Esempio n. 1
0
        public async Task ExecuteAsync(QueryContext context)
        {
            if (context.IsArrayModel())
            {
                var models = context.ToModels <T>() ?? throw new QueryException("models is required", QueryErrorCode.BadRequest);
                if (context.Descriptor.OnlyOwnerCanCreate)
                {
                    var authContext = new AuthorizationContext <T>(context);
                    var errors      = new List <RecordError>(models.Length);
                    for (var index = 0; index < models.Length; ++index)
                    {
                        var model      = models[index];
                        var authorized = await authContext.AuthorizeAsync(model, context.Descriptor.CreatePolicy);

                        if (authorized)
                        {
                            continue;
                        }

                        errors.Add(new RecordError
                        {
                            ErrorCode        = QueryErrorCode.Unauthorized,
                            ErrorDescription = QueryErrorCode.Unauthorized.ToString(),
                            At = index
                        });
                    }

                    if (errors.Count > 0)
                    {
                        context.Fail(errors, QueryErrorCode.Unauthorized, "unauthorized");
                        return;
                    }
                }

                if (context.Descriptor.Validate)
                {
                    var validationContext = new ValidationContext <T>(context);
                    var errors            = new List <RecordError>(models.Length);
                    for (var index = 0; index < models.Length; ++index)
                    {
                        var model            = models[index];
                        var validationResult = await validationContext.ValidateAsync(model, context.CancellationToken);

                        if (validationResult.IsValid)
                        {
                            continue;
                        }

                        errors.Add(new RecordError
                        {
                            ErrorCode        = QueryErrorCode.ValidationError,
                            ErrorDescription = QueryErrorCode.ValidationError.ToString(),
                            At      = index,
                            Details = validationResult.Errors
                        });
                    }

                    if (errors.Count > 0)
                    {
                        context.Fail(errors, QueryErrorCode.ValidationError, QueryErrorCode.ValidationError.ToString());
                        return;
                    }
                }

                await _repo.AddRangeAsync(models, context.CancellationToken);

                context.Succeed(models);
            }
            else
            {
                var model = context.ToModel <T>() ?? throw new QueryException("model is required", QueryErrorCode.BadRequest);

                if (context.Descriptor.OnlyOwnerCanCreate)
                {
                    var authContext = new AuthorizationContext <T>(context);
                    var authorized  = await authContext.AuthorizeAsync(model, context.Descriptor.CreatePolicy);

                    if (!authorized)
                    {
                        context.Fail(null, QueryErrorCode.Unauthorized, "unauthorized");
                        return;
                    }
                }

                if (context.Descriptor.Validate)
                {
                    var validationContext = new ValidationContext <T>(context);
                    var validationResult  = await validationContext.ValidateAsync(model, context.CancellationToken);

                    if (!validationResult.IsValid)
                    {
                        context.Fail(validationResult.Errors, QueryErrorCode.ValidationError, QueryErrorCode.ValidationError.ToString());
                        return;
                    }
                }

                await _repo.AddAsync(model, context.CancellationToken);

                context.Succeed(model);
            }
        }