public async Task <ActionResult <List <CronjobExecutionsListDto> > > ClearExecutions( Guid id, CancellationToken cancellationToken = default ) { var cronjob = await _db.Cronjobs.SingleOrDefaultAsync(c => c.Id == id, cancellationToken); if (cronjob == null) { return(NotFound()); } // OPTIMIZE: dont load everything before authorization var result = await _authorizationService.AuthorizeAsync(User, cronjob, AuthorizationPolicies.RequireProjectManagerPolicy); if (!result.Succeeded) { return(Forbid()); } var removables = await _db.Executions.Where(e => e.CronjobId == id) .ToListAsync(cancellationToken); _db.RemoveRange(removables); await _db.SaveChangesAsync(cancellationToken); return(NoContent()); }
public async Task <IActionResult> UpdateUserClaims(Guid userId, UserClaimsUpdateRequest updateRequest, CancellationToken cancellationToken) { var user = await _dbContext.Users .Include(e => e.Claims) .Include(e => e.Roles) .FirstOrDefaultAsync(e => e.Id == userId, cancellationToken: cancellationToken); if (user == null) { return(NotFound(new ProblemDetails { Detail = "No such user" })); } await using var tx = await _dbContext.Database.BeginTransactionAsync(cancellationToken); var projects = await _dbContext.Projects.Where(e => updateRequest.ProjectIds.Contains(e.Id)) .ToListAsync(cancellationToken: cancellationToken); _dbContext.RemoveRange(user.GetClaimsOfType(AppClaimTypes.Project)); foreach (var item in projects) { user.AddControlledEntity(item); } if (projects.Any()) { var pmRole = await _dbContext.Roles.FirstOrDefaultAsync(e => e.Name == "pm", cancellationToken); if (pmRole != null) { user.AddRole(pmRole); } } await _dbContext.SaveChangesAsync(cancellationToken); await tx.CommitAsync(cancellationToken); return(NoContent()); }