public async Task <Deck> GetDeckAsync(string userId, string deckId, string authToken) { if (userId == null) { return(null); } using (DocumentClient documentClient = GetCosmosDbDocumentClient()) { GetDeckResult result = await ReadDeckFromDatabaseAsync(documentClient, deckId); if (result.Deck == null) { return(null); } // So the deck exists in the database. But does the requesting user own it? if (!StringComparer.Ordinal.Equals(result.Deck.UserId, userId)) { return(null); } await VerifyDecksIfNecessaryAsync(documentClient, new Deck[] { result.Deck }, authToken); return(result.Deck); } }
public async Task <bool> DeleteDeckAsync(string userId, string deckId) { if (string.IsNullOrWhiteSpace(userId) || string.IsNullOrWhiteSpace(deckId)) { return(true); } using (DocumentClient documentClient = GetCosmosDbDocumentClient()) { GetDeckResult result = await ReadDeckFromDatabaseAsync(documentClient, deckId); // Firstly, verify that the deck belongs to the user requesting its deletion if (ObjectId.IdsMatch(result.Deck?.UserId, userId)) { // Yup, the user id matches so we're clear to remove the deck from our database await documentClient.DeleteDocumentAsync(result.DocumentUri); return(true); } else { return(false); } } }
public async Task <DeckOperationResult <UpsertResult> > UpsertDeckAsync(string userId, string deckId, Deck deck, string authToken) { try { using (DocumentClient documentClient = GetCosmosDbDocumentClient()) { UpsertResult upsertResult; deck.Id = deckId; deck.UserId = userId; GetDeckResult getDeckResult = await ReadDeckFromDatabaseAsync(documentClient, deckId); if (getDeckResult.Deck != null) { if (!StringComparer.Ordinal.Equals(getDeckResult.Deck.UserId, userId)) { return(new DeckOperationResult <UpsertResult>(UpsertResult.NotAuthorizedToModifyExisting, deck)); } deck.CreatedDateTimeUtc = getDeckResult.Deck.CreatedDateTimeUtc; upsertResult = UpsertResult.UpdatedExisting; } else { deck.CreatedDateTimeUtc = DateTime.UtcNow; upsertResult = UpsertResult.CreatedNew; } IDictionary <string, Card> actualCards = await GetCardInventoryAsync(authToken); VerifyDeck(deck, actualCards, DateTime.UtcNow); await WriteDecksToDatabaseAsync(documentClient, new Deck[] { deck }); return(new DeckOperationResult <UpsertResult>(upsertResult, deck)); } } catch (Exception ex) { Console.WriteLine(ex.Message); throw; } }