public async Task <IHttpActionResult> Update(Guid id, ValueDetailViewModel item) { if (!authorizationService.IsAuthorized(item.FormDetail.Id, user.Email, AuthorizationService.AuthorizationType.IsUpdate, AuthorizationService.EndpointType.Data)) { return(Content(HttpStatusCode.Forbidden, "You are not authorized to perform this action.")); } var record = await repository.Update(id, item.ToEntity()); var model = record.ToViewModel(); return(Content(HttpStatusCode.OK, model)); }
public async Task <IHttpActionResult> Get(Guid id) { ValueDetailViewModel model = null; try { var record = await repository.Get(id); if (!authorizationService.IsAuthorized(record.FormDetail.FormId, user.Email, AuthorizationService.AuthorizationType.IsRead, AuthorizationService.EndpointType.Data)) { return(Content(HttpStatusCode.Forbidden, "You are not authorized to perform this action.")); } model = record.ToViewModel(); return(Content(HttpStatusCode.OK, model)); } catch (Exception ex) { Console.WriteLine(ex); return(Content(HttpStatusCode.InternalServerError, ex)); } }
public async Task <IHttpActionResult> Create(ValueDetailViewModel item) { ValueDetailViewModel model = null; try { var formDetail = await formDetailsRepository.Get(item.FormDetailsId); if (!authorizationService.IsAuthorized(formDetail.FormId, user.Email, AuthorizationService.AuthorizationType.IsCreate, AuthorizationService.EndpointType.Data)) { return(Content(HttpStatusCode.Forbidden, "You are not authorized to perform this action.")); } item.UserId = User.Identity.GetUserId(); var record = await repository.Create(item.ToEntity()); model = record.ToViewModel(); return(Content(HttpStatusCode.OK, model)); } catch (Exception ex) { Console.WriteLine(ex); return(Content(HttpStatusCode.InternalServerError, ex)); } }