public async Task <IActionResult> Delete(string id) { var userId = User.GetUserId(); // Option 1: Check if the user has access to the project and then delete var issue = await _repo.GetIssue(id); if (issue == null) { return(NotFound(new { message = "Issue not found." })); } var projectId = issue.Phase.ProjectId; var projectUser = await _repo.GetProjectUser(projectId, userId); if (projectUser == null) { return(Unauthorized(new { message = "You do not have the authorization to delete the issue." })); } _repo.Delete(issue); if (await _repo.SaveAll()) { var issueToReturn = _mapper.Map <IssueListItemDto>(issue); return(Ok(new { message = "Successfully deleted the issue.", issue = issueToReturn })); } return(BadRequest(new { message = "Error deleting the issue." })); }
public async Task <IActionResult> Update([FromRoute] string projectId, [FromRoute] string phaseId, [FromBody] PhaseUpdateDto dto) { var userId = User.GetUserId(); var projectUser = await _repo.GetProjectUser(projectId, userId); if (projectUser == null) { return(Unauthorized(new { message = "You do not have access to the project." })); } var phase = await _repo.GetPhase(phaseId); phase.Name = dto.Name; if (await _repo.SaveAll()) { return(Ok()); } return(BadRequest(new { message = "Error updating the phase." })); }
public async Task <IActionResult> Get(string id) { var userId = User.GetUserId(); var project = await _repo.GetProject(id, userId); if (project != null) { var projectUser = await _repo.GetProjectUser(id, userId); projectUser.LastActive = DateTime.Now; if (await _repo.SaveAll()) { project.ProjectUsers = await _repo.GetProjectUsers(project.Id); var projectDetailDto = _mapper.Map <ProjectDetailDto>(project); foreach (var phase in projectDetailDto.Phases) { foreach (var issue in phase.Issues) { issue.Labels = issue.Labels.OrderBy(l => l.Name).ToList(); } } return(Ok(projectDetailDto)); } return(BadRequest(new { message = "Unable to update last active." })); } return(NotFound(new { message = "Project not found." })); }