// GET api/<controller> /// <summary> /// Get Memories /// </summary> /// <remarks> /// Lists all memories, possibly just memories for user logged in for baby /// </remarks> public async Task <List <Dictionary <string, object> > > Get() { var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization); if (currentUser == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } var parameters = Request.GetQueryNameValuePairs().ToList(); List <Memory> memories; switch (currentUser.Role) { case "admin": memories = _dataHelpers.GetMemoriesForAdminRole(parameters); break; default: memories = _dataHelpers.GetMemoriesForNonAdminRole(currentUser, parameters); break; } return(memories.Select(memory => ResponseDictionary(memory)).ToList()); }
// Get: api/user/5 /// <summary> /// Get user by Id /// </summary> /// <remarks> /// For Admin User returns any user. /// For non-admin user, only returns info for the user. /// </remarks> /// <param name="id"></param> /// <returns>User</returns> /// <response code="401">Unauthorized: due to user not token not authorized or the request is not available to user role</response> /// <exception cref="HttpResponseException"></exception> //[SwaggerResponse(HttpStatusCode.OK, "User that was found", typeof(User))] public async Task <IHttpActionResult> Get(string id) { var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization); if (currentUser is null) { throw new HttpResponseException(HttpStatusCode.BadRequest); } if (currentUser.Id != id && currentUser.Role != BabyMemoryConstants.AdminUserRole) { throw new HttpResponseException(HttpStatusCode.BadRequest); } var user = _context.Load <User>(id); if (user is null) { return(BadRequest()); } return(Ok(ResponseDictionary(user))); }
// GET api/<controller> /// <summary> /// Get Babies /// </summary> /// <remarks> /// Admin Users get all babies. /// Basic Users get only babies for the user. /// </remarks> /// <returns>Where does this go?</returns> /// <example>Where is the example?</example> /// <exception cref="HttpResponseException"></exception> public async Task <List <Dictionary <string, object> > > Get() { var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization); if (currentUser == null) { throw new HttpResponseException(HttpStatusCode.Unauthorized); } var responseDictionaryList = new List <Dictionary <string, object> >(); if (currentUser.Role == BabyMemoryConstants.AdminUserRole) { var allBabies = _context.Scan <Baby>(); responseDictionaryList.AddRange(allBabies.Select(b => ResponseDictionary(b))); return(responseDictionaryList); } var userBabies = _dataHelpers.BabiesForUserAndRole(currentUser); responseDictionaryList.AddRange(userBabies.Select(userBaby => ResponseDictionary(userBaby))); return(responseDictionaryList); }