Esempio n. 1
0
        public async Task <ActionResult <PublicUserProfileModel> > GetUserProfile([FromBody] int userId)
        {
            var token        = ExtractHeader(HttpContext, "Authorization", ',', 1);
            var claims       = new List <BusinessModels.UserAccessControl.UserClaimModel>();
            var accessPolicy = _authorizationPolicyManager.ConfigureCustomPolicy(new List <string>()
            {
                "user_profile:read"
            }, claims);

            if (!_authorizationResolutionManager.Authorize(token, accessPolicy))
            {
                return(StatusCode(403));
            }
            try
            {
                return(Ok(await _publicUserProfileManager.GetUserProfileAsync(userId)));
            }
            catch
            {
                return(StatusCode(404));
            }
        }
Esempio n. 2
0
        public async Task <ActionResult <bool> > DeleteAccountAsync([FromBody] DeleteModel deleteModel)
        {
            try
            {
                var token  = ExtractHeader(HttpContext, "Authorization", ',', 1);
                var claims = new List <BusinessModels.UserAccessControl.UserClaimModel>();
                claims.Add(new BusinessModels.UserAccessControl.UserClaimModel("Id", deleteModel.id.ToString()));

                var accessPolicy = _authorizationPolicyManager.ConfigureCustomPolicy(new List <string>()
                {
                    "account:delete"
                }, claims);
                return(await _userAccountSettingsService.DeleteAccountByUserIDAsync(deleteModel.id, deleteModel.password));
            }
            catch
            {
                return(false);
            }
        }
        public async Task <ActionResult <List <BusinessListingModel> > > GetAllParentListing()
        {
            var token        = ExtractHeader(HttpContext, "Authorization", ',', 1);
            var claims       = new List <BusinessModels.UserAccessControl.UserClaimModel>();
            var accessPolicy = _authorizationPolicyManager.ConfigureCustomPolicy(new List <string>()
            {
                "listings:read"
            }, claims);

            if (!_authorizationResolutionManager.Authorize(token, accessPolicy))
            {
                return(StatusCode(403));
            }
            try
            {
                return(Ok((await _listingSearchManager.GetAllListings()).SuccessValue));
            }
            catch
            {
                return(StatusCode(404));
            }
        }
Esempio n. 4
0
        public async Task <ActionResult <int> > FilloutForm([FromBody] ParentListingModel parentListingModel)
        {
            var token  = ExtractHeader(HttpContext, "Authorization", ',', 1);
            var claims = new List <BusinessModels.UserAccessControl.UserClaimModel>();

            claims.Add(new BusinessModels.UserAccessControl.UserClaimModel("Id", parentListingModel.UserAccountId.ToString()));
            var accessPolicy = _authorizationPolicyManager.ConfigureCustomPolicy(new List <string>()
            {
                "listings:write"
            }, claims);

            if (!_authorizationResolutionManager.Authorize(token, accessPolicy))
            {
                return(StatusCode(403));
            }

            var listingForm = new BusinessListingModel();

            listingForm.Title                = parentListingModel.Title;
            listingForm.Details              = parentListingModel.Details;
            listingForm.City                 = parentListingModel.City;
            listingForm.State                = parentListingModel.State;
            listingForm.InPersonOrRemote     = parentListingModel.InPersonOrRemote;
            listingForm.NumberOfParticipants = parentListingModel.NumberOfParticipants;
            listingForm.UserAccountId        = parentListingModel.UserAccountId;

            try
            {
                var fillOutResult = await _listingManager.CreateListing(listingForm);

                return(Ok(fillOutResult));
            }
            catch
            {
                return(StatusCode(404));
            }
        }
Esempio n. 5
0
        public async Task <ActionResult <IEnumerable <FriendListModel> > > GetAllFriends([FromBody] int userId)
        {
            var token  = ExtractHeader(HttpContext, "Authorization", ',', 1);
            var claims = new List <UserClaimModel>();

            claims.Add(new UserClaimModel("Id", userId.ToString()));
            var accessPolicy = _authorizationPolicyManager.ConfigureCustomPolicy(new List <string>()
            {
                "friends_list:read",
            }, claims);

            if (!_authorizationResolutionManager.Authorize(token, accessPolicy))
            {
                return(StatusCode(403));
            }

            try
            {
                return(Ok(await _friendListManager.GetAllFriendAsync(userId)));
            }
            catch
            {
                return(StatusCode(404));
            }
        }
Esempio n. 6
0
        public async Task <ActionResult <bool> > SendMessage([FromBody] SendMessageModel messageModel)
        {
            try
            {
                var token  = ExtractHeader(HttpContext, "Authorization", ',', 1);
                var claims = new List <BusinessModels.UserAccessControl.UserClaimModel>();
                claims.Add(new BusinessModels.UserAccessControl.UserClaimModel("Id", messageModel.UserId.ToString()));
                var accessPolicy = _authorizationPolicyManager.ConfigureCustomPolicy(new List <string>()
                {
                    "messaging:send"
                }, claims);
                if (!_authorizationResolutionManager.Authorize(token, accessPolicy))
                {
                    return(StatusCode(403));
                }

                MessageModel model = new MessageModel();
                model.ChannelId = messageModel.ChannelId;
                model.UserId    = messageModel.UserId;
                model.Message   = messageModel.Message;

                await _messagingService.SendMessageAsync(model);

                return(Ok(true));
            }
            catch
            {
                return(StatusCode(404));
            }
        }