadRequest);
            }

            var user = _context.Load <User>(id);

            if (user is null)
            {
                return(BadRequest());
            }

            return(Ok(ResponseDictionary(user)));
        }
Exemple #3
0
        // GET api/<controller>
        /// <summary>
        /// Get Babies
        /// </summary>
        /// <remarks>
        /// Admin Users get all babies.
        /// Basic Users get only babies for the user.
        /// </remarks>
        /// <returns>Where does this go?</returns>
        /// <example>Where is the example?</example>
        /// <exception cref="HttpResponseException"></exception>
        public async Task <List <Dictionary <string, object> > > Get()
        {
            var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization);

            if (currentUser == null)
            {
                throw new HttpResponseException(HttpStatusCode.Unauthorized);
            }

            var responseDictionaryList = new List <Dictionary <string, object> >();

            if (currentUser.Role == BabyMemoryConstants.AdminUserRole)
            {
                var allBabies = _context.Scan <Baby>();
                responseDictionaryList.AddRange(allBabies.Select(b => ResponseDictionary(b)));
                return(responseDictionaryList);
            }

            var userBabies = _dataHelpers.BabiesForUserAndRole(currentUser);

            responseDictionaryList.AddRange(userBabies.Select(userBaby => ResponseDictionary(userBaby)));

            return(responseDictionaryList);
        }