private async Task <dynamic> AddNewValueToConfiguration(dynamic parameters, CancellationToken token) { string key = parameters.configKey; Version version = parameters.configVersion; // TODO: BindAndValidate with FluentValidation var request = this.Bind <NewValueToConfigurationRequest>(new BindingConfig { BodyOnly = true, IgnoreErrors = false }); var negociator = Negotiate .WithAllowedMediaRange(JsonMediaRange); if (version == default(Version) || request == null) { return(negociator.WithStatusCode(HttpStatusCode.BadRequest)); } var valueId = await _configStoreService .AddValueToConfiguration(key, version, request.Tags, request.Value) .ConfigureAwait(false); var location = new Uri(this.Context.Request.Url, valueId.ToString()); return(negociator .WithStatusCode(HttpStatusCode.OK) .WithHeader("Location", location.ToString())); }
public ProductsModule() : base("/products") { Get["/product/{productid}"] = _ => { var request = this.Bind <ProductRequest>(); var product = ProductRepository.GetById(request.ProductId); if (product == null) { throw new ArgumentException( "Invalid product identifier."); } var user = UserRepository.GetCurrentUser(); if (false == user.CanView(product)) { throw new UnauthorizedAccessException( "User has insufficient privileges."); } var productDto = CreateProductDto(product); var htmlDto = new { Product = productDto, RelatedProducts = GetRelatedProductsDto(product) }; return(Negotiate .WithAllowedMediaRange(MediaRange.FromString("text/html")) .WithAllowedMediaRange(MediaRange.FromString("application/json")) .WithModel(htmlDto) // Model for 'text/html' .WithMediaRangeModel( MediaRange.FromString("application/json"), productDto)); // Model for 'application/json'; } }
private async Task <dynamic> AddNewConfiguration(dynamic parameters, CancellationToken token) { string key = parameters.configKey; // TODO: BindAndValidate with FluentValidation var request = this.Bind <NewConfigurationRequest>(new BindingConfig { BodyOnly = true, IgnoreErrors = false }); var negociator = Negotiate .WithAllowedMediaRange(JsonMediaRange); if (request == null) { return(negociator.WithStatusCode(HttpStatusCode.BadRequest)); } await _configStoreService .AddConfiguration(key, request.Type) .ConfigureAwait(false); var location = $"{this.Context.Request.Url}"; return(negociator .WithStatusCode(HttpStatusCode.OK) .WithHeader("Location", location)); }
public UsersModule() : base("/users") { Get["/profile/{name}"] = _ => { var request = this.Bind <FooRequest>(); var user = UserRepository.GetByName(requestName); if (user == null) { throw new ArgumentException( "Invalid user identifier."); } if (false == user.CanAccessModule()) { throw new UnauthorizedAccessException( "User has insufficient priviledges."); } var userDto = CreateUserDto(user); var viewDto = new { Message = string.Format("Hello {0}", user.FullName), User = userDto }; return(Negotiate .WithAllowedMediaRange(MediaRange.FromString("text/html")) .WithAllowedMediaRange(MediaRange.FromString("application/json")) .WithModel(viewDto) // Model for 'text/html' .WithMediaRangeModel( MediaRange.FromString("application/json"), userDto)); // Model for 'application/json'; } }
public UsersModule() : base("/users") { Get["/profile/{name}"] = _ => { var request = this.Bind <FooRequest>(); var user = UserRepository.GetByName(requestName); if (user == null) { var error = new Response(); error.StatusCode = HttpStatusCode.BadRequest; error.ReasonPhrase = "Invalid user identifier."; return(error); } if (false == user.CanAccessModule()) { var error = new Response(); error.StatusCode = HttpStatusCode.Unauthorized; error.ReasonPhrase = "Invalid user identifier."; return(error); } var userDto = CreateUserDto(user); var viewDto = new { Message = string.Format("Hello {0}", user.FullName), User = userDto }; return(Negotiate .WithAllowedMediaRange(MediaRange.FromString("text/html")) .WithAllowedMediaRange(MediaRange.FromString("application/json")) .WithModel(viewDto) // Model for 'text/html' .WithMediaRangeModel( MediaRange.FromString("application/json"), userDto)); // Model for 'application/json'; } }
private async Task <dynamic> UpdateValueOnConfiguration(dynamic parameters, CancellationToken token) { string key = parameters.configKey; Version version = parameters.configVersion; Guid valueId = parameters.valueId; // TODO: BindAndValidate with FluentValidation var request = this.Bind <UpdateValueOnConfigurationRequest>(new BindingConfig { BodyOnly = true, IgnoreErrors = false }); var negociator = Negotiate .WithAllowedMediaRange(JsonMediaRange); if (request == null) { return(negociator.WithStatusCode(HttpStatusCode.BadRequest)); } await _configStoreService .UpdateValueOnConfiguration(key, version, valueId, request.Tags, request.Value) .ConfigureAwait(false); return(negociator.WithStatusCode(HttpStatusCode.OK)); }
public ChoreModule() { this.RequiresAuthentication(); Get["/chore/{date:datetime}"] = _ => { return(Negotiate .WithAllowedMediaRange("application/xml") .WithAllowedMediaRange("application/json") .WithModel(GetChoresForDate((DateTime)_.date))); }; }
private async Task <dynamic> ImageInfo(dynamic parameters, CancellationToken token) { try { var filename = parameters.id; var imageUri = new Uri(new Uri(Conf.Location), filename); var requestId = Context.GetOwinEnvironment()["RequestId"] as string; (var maxWidth, var maxHeight, var maxArea) = GetSizeConstraints(Conf); var processor = new ImageProcessing.ImageProcessing { HttpClient = HttpClient, Log = Log }; var metadata = await processor.GetImageInfo(imageUri, Conf.DefaultTileWidth, requestId); var full_id = Conf.BaseUri == null? Request.Url.ToString().Replace("/info.json", "") : string.Format("{0}ark:/{1}/{2}", Conf.BaseUri.ToString(), parameters.naan, parameters.id); var info = new ImageInfo(metadata, Conf, maxWidth, maxHeight, maxArea) { ID = full_id, }; Log.Debug("{@ImageInfo}", info); return(await Negotiate .WithAllowedMediaRange(new MediaRange("application/json")) .WithAllowedMediaRange(new MediaRange("application/ld+json")) .WithHeader("Link", null) // hide nancy automatic Link: rel="alternative" .WithModel(info)); } catch (FileNotFoundException e) { Log.Error("Unable to load source image @{FileName}", e.FileName); return(HttpStatusCode.NotFound); } catch (NotImplementedException e) { Log.Information(e, "Un-implemented feature requested"); return(HttpStatusCode.BadRequest); } catch (ArgumentException e) { Log.Error(e, "Error parsing argument"); return(HttpStatusCode.BadRequest); } catch (Exception e) { Log.Error(e, "Unexpected exception"); return(HttpStatusCode.InternalServerError); } }
private async Task <dynamic> DeleteConfiguration(dynamic parameters, CancellationToken token) { string key = parameters.configKey; var negociator = Negotiate .WithAllowedMediaRange(JsonMediaRange); await _configStoreService .RemoveConfiguration(key) .ConfigureAwait(false); return(negociator .WithStatusCode(HttpStatusCode.OK)); }
public UsageModule() { Post["/api/usage/visualstudio"] = p => { var errors = new List <string>(); var usage = this.Bind <UsageModel>(); if (String.IsNullOrEmpty(usage.Dimensions.AppVersion)) { errors.Add("Empty appVersion"); } Version result = null; if (!Version.TryParse(usage.Dimensions.AppVersion, out result)) { errors.Add("Invalid appVersion"); } if (String.IsNullOrEmpty(usage.Dimensions.Lang)) { errors.Add("Empty lang"); } if (String.IsNullOrEmpty(usage.Dimensions.VSVersion)) { errors.Add("Empty vSVersion"); } if (usage.Dimensions.Date == DateTimeOffset.MinValue) { errors.Add("Empty date"); } if (usage.Measures.NumberOfStartups == 0) { errors.Add("Startups is 0"); } if (errors.Count > 0) { return(Negotiate .WithStatusCode(HttpStatusCode.InternalServerError) .WithAllowedMediaRange(MediaRange.FromString("application/json")) .WithMediaRangeModel( MediaRange.FromString("application/json"), new { result = errors })); // Model for 'application/json'; } return(Negotiate .WithAllowedMediaRange(MediaRange.FromString("application/json")) .WithMediaRangeModel( MediaRange.FromString("application/json"), new { result = "Cool usage" })); // Model for 'application/json'; }; }
public GarageModule() { this.RequiresAuthentication(); this.RequiresClaims(new[] { "Garage" }); Get["/garage/status"] = _ => { using (var sql = new SqlConnection(CloudConfigurationManager.GetSetting("DatabaseConnection"))) { sql.Open(); var check = sql.CreateCommand(); check.CommandText = @"SELECT TOP 1 Event.Id, Event.Timestamp, EventDescription.Name FROM Event JOIN EventSource ON EventSource.Id = Event.SourceId JOIN EventDescription ON EventDescription.Id = Event.DescriptionId WHERE EventSource.Name = 'Garage Door' ORDER BY Event.Timestamp DESC"; using (var reader = check.ExecuteReader()) { while (reader.Read()) { return(Negotiate .WithAllowedMediaRange("application/xml") .WithAllowedMediaRange("application/json") .WithModel(new GarageStatus { Id = reader.GetInt32(0), Timestamp = reader.GetDateTime(1), Open = reader.GetString(2) == "Open" })); } } return(Negotiate .WithAllowedMediaRange("application/xml") .WithAllowedMediaRange("application/json") .WithModel(new Error { Code = 500, Message = "No Event found" })); } }; }
public SparqlUpdateModule(IBrightstarService brightstarService, AbstractStorePermissionsProvider permissionsProvider) { this.RequiresBrightstarStorePermission(permissionsProvider, get: StorePermissions.SparqlUpdate, post: StorePermissions.SparqlUpdate); Get["/{storeName}/update"] = parameters => { var requestObject = this.Bind <SparqlUpdateRequestObject>(); ViewBag.Title = requestObject.StoreName + " - SPARQL Update"; return (Negotiate.WithAllowedMediaRange(Html) .WithModel(requestObject) .WithView("SparqlUpdate")); }; Post["/{storeName}/update"] = parameters => { var requestObject = this.Bind <SparqlUpdateRequestObject>(); ViewBag.Title = requestObject.StoreName + " - SPARQL Update"; if (SparqlRequest.Matches(Request.Headers.ContentType)) { using (var reader = new StreamReader(Request.Body)) { requestObject.Update = reader.ReadToEnd(); } } if (!parameters["storeName"].HasValue) { return(HttpStatusCode.BadRequest); } if (string.IsNullOrWhiteSpace(requestObject.Update)) { return(HttpStatusCode.BadRequest); } IJobInfo jobInfo = brightstarService.ExecuteUpdate(parameters["storeName"], requestObject.Update, true); if (jobInfo.JobCompletedOk) { return(jobInfo.MakeResponseObject(requestObject.StoreName)); } return (Negotiate.WithStatusCode(HttpStatusCode.BadRequest) .WithModel(jobInfo.MakeResponseObject(requestObject.StoreName))); }; }
public MockModule() : base("/") { Patch["/"] = _ => { var model = BaseModel(); if (!this.Patch(model)) { return(Negotiate .WithAllowedMediaRange(new MediaRange("application/json")) .WithStatusCode(HttpStatusCode.UnprocessableEntity)); } return(Negotiate .WithModel(model) .WithAllowedMediaRange(new MediaRange("application/json")) .WithStatusCode(HttpStatusCode.OK)); }; }
public ProductsModule() : base("/products") { Get["/product/{productid}"] = _ => { var request = this.Bind <ProductRequest>(); var product = ProductRepository.GetById(request.ProductId); if (product == null) { var error = new Response(); error.StatusCode = HttpStatusCode.BadRequest; error.ReasonPhrase = "Invalid product identifier."; return(error); } var user = UserRepository.GetCurrentUser(); if (false == user.CanView(product)) { var error = new Response(); error.StatusCode = HttpStatusCode.Unauthorized; error.ReasonPhrase = "User has insufficient privileges."; return(error); } var productDto = CreateProductDto(product); var htmlDto = new { Product = productDto, RelatedProducts = GetRelatedProductsDto(product) }; return(Negotiate .WithAllowedMediaRange(MediaRange.FromString("text/html")) .WithAllowedMediaRange(MediaRange.FromString("application/json")) .WithModel(htmlDto) // Model for 'text/html' .WithMediaRangeModel( MediaRange.FromString("application/json"), productDto)); // Model for 'application/json'; } }
public SecurityModule(ILoggerService logger, ISecurityService service, ISecurityService securityService) { _logger = logger; _service = service; _securityService = securityService; if (Debugger.IsAttached) { this.RequiresApiAuthentication(); } else { this.RequiresAuthentication(); } Get["/web/security"] = _ => { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; return(View["Security.cshtml", new SecurityResponseModel(_service.GetAll())]); }; Get["/api/securities"] = _ => { try { if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization)) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var securities = _service.GetAll(); List <object> result = new List <object>(); foreach (var security in securities) { List <object> radios = new List <object>(); foreach (var radio in security.RadiosWithAccess) { dynamic radioWithAccess = new { alias = radio.RadioAlias, guid = radio.RadioGuid, access = radio.HasAccess }; radios.Add(radioWithAccess); } List <object> reports = new List <object>(); foreach (var report in security.ReportsWithAccess) { dynamic reportWithAccess = new { name = report.ReportName, access = report.HasAccess }; reports.Add(reportWithAccess); } List <object> properties = new List <object>(); foreach (var property in security.Properties) { dynamic propertyWithAccess = new { group = property.Group.ToString(), name = property.Name }; properties.Add(propertyWithAccess); } dynamic resultAccessGroup = new { guid = security.Guid, name = security.Name, accessAllRadios = security.AccessAllRadios, radiosWithAccess = radios, accessAllReports = security.AccessAllReports, reportsWithAccess = reports, properties = properties }; result.Add(resultAccessGroup); } return(Response.AsJson(result)); } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureObtainingSecurities }); } }; Get["/api/reports"] = (_) => { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var reports = _service.GetAllReports(); List <object> result = new List <object>(); foreach (var report in reports.OrderBy(item => item.Description)) { result.Add(new { name = report.ReportName, description = report.Description }); } return(Response.AsJson(result)); }; Get["/api/security-properties"] = (_) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var properties = _service.GetAllProperties(); var result = new List <object>(); foreach (var property in properties.OrderBy(x => x.Description)) { result.Add(new { group = property.Group.ToString(), name = property.Name, description = property.Description }); } return(Response.AsJson(result)); } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureObtainingSecurityProperties }); } }; Post["/api/securities/add", true] = async(_, __) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var model = this.Bind <SecurityModel>(x => x.Guid); var result = this.Validate(model); if (result.IsValid) { await _service.AddAsync(SecurityModelToDbSecurityModel(model)); return(Response.AsJson(model, HttpStatusCode.OK)); } else { return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem)); } } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingSecurity }); } }; Post["/api/securities/update", true] = async(_, __) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var model = this.Bind <SecurityModel>(); var result = this.Validate(model); if (result.IsValid) { await _service.UpdateAsync(SecurityModelToDbSecurityModel(model)).ConfigureAwait(false); return(Response.AsJson(new object(), HttpStatusCode.OK)); } else { return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem)); } } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingSecurity }); } }; Post["/api/securities/delete", true] = async(_, __) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } foreach (var record in this.Bind <IEnumerable <SecurityModel> >()) { var result = this.Validate(record); if (result.IsValid) { await _service.DeleteAsync(SecurityModelToDbSecurityModel(record)); } else { return(Negotiate.WithModel(result).WithStatusCode(HttpStatusCode.BadRequest)); } } return(Response.AsJson(new object(), HttpStatusCode.OK)); } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureDeletingSecurity }); } }; } private dbModels.SecurityModel SecurityModelToDbSecurityModel(SecurityModel model) { var result = new dbModels.SecurityModel(model.Guid, model.Name, model.AccessAllRadios, model.AccessAllReports); foreach (var radio in model.RadiosWithAccess) { result.RadiosWithAccess.Add(new dbModels.SecurityRadioModel() { HasAccess = true, RadioGuid = radio.Guid, RadioAlias = radio.Alias }); } foreach (var report in model.ReportsWithAccess) { result.ReportsWithAccess.Add(new dbModels.SecurityReportModel() { ReportName = report.Name, HasAccess = report.Access }); } foreach (var property in model.Properties) { dbModels.SecurityPropertyGroup group; Enum.TryParse(property.Group, true, out group); result.Properties.Add(new dbModels.SecurityPropertyModel() { Group = group, Name = property.Name }); } return(result); } }
public GroupsModule(ILoggerService logger, IGroupsService service, IStationsRepository stationsRepository, ISecurityService securityService, IConnectionManager signalR ) { _logger = logger; _service = service; _stationsRepository = stationsRepository; _securityService = securityService; _signalR = signalR; if (Debugger.IsAttached) { this.RequiresApiAuthentication(); } else { this.RequiresAuthentication(); } Get["/web/groups"] = _ => { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("2d42263c463a43d396806673c03b3e9d", "N")); //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("d56025ce863b4d8c9eadda06c1460535", "N")); //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("57228cfcdc1440ae82062953c3a0d792", "N")); //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("7286b28b7f9747cfb6da8ca3cf599161", "N")); //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("a0deb9e657224eb786b6ad9c4e02f9ac", "N")); //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("421362042c3c4d5ab7aac2ef36292900", "N")); //Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("d105d8941a3e4bc1939585bfd1971af3", "N")); //Hubs.RadioNetworksStatusHub.SetStationOffline(_signalR, Guid.ParseExact("ebdee74feda74ad19f7f11b1463297b1", "N")); return(View["Groups.cshtml", new GroupResponseModel(_service.GetAll())]); }; Get["/api/groups"] = _ => { try { if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization)) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var groups = _service.GetAll(); List <object> result = new List <object>(); foreach (var group in groups) { var radio = _stationsRepository.Find(x => x.Guid == group.RadioGuid); dynamic resultGroup = new { guid = group.Guid, radioGuid = radio?.Guid, radioAlias = radio?.Alias, alias = group.Alias }; result.Add(resultGroup); } return(Response.AsJson(result)); } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureObtainingGroups }); } }; Post["/api/groups/add", true] = async(_, __) => { try { if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization)) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var model = this.Bind <GroupModel>(x => x.Guid); var result = this.Validate(model); if (result.IsValid) { await _service.AddAsync(GroupModelToDbGroupModel(model)); return(Response.AsJson(model, HttpStatusCode.OK)); } else { return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem)); } } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureSavingGroup }); } }; Post["/api/groups/update", true] = async(_, __) => { try { if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization)) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var model = this.Bind <GroupModel>(); var result = this.Validate(model); if (result.IsValid) { await _service.UpdateAsync(GroupModelToDbGroupModel(model)).ConfigureAwait(false); return(Response.AsJson(new object(), HttpStatusCode.OK)); } else { return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem)); } } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureSavingGroup }); } }; Post["/api/groups/delete", true] = async(_, __) => { try { if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization)) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } foreach (var record in this.Bind <IEnumerable <GroupModel> >()) { var result = this.Validate(record); if (result.IsValid) { await _service.DeleteAsync(GroupModelToDbGroupModel(record)); } else { return(Negotiate.WithModel(result).WithStatusCode(HttpStatusCode.BadRequest)); } } return(Response.AsJson(new object(), HttpStatusCode.OK)); } catch (Exception e) { _logger.LogError(e); return(Negotiate.WithStatusCode(HttpStatusCode.InternalServerError).WithReasonPhrase(WebResources.Error_FailureDeletingGroup)); } }; }
public AccessGroupsModule(ILoggerService logger, IAccessGroupsService service, IUsersService usersService, ISecurityService securityService) { _logger = logger; _service = service; _securityService = securityService; if (Debugger.IsAttached) { this.RequiresApiAuthentication(); } else { this.RequiresAuthentication(); } Get["/web/access-groups"] = _ => { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; return(View["AccessGroups.cshtml"]); }; Get["/api/access-groups"] = _ => { try { if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization)) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var accessGroups = _service.GetAll().OrderBy(x => x.Name); List <object> result = new List <object>(); foreach (var accessGroup in accessGroups) { dynamic resultAccessGroup = new { guid = accessGroup.Guid, name = accessGroup.Name }; result.Add(resultAccessGroup); } return(Response.AsJson(result)); } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureObtainingAccessGroups }); } }; Post["/api/access-groups/add", true] = async(_, __) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var model = this.Bind <AccessGroupModel>(); var result = this.Validate(model); if (result.IsValid) { var dbModel = AccessGroupModelToDbAccessGroupModel(model); dbModel.Guid = Guid.Empty; await _service.AddAsync(dbModel); return(Response.AsJson(model, HttpStatusCode.OK)); } else { return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem)); } } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingAccessGroup }); } }; Post["/api/access-groups/update", true] = async(_, __) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } var model = this.Bind <AccessGroupModel>(); var result = this.Validate(model); if (result.IsValid) { await _service.UpdateAsync(AccessGroupModelToDbAccessGroupModel(model)).ConfigureAwait(false); return(Response.AsJson(new object(), HttpStatusCode.OK)); } else { return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem)); } } catch (Exception e) { _logger.LogError(e); return(new Response { StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingAccessGroup }); } }; Post["/api/access-groups/delete", true] = async(_, __) => { try { if (Context.Request.Headers.Authorization == null) { var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups"); if (!access) { return new Response { StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied } } ; } foreach (var record in this.Bind <IEnumerable <AccessGroupModel> >()) { var result = this.Validate(record); if (result.IsValid) { await _service.DeleteAsync(AccessGroupModelToDbAccessGroupModel(record).Guid); } else { return(Negotiate.WithModel(result).WithStatusCode(HttpStatusCode.BadRequest)); } } return(Response.AsJson(new object(), HttpStatusCode.OK)); } catch (Exception e) { _logger.LogError(e); return(Negotiate.WithStatusCode(HttpStatusCode.InternalServerError).WithReasonPhrase(WebResources.Error_FailureDeletingAccessGroup)); } }; }