public async Task<UserResponse> AddAsync(UserAddRequest request)
{
if (!HasPremission(request.RequestOwner, UserManagePremission.CanAdd))
{
_securityLogger.LogDangeriousAddAttemp(request.RequestOwner, request.User);
return UnauthorizedRequest();
}
var newUser = request.User.MapToModel();
newUser.Id = Guid.NewGuid();
await BaseBeforeAddAsync(newUser, request.RequestOwner);
var res = await _userManager.CreateAsync(newUser, request.User.Password);
if (!res.Succeeded)
return new UserResponse()
{
Access = ResponseAccess.BadRequest,
Message = string.Join(",", res.Errors)
};
await BaseAfterAddAsync(newUser, request.RequestOwner);
return Success();
}
public async Task <EntityResponse> Add(EntityAddRequest request)
{
if (!HasPremission(request.RequestOwner, EntityPremission.CanAdd))
{
_securityLogger.LogDangeriousAddAttemp(request.RequestOwner, request.ViewModel);
return(UnauthorizedRequest());
}
var model = request.ViewModel.MapToEntity();
model.Fields = request.ViewModel.Fields.MapToModel();
await BaseBeforeAddAsync(model, request.RequestOwner);
await _entityFacade.AddAsync(model);
await BaseAfterAddAsync(model, request.RequestOwner);
var res = Success();
return(res);
}
public async Task <AddCustomerReviewResponse> AddCustomerReview(AddCostomerReviewRequest model)
{
var sitePolicies = _settingService.GetSetting <WebSitePolicies>();
var product = _productDataService.Query.First(x => x.Id == model.Model.ProductId);
if (!_accessManager.HasAccess(product, AccessPremission.See))
{
_securityLogger.LogDangeriousAddAttemp(model.RequestOwner, model.Model);
return(new AddCustomerReviewResponse {
Access = ResponseAccess.Deny
});
}
if (!product.AllowCustomerReviews)
{
return new AddCustomerReviewResponse
{
Access = ResponseAccess.Deny,
Message = "err"
}
}
;
var doesBied = DoesUserBuiedAndOrderCompeleted(product);
if (sitePolicies.EShopReviewPolicy == EShopReviewPolicy.BuiedUsers && !doesBied)
{
return new AddCustomerReviewResponse
{
Access = ResponseAccess.Deny,
Message = "err"
}
}
;
if (sitePolicies.EShopReviewPolicy == EShopReviewPolicy.BuiedUsersInRoles && !doesBied ||
!_identityManager.CurrentIdentityHasOneOfRoles(
sitePolicies.EShopReviewPolicyUserInRoles.Select(x => x.Name)))
{
return new AddCustomerReviewResponse
{
Access = ResponseAccess.Deny,
Message = "err"
}
}
;
if (sitePolicies.EShopReviewPolicy == EShopReviewPolicy.UsersInRoles &&
!_identityManager.CurrentIdentityHasOneOfRoles(
sitePolicies.EShopReviewPolicyUserInRoles.Select(x => x.Name)))
{
return new AddCustomerReviewResponse
{
Access = ResponseAccess.Deny,
Message = "err"
}
}
;
if (sitePolicies.EShopReviewPolicy == EShopReviewPolicy.UsersInRoles &&
!_identityManager.CurrentIdentityHasOneOfRoles(
sitePolicies.EShopReviewPolicyUserInRoles.Select(x => x.Name)))
{
return new AddCustomerReviewResponse
{
Access = ResponseAccess.Deny,
Message = "err"
}
}
;
model.Model.Id = Guid.Empty;
var review = Mapper.Map <ProductReview>(model.Model);
review.UserId = _workContext.CurrentUser.Id;
review.IsApproved = false;
product.ProductReviews.Add(review);
await _unitOfWork.SaveChangesAsync();
return(new AddCustomerReviewResponse
{
Access = ResponseAccess.Granted,
Review = Mapper.Map <ReviewViewModel>(review),
Product = product
});
}