Esempio n. 1
0
        /// <summary>
        /// Returns a formatted 403 error response using the message of the specified exception
        /// </summary>
        /// <param name="controller">The ApiController instance using the helper</param>
        /// <param name="ex">The NotPermittedException to extract the message from</param>
        public IHttpActionResult NotPermittedResponse(ApiController controller, NotPermittedException ex)
        {
            var response = new SimpleCommandResponseData();

            response.Errors  = new ValidationError[] { new ValidationError(ex.Message) };
            response.IsValid = false;

            return(new NegotiatedContentResult <SimpleCommandResponseData>(HttpStatusCode.Forbidden, response, controller));
        }
Esempio n. 2
0
        /// <summary>
        /// Returns a formatted 403 error response using the message of the specified exception
        /// </summary>
        /// <param name="controller">The Controller instance using the helper</param>
        /// <param name="ex">The NotPermittedException to extract the message from</param>
        public IActionResult NotPermittedResponse(ControllerBase controller, NotPermittedException ex)
        {
            var response = new SimpleCommandResponseData();

            response.Errors  = new ValidationError[] { new ValidationError(ex.Message) };
            response.IsValid = false;

            return(controller.StatusCode(403, response));
        }
        public JsonResult NotPermittedResponse(NotPermittedException ex)
        {
            var response = new ApiResponseHelperResult();

            response.Errors  = new ValidationError[] { new ValidationError(ex.Message) };
            response.IsValid = false;

            var jsonResult = CreateJsonResult(response, 403);

            return(jsonResult);
        }
        public async Task TryCheckout(CheckoutDto dto)
        {
            await Execute(async() => {
                using (UnitOfWork db = new UnitOfWork())
                {
                    CheckPointEntity checkPoint = await db.GetRepo <CheckPointEntity>().Get(dto.CheckPointId.Value);
                    AccountEntity account       = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);

                    if (dto.CurrentManufactoryId.Value != checkPoint.Manufactory1Id && dto.CurrentManufactoryId.Value != checkPoint.Manufactory2Id)
                    {
                        DataValidationException exception = new DataValidationException();

                        exception.Add(
                            typeof(CheckoutDto), nameof(CheckoutDto.CurrentManufactoryId),
                            $"{nameof(CheckoutDto.CurrentManufactoryId)} must be one of manufactories associated with check point"
                            );

                        throw exception;
                    }

                    CheckPointEventEntity checkPointEvent = new CheckPointEventEntity()
                    {
                        account_id     = account.id,
                        check_point_id = checkPoint.id,
                        is_direct      = checkPoint.Manufactory1Id == dto.CurrentManufactoryId.Value,
                        timespan       = DateTime.Now
                    };

                    ManufactoryEntity targetManufactory = checkPointEvent.is_direct ? checkPoint.Manufactory2 : checkPoint.Manufactory1;
                    NotPermittedException ex            = null;

                    if (account.Roles.SelectMany(r => r.ManufactoryPermissions).Any(m => m.id == targetManufactory.id))
                    {
                        checkPointEvent.log = $"Checkout to Manufactory #{targetManufactory.id} via Check Point ${checkPoint.id} by Account #{account.id}: SUCCESS";
                    }
                    else
                    {
                        checkPointEvent.log = $"Checkout to Manufactory #{targetManufactory.id} via Check Point ${checkPoint.id} by Account #{account.id}: ACCESS DENIED";
                        ex = new NotPermittedException(checkPointEvent.log);
                    }

                    await db.GetRepo <CheckPointEventEntity>().Create(checkPointEvent);
                    await db.Save();

                    if (ex != null)
                    {
                        throw ex;
                    }
                }
            });
        }
        public async Task TryEnter(EnterLeaveDto dto)
        {
            await Execute(async() => {
                using (UnitOfWork db = new UnitOfWork())
                {
                    EnterLeavePointEntity enterLeavePoint = await db.GetRepo <EnterLeavePointEntity>().Get(dto.EnterLeavePointId.Value);
                    AccountEntity account = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);

                    EnterLeavePointEventEntity enterLeavePointEvent = new EnterLeavePointEventEntity()
                    {
                        account_id           = account.id,
                        enter_leave_point_id = enterLeavePoint.id,
                        is_enter             = true,
                        timespan             = DateTime.Now
                    };

                    NotPermittedException ex = null;

                    if (account.Roles.SelectMany(r => r.ManufactoryPermissions).Any(m => m.id == enterLeavePoint.Manufactory.id))
                    {
                        enterLeavePointEvent.log = $"Enter to Manufactory #{enterLeavePoint.Manufactory.id} via Enter Point ${enterLeavePoint.id} by Account #{account.id}: SUCCESS";
                    }
                    else
                    {
                        enterLeavePointEvent.log = $"Enter to Manufactory #{enterLeavePoint.Manufactory.id} via Enter Point ${enterLeavePoint.id} by Account #{account.id}: ACCESS DENIED";
                        ex = new NotPermittedException(enterLeavePointEvent.log);
                    }

                    await db.GetRepo <EnterLeavePointEventEntity>().Create(enterLeavePointEvent);
                    await db.Save();

                    if (ex != null)
                    {
                        throw ex;
                    }
                }
            });
        }
        public async Task TryInteract(PipelineItemInteractionDto dto)
        {
            await Execute(async() => {
                using (UnitOfWork db = new UnitOfWork())
                {
                    PipelineItemEntity pipelineItem = await db.GetRepo <PipelineItemEntity>().Get(dto.PipelineItemId.Value);
                    AccountEntity account           = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);

                    PipelineItemInteractionEventEntity pipelineItemEvent = new PipelineItemInteractionEventEntity()
                    {
                        account_id       = account.id,
                        pipeline_item_id = pipelineItem.id,
                        timespan         = DateTime.Now
                    };

                    NotPermittedException ex = null;

                    if (account.Roles.SelectMany(r => r.PipelineItemPermissions).Any(m => m.id == pipelineItem.id))
                    {
                        pipelineItemEvent.log = $"Interaction with Pipeline item #{pipelineItem.id} by Account #{account.id}: SUCCESS";
                    }
                    else
                    {
                        pipelineItemEvent.log = $"Interaction with Pipeline item #{pipelineItem.id} by Account #{account.id}: ACCESS DENIED";
                        ex = new NotPermittedException(pipelineItemEvent.log);
                    }

                    await db.GetRepo <PipelineItemInteractionEventEntity>().Create(pipelineItemEvent);
                    await db.Save();

                    if (ex != null)
                    {
                        throw ex;
                    }
                }
            });
        }
Esempio n. 7
0
        public async Task TryInteract(DetectorInteractionDto dto)
        {
            await Execute(async() => {
                using (UnitOfWork db = new UnitOfWork())
                {
                    DetectorEntity detector = await db.GetRepo <DetectorEntity>().Get(dto.DetectorId.Value);
                    AccountEntity account   = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);

                    DetectorInteractionEventEntity detectorEvent = new DetectorInteractionEventEntity()
                    {
                        account_id  = account.id,
                        detector_id = detector.id,
                        timespan    = DateTime.Now
                    };

                    NotPermittedException ex = null;

                    if (account.Roles.SelectMany(r => r.DetectorPermissions).Any(m => m.id == detector.id))
                    {
                        detectorEvent.log = $"Interaction with Detector #{detector.id} by Account #{account.id}: SUCCESS";
                    }
                    else
                    {
                        detectorEvent.log = $"Interaction with Detector #{detector.id} by Account #{account.id}: ACCESS DENIED";
                        ex = new NotPermittedException(detectorEvent.log);
                    }

                    await db.GetRepo <DetectorInteractionEventEntity>().Create(detectorEvent);
                    await db.Save();

                    if (ex != null)
                    {
                        throw ex;
                    }
                }
            });
        }
Esempio n. 8
0
        public async Task TryInteract(StorageCellInteractionDto dto)
        {
            await Execute(async() => {
                using (UnitOfWork db = new UnitOfWork())
                {
                    StorageCellEntity storageCell = await db.GetRepo <StorageCellEntity>().Get(dto.StorageCellId.Value);
                    AccountEntity account         = await db.GetRepo <AccountEntity>().Get(dto.AccountId.Value);

                    StorageCellEventEntity storageCellEvent = new StorageCellEventEntity()
                    {
                        account_id      = account.id,
                        storage_cell_id = storageCell.id,
                        timespan        = DateTime.Now
                    };

                    NotPermittedException ex = null;

                    if (account.Roles.SelectMany(r => r.StorageCellPermissions).Any(m => m.id == storageCell.id))
                    {
                        storageCellEvent.log = $"Interaction with Storage cell #{storageCell.id} by Account #{account.id}: SUCCESS";
                    }
                    else
                    {
                        storageCellEvent.log = $"Interaction with Storage cell #{storageCell.id} by Account #{account.id}: ACCESS DENIED";
                        ex = new NotPermittedException(storageCellEvent.log);
                    }

                    await db.GetRepo <StorageCellEventEntity>().Create(storageCellEvent);
                    await db.Save();

                    if (ex != null)
                    {
                        throw ex;
                    }
                }
            });
        }