public async Task <IActionResult> UpdateEnrollee(int enrolleeId, EnrolleeProfileViewModel enrolleeProfile, [FromQuery] bool beenThroughTheWizard)
{
var enrollee = await _enrolleeService.GetEnrolleeNoTrackingAsync(enrolleeId);
if (enrollee == null)
{
return(NotFound(ApiResponse.Message($"Enrollee not found with id {enrolleeId}")));
}
if (!User.CanEdit(enrollee))
{
return(Forbid());
}
// If the enrollee is not in the status of 'Editable', it cannot be updated
if (!(await _enrolleeService.IsEnrolleeInStatusAsync(enrolleeId, StatusType.Editable)))
{
this.ModelState.AddModelError("Enrollee.CurrentStatus", "Enrollee can not be updated when the current status is not 'Editable'.");
return(BadRequest(ApiResponse.BadRequest(this.ModelState)));
}
await _enrolleeService.UpdateEnrolleeAsync(enrolleeId, enrolleeProfile, beenThroughTheWizard);
return(NoContent());
}
public async Task <ActionResult <EnrolleeViewModel> > Submit(int enrolleeId, EnrolleeUpdateModel updatedProfile)
{
var record = await _enrolleeService.GetPermissionsRecordAsync(enrolleeId);
if (record == null)
{
return(NotFound(ApiResponse.Message($"Enrollee not found with id {enrolleeId}")));
}
if (!record.EditableBy(User))
{
return(Forbid());
}
if (updatedProfile == null)
{
this.ModelState.AddModelError("EnrolleeUpdateModel", "New profile cannot be null.");
return(BadRequest(ApiResponse.BadRequest(this.ModelState)));
}
if (!await _enrolleeService.IsEnrolleeInStatusAsync(enrolleeId, StatusType.Editable))
{
this.ModelState.AddModelError("Enrollee.CurrentStatus", "Application can not be submitted when the current status is not 'Active'.");
return(BadRequest(ApiResponse.BadRequest(this.ModelState)));
}
updatedProfile.IdentityAssuranceLevel = User.GetIdentityAssuranceLevel();
updatedProfile.IdentityProvider = User.GetIdentityProvider();
await _submissionService.SubmitApplicationAsync(enrolleeId, updatedProfile);
var enrollee = await _enrolleeService.GetEnrolleeAsync(enrolleeId);
return(Ok(ApiResponse.Result(enrollee)));
}
public async Task <IActionResult> UpdateEnrollee(int enrolleeId, EnrolleeUpdateModel enrollee, [FromQuery] bool beenThroughTheWizard)
{
var record = await _enrolleeService.GetPermissionsRecordAsync(enrolleeId);
if (record == null)
{
return(NotFound(ApiResponse.Message($"Enrollee not found with id {enrolleeId}")));
}
if (!record.EditableBy(User))
{
return(Forbid());
}
// If the enrollee is not in the status of 'Editable', it cannot be updated
if (!(await _enrolleeService.IsEnrolleeInStatusAsync(enrolleeId, StatusType.Editable)))
{
ModelState.AddModelError("Enrollee.CurrentStatus", "Enrollee can not be updated when the current status is not 'Editable'.");
return(BadRequest(ApiResponse.BadRequest(ModelState)));
}
enrollee.SetTokenProperties(User);
await _enrolleeService.UpdateEnrolleeAsync(enrolleeId, enrollee, beenThroughTheWizard);
return(NoContent());
}
public async Task <IActionResult> UpdateEnrollee(int enrolleeId, Enrollee enrollee, [FromQuery] bool beenThroughTheWizard = false)
{
if (enrollee == null)
{
this.ModelState.AddModelError("Enrollee", "Could not update the enrollee, the passed in Enrollee cannot be null.");
return(BadRequest(new ApiBadRequestResponse(this.ModelState)));
}
if (enrollee == null || enrollee.Id == null)
{
this.ModelState.AddModelError("Enrollee.Id", "Enrollee Id is required to make updates.");
return(BadRequest(new ApiBadRequestResponse(this.ModelState)));
}
if (enrolleeId != enrollee.Id)
{
this.ModelState.AddModelError("Enrollee.Id", "Enrollee Id does not match with the payload.");
return(BadRequest(new ApiBadRequestResponse(this.ModelState)));
}
if (!_enrolleeService.EnrolleeExists(enrolleeId))
{
return(NotFound(new ApiResponse(404, $"Enrollee not found with id {enrolleeId}")));
}
// If the enrollee is not in the status of 'In Progress', it cannot be updated
if (!(await _enrolleeService.IsEnrolleeInStatusAsync(enrolleeId, Status.IN_PROGRESS_CODE)))
{
this.ModelState.AddModelError("Enrollee.CurrentStatus", "Enrollee can not be updated when the current status is not 'In Progress'.");
return(BadRequest(new ApiBadRequestResponse(this.ModelState)));
}
// If the user is not an ADMIN, make sure the enrolleeId matches the user, otherwise return not authorized
if (!BelongsToEnrollee(enrollee))
{
return(Forbid());
}
await _enrolleeService.UpdateEnrolleeAsync(enrollee, beenThroughTheWizard);
return(NoContent());
}
