public IActionResult Get(long id) { try { bool canRead = false; var currentUser = _users.Get(int.Parse(User.Identity.Name)); File file = _fileLogic.Get(id); if (currentUser.Id == file.OwnerId || currentUser.Role == "Admin") { canRead = true; } else { foreach (var user in file.Readers) { if (user.Id == currentUser.Id) { canRead = true; } } } if (canRead) { return(Ok(file)); } else { return(Unauthorized()); } } catch (Exception e) { return(NotFound(e.Message)); } }
public IActionResult Post([FromBody] File file) { try { if (_folderLogic.Get(file.Parent.Id).OwnerId == int.Parse(User.Identity.Name)) { var fileAux = _fileLogic.Add(file); return(CreatedAtRoute( routeName: "GetFile", routeValues: new { id = fileAux.Id }, value: fileAux )); } else { return(Unauthorized()); } } catch (Exception e) { return(NotFound(e.Message)); } }
public IActionResult GetFiles(long folderId) { try { Folder folder = _folderLogic.Get(folderId); if (int.Parse(User.Identity.Name) == folder.OwnerId) { return(Ok(folder.Files)); } else { return(Unauthorized("You are not the owner of the folder.")); } } catch (Exception e) { return(NotFound(e.Message)); } }