public async Task <IHttpActionResult> Update(Guid id, FormUserAuthorizationViewModel item)
{
if (!authorizationService.IsAuthorized(item.Id, user.Email, AuthorizationService.AuthorizationType.IsUpdate, AuthorizationService.EndpointType.Form))
{
return(Content(HttpStatusCode.Forbidden, "You are not authorized to perform this action."));
}
var record = await repository.Update(id, item.ToEntity());
var model = record.ToViewModel();
return(Content(HttpStatusCode.OK, model));
}
public async Task <IHttpActionResult> Get(Guid id)
{
FormUserAuthorizationViewModel model = null;
try
{
var record = await repository.Get(id);
if (!authorizationService.IsAuthorized(record.Id, user.Email, AuthorizationService.AuthorizationType.IsRead, AuthorizationService.EndpointType.Form))
{
return(Content(HttpStatusCode.Forbidden, "You are not authorized to perform this action."));
}
model = record.ToViewModel();
return(Content(HttpStatusCode.OK, model));
}
catch (Exception ex)
{
Console.WriteLine(ex);
return(Content(HttpStatusCode.InternalServerError, ex));
}
}
public async Task <IHttpActionResult> Create(FormUserAuthorizationViewModel item)
{
FormUserAuthorizationViewModel model = null;
try
{
if (!authorizationService.IsAuthorized(item.Id, user.Email, AuthorizationService.AuthorizationType.IsCreate, AuthorizationService.EndpointType.Form))
{
return(Content(HttpStatusCode.Forbidden, "You are not authorized to perform this action."));
}
item.UserId = User.Identity.GetUserId();
var record = await repository.Create(item.ToEntity());
model = record.ToViewModel();
return(Content(HttpStatusCode.OK, model));
}
catch (Exception ex)
{
Console.WriteLine(ex);
return(Content(HttpStatusCode.InternalServerError, ex));
}
}
