protected override async Task Execute(PostRequestModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken) { var userId = principal.GetId(); var currentYear = DateTime.Now.Year; var currentUser = await _userRepository.GetUser(userId, cancellationToken); if (!currentUser.IsSuperior) { throw AppExceptions.AuthorizationException(); } var budget = await _budgetRepository.GetBudget(parameter.BudgetId, cancellationToken); if (budget == null) { throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Budget {parameter.BudgetId} was not found."); } if (budget.BudgetType != BudgetTypeEnum.TeamBudget) { throw new OperationErrorException(StatusCodes.Status400BadRequest, "No Access for request!"); } var teamBudgets = await _budgetRepository.GetTeamBudgets(userId, currentYear, cancellationToken); var budgets = teamBudgets.ToTeamBudgets(); var availableFunds = budgets.Sum(_ => _.Amount); if (availableFunds < parameter.Amount) { throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Requested amount {parameter.Amount} exceeds the limit."); } var transactions = TransactionCalculator.Create(budgets, parameter.Amount); var request = new Request { BudgetId = budget.Id, UserId = userId, Year = currentYear, Title = parameter.Title, Amount = parameter.Amount, Date = parameter.Date.ToLocalTime(), State = RequestState.Pending, Transactions = transactions }; await _requestRepository.AddRequest(request); await _unitOfWork.SaveChanges(cancellationToken); }
protected override async Task Execute(UpdateRequestModel parameter, ClaimsPrincipal principal, CancellationToken cancellationToken) { var userId = principal.GetId(); var currentUser = await _userRepository.GetUser(userId, cancellationToken); if (!currentUser.IsSuperior) { throw AppExceptions.AuthorizationException(); } var request = await _requestRepository.GetRequest(parameter.Id, cancellationToken); if (request == null) { throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Request with id {parameter.Id} not found."); } if (userId != request.UserId) { throw new OperationErrorException(StatusCodes.Status400BadRequest, "No Access for request!"); } var teamBudgets = await _budgetRepository.GetTeamBudgets(userId, DateTime.Now.Year, cancellationToken); if (teamBudgets.Any(x => x.BudgetType != BudgetTypeEnum.TeamBudget)) { throw new OperationErrorException(StatusCodes.Status400BadRequest, "No Access for request!"); } var budgets = teamBudgets.ToTeamBudgets(x => x.RequestId != parameter.Id); var availableFunds = budgets.Sum(_ => _.Amount); if (availableFunds < parameter.Amount) { throw new OperationErrorException(StatusCodes.Status400BadRequest, $"Requested amount {parameter.Amount} exceeds the limit."); } var transactions = TransactionCalculator.Create(budgets, parameter.Amount); request.Title = parameter.Title; request.Amount = parameter.Amount; request.Date = parameter.Date.ToLocalTime(); await _requestRepository.AddOrUpdateTransactions(request.Id, transactions); await _unitOfWork.SaveChanges(cancellationToken); }