private async Task <dynamic> AddNewValueToConfiguration(dynamic parameters, CancellationToken token)
{
string key = parameters.configKey;
Version version = parameters.configVersion;
// TODO: BindAndValidate with FluentValidation
var request = this.Bind <NewValueToConfigurationRequest>(new BindingConfig
{
BodyOnly = true,
IgnoreErrors = false
});
var negociator = Negotiate
.WithAllowedMediaRange(JsonMediaRange);
if (version == default(Version) || request == null)
{
return(negociator.WithStatusCode(HttpStatusCode.BadRequest));
}
var valueId = await _configStoreService
.AddValueToConfiguration(key, version, request.Tags, request.Value)
.ConfigureAwait(false);
var location = new Uri(this.Context.Request.Url, valueId.ToString());
return(negociator
.WithStatusCode(HttpStatusCode.OK)
.WithHeader("Location", location.ToString()));
}
public ProductsModule()
: base("/products")
{
Get["/product/{productid}"] = _ =>
{
var request = this.Bind <ProductRequest>();
var product = ProductRepository.GetById(request.ProductId);
if (product == null)
{
throw new ArgumentException(
"Invalid product identifier.");
}
var user = UserRepository.GetCurrentUser();
if (false == user.CanView(product))
{
throw new UnauthorizedAccessException(
"User has insufficient privileges.");
}
var productDto = CreateProductDto(product);
var htmlDto = new {
Product = productDto,
RelatedProducts = GetRelatedProductsDto(product)
};
return(Negotiate
.WithAllowedMediaRange(MediaRange.FromString("text/html"))
.WithAllowedMediaRange(MediaRange.FromString("application/json"))
.WithModel(htmlDto) // Model for 'text/html'
.WithMediaRangeModel(
MediaRange.FromString("application/json"),
productDto)); // Model for 'application/json';
}
}
private async Task <dynamic> AddNewConfiguration(dynamic parameters, CancellationToken token)
{
string key = parameters.configKey;
// TODO: BindAndValidate with FluentValidation
var request = this.Bind <NewConfigurationRequest>(new BindingConfig
{
BodyOnly = true,
IgnoreErrors = false
});
var negociator = Negotiate
.WithAllowedMediaRange(JsonMediaRange);
if (request == null)
{
return(negociator.WithStatusCode(HttpStatusCode.BadRequest));
}
await _configStoreService
.AddConfiguration(key, request.Type)
.ConfigureAwait(false);
var location = $"{this.Context.Request.Url}";
return(negociator
.WithStatusCode(HttpStatusCode.OK)
.WithHeader("Location", location));
}
public UsersModule()
: base("/users")
{
Get["/profile/{name}"] = _ =>
{
var request = this.Bind <FooRequest>();
var user = UserRepository.GetByName(requestName);
if (user == null)
{
throw new ArgumentException(
"Invalid user identifier.");
}
if (false == user.CanAccessModule())
{
throw new UnauthorizedAccessException(
"User has insufficient priviledges.");
}
var userDto = CreateUserDto(user);
var viewDto = new {
Message = string.Format("Hello {0}", user.FullName),
User = userDto
};
return(Negotiate
.WithAllowedMediaRange(MediaRange.FromString("text/html"))
.WithAllowedMediaRange(MediaRange.FromString("application/json"))
.WithModel(viewDto) // Model for 'text/html'
.WithMediaRangeModel(
MediaRange.FromString("application/json"),
userDto)); // Model for 'application/json';
}
}
public UsersModule()
: base("/users")
{
Get["/profile/{name}"] = _ =>
{
var request = this.Bind <FooRequest>();
var user = UserRepository.GetByName(requestName);
if (user == null)
{
var error = new Response();
error.StatusCode = HttpStatusCode.BadRequest;
error.ReasonPhrase = "Invalid user identifier.";
return(error);
}
if (false == user.CanAccessModule())
{
var error = new Response();
error.StatusCode = HttpStatusCode.Unauthorized;
error.ReasonPhrase = "Invalid user identifier.";
return(error);
}
var userDto = CreateUserDto(user);
var viewDto = new {
Message = string.Format("Hello {0}", user.FullName),
User = userDto
};
return(Negotiate
.WithAllowedMediaRange(MediaRange.FromString("text/html"))
.WithAllowedMediaRange(MediaRange.FromString("application/json"))
.WithModel(viewDto) // Model for 'text/html'
.WithMediaRangeModel(
MediaRange.FromString("application/json"),
userDto)); // Model for 'application/json';
}
}
private async Task <dynamic> UpdateValueOnConfiguration(dynamic parameters, CancellationToken token)
{
string key = parameters.configKey;
Version version = parameters.configVersion;
Guid valueId = parameters.valueId;
// TODO: BindAndValidate with FluentValidation
var request = this.Bind <UpdateValueOnConfigurationRequest>(new BindingConfig
{
BodyOnly = true,
IgnoreErrors = false
});
var negociator = Negotiate
.WithAllowedMediaRange(JsonMediaRange);
if (request == null)
{
return(negociator.WithStatusCode(HttpStatusCode.BadRequest));
}
await _configStoreService
.UpdateValueOnConfiguration(key, version, valueId, request.Tags, request.Value)
.ConfigureAwait(false);
return(negociator.WithStatusCode(HttpStatusCode.OK));
}
public ChoreModule()
{
this.RequiresAuthentication();
Get["/chore/{date:datetime}"] = _ =>
{
return(Negotiate
.WithAllowedMediaRange("application/xml")
.WithAllowedMediaRange("application/json")
.WithModel(GetChoresForDate((DateTime)_.date)));
};
}
private async Task <dynamic> ImageInfo(dynamic parameters, CancellationToken token)
{
try
{
var filename = parameters.id;
var imageUri = new Uri(new Uri(Conf.Location), filename);
var requestId = Context.GetOwinEnvironment()["RequestId"] as string;
(var maxWidth, var maxHeight, var maxArea) = GetSizeConstraints(Conf);
var processor = new ImageProcessing.ImageProcessing {
HttpClient = HttpClient, Log = Log
};
var metadata = await processor.GetImageInfo(imageUri, Conf.DefaultTileWidth, requestId);
var full_id = Conf.BaseUri == null?
Request.Url.ToString().Replace("/info.json", "") :
string.Format("{0}ark:/{1}/{2}", Conf.BaseUri.ToString(), parameters.naan, parameters.id);
var info = new ImageInfo(metadata, Conf, maxWidth, maxHeight, maxArea)
{
ID = full_id,
};
Log.Debug("{@ImageInfo}", info);
return(await Negotiate
.WithAllowedMediaRange(new MediaRange("application/json"))
.WithAllowedMediaRange(new MediaRange("application/ld+json"))
.WithHeader("Link", null) // hide nancy automatic Link: rel="alternative"
.WithModel(info));
}
catch (FileNotFoundException e)
{
Log.Error("Unable to load source image @{FileName}", e.FileName);
return(HttpStatusCode.NotFound);
}
catch (NotImplementedException e)
{
Log.Information(e, "Un-implemented feature requested");
return(HttpStatusCode.BadRequest);
}
catch (ArgumentException e)
{
Log.Error(e, "Error parsing argument");
return(HttpStatusCode.BadRequest);
}
catch (Exception e)
{
Log.Error(e, "Unexpected exception");
return(HttpStatusCode.InternalServerError);
}
}
private async Task <dynamic> DeleteConfiguration(dynamic parameters, CancellationToken token)
{
string key = parameters.configKey;
var negociator = Negotiate
.WithAllowedMediaRange(JsonMediaRange);
await _configStoreService
.RemoveConfiguration(key)
.ConfigureAwait(false);
return(negociator
.WithStatusCode(HttpStatusCode.OK));
}
public UsageModule()
{
Post["/api/usage/visualstudio"] = p =>
{
var errors = new List <string>();
var usage = this.Bind <UsageModel>();
if (String.IsNullOrEmpty(usage.Dimensions.AppVersion))
{
errors.Add("Empty appVersion");
}
Version result = null;
if (!Version.TryParse(usage.Dimensions.AppVersion, out result))
{
errors.Add("Invalid appVersion");
}
if (String.IsNullOrEmpty(usage.Dimensions.Lang))
{
errors.Add("Empty lang");
}
if (String.IsNullOrEmpty(usage.Dimensions.VSVersion))
{
errors.Add("Empty vSVersion");
}
if (usage.Dimensions.Date == DateTimeOffset.MinValue)
{
errors.Add("Empty date");
}
if (usage.Measures.NumberOfStartups == 0)
{
errors.Add("Startups is 0");
}
if (errors.Count > 0)
{
return(Negotiate
.WithStatusCode(HttpStatusCode.InternalServerError)
.WithAllowedMediaRange(MediaRange.FromString("application/json"))
.WithMediaRangeModel(
MediaRange.FromString("application/json"),
new { result = errors })); // Model for 'application/json';
}
return(Negotiate
.WithAllowedMediaRange(MediaRange.FromString("application/json"))
.WithMediaRangeModel(
MediaRange.FromString("application/json"),
new { result = "Cool usage" })); // Model for 'application/json';
};
}
public GarageModule()
{
this.RequiresAuthentication();
this.RequiresClaims(new[] { "Garage" });
Get["/garage/status"] = _ =>
{
using (var sql = new SqlConnection(CloudConfigurationManager.GetSetting("DatabaseConnection")))
{
sql.Open();
var check = sql.CreateCommand();
check.CommandText =
@"SELECT TOP 1 Event.Id, Event.Timestamp, EventDescription.Name FROM Event
JOIN EventSource ON EventSource.Id = Event.SourceId
JOIN EventDescription ON EventDescription.Id = Event.DescriptionId
WHERE EventSource.Name = 'Garage Door'
ORDER BY Event.Timestamp DESC";
using (var reader = check.ExecuteReader())
{
while (reader.Read())
{
return(Negotiate
.WithAllowedMediaRange("application/xml")
.WithAllowedMediaRange("application/json")
.WithModel(new GarageStatus
{
Id = reader.GetInt32(0),
Timestamp = reader.GetDateTime(1),
Open = reader.GetString(2) == "Open"
}));
}
}
return(Negotiate
.WithAllowedMediaRange("application/xml")
.WithAllowedMediaRange("application/json")
.WithModel(new Error
{
Code = 500,
Message = "No Event found"
}));
}
};
}
public SparqlUpdateModule(IBrightstarService brightstarService, AbstractStorePermissionsProvider permissionsProvider)
{
this.RequiresBrightstarStorePermission(permissionsProvider, get: StorePermissions.SparqlUpdate, post: StorePermissions.SparqlUpdate);
Get["/{storeName}/update"] = parameters =>
{
var requestObject = this.Bind <SparqlUpdateRequestObject>();
ViewBag.Title = requestObject.StoreName + " - SPARQL Update";
return
(Negotiate.WithAllowedMediaRange(Html)
.WithModel(requestObject)
.WithView("SparqlUpdate"));
};
Post["/{storeName}/update"] = parameters =>
{
var requestObject = this.Bind <SparqlUpdateRequestObject>();
ViewBag.Title = requestObject.StoreName + " - SPARQL Update";
if (SparqlRequest.Matches(Request.Headers.ContentType))
{
using (var reader = new StreamReader(Request.Body))
{
requestObject.Update = reader.ReadToEnd();
}
}
if (!parameters["storeName"].HasValue)
{
return(HttpStatusCode.BadRequest);
}
if (string.IsNullOrWhiteSpace(requestObject.Update))
{
return(HttpStatusCode.BadRequest);
}
IJobInfo jobInfo = brightstarService.ExecuteUpdate(parameters["storeName"], requestObject.Update, true);
if (jobInfo.JobCompletedOk)
{
return(jobInfo.MakeResponseObject(requestObject.StoreName));
}
return
(Negotiate.WithStatusCode(HttpStatusCode.BadRequest)
.WithModel(jobInfo.MakeResponseObject(requestObject.StoreName)));
};
}
public MockModule()
: base("/")
{
Patch["/"] = _ =>
{
var model = BaseModel();
if (!this.Patch(model))
{
return(Negotiate
.WithAllowedMediaRange(new MediaRange("application/json"))
.WithStatusCode(HttpStatusCode.UnprocessableEntity));
}
return(Negotiate
.WithModel(model)
.WithAllowedMediaRange(new MediaRange("application/json"))
.WithStatusCode(HttpStatusCode.OK));
};
}
public ProductsModule()
: base("/products")
{
Get["/product/{productid}"] = _ =>
{
var request = this.Bind <ProductRequest>();
var product = ProductRepository.GetById(request.ProductId);
if (product == null)
{
var error = new Response();
error.StatusCode = HttpStatusCode.BadRequest;
error.ReasonPhrase = "Invalid product identifier.";
return(error);
}
var user = UserRepository.GetCurrentUser();
if (false == user.CanView(product))
{
var error = new Response();
error.StatusCode = HttpStatusCode.Unauthorized;
error.ReasonPhrase = "User has insufficient privileges.";
return(error);
}
var productDto = CreateProductDto(product);
var htmlDto = new {
Product = productDto,
RelatedProducts = GetRelatedProductsDto(product)
};
return(Negotiate
.WithAllowedMediaRange(MediaRange.FromString("text/html"))
.WithAllowedMediaRange(MediaRange.FromString("application/json"))
.WithModel(htmlDto) // Model for 'text/html'
.WithMediaRangeModel(
MediaRange.FromString("application/json"),
productDto)); // Model for 'application/json';
}
}
public SecurityModule(ILoggerService logger, ISecurityService service,
ISecurityService securityService)
{
_logger = logger;
_service = service;
_securityService = securityService;
if (Debugger.IsAttached)
{
this.RequiresApiAuthentication();
}
else
{
this.RequiresAuthentication();
}
Get["/web/security"] = _ =>
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
return(View["Security.cshtml", new SecurityResponseModel(_service.GetAll())]);
};
Get["/api/securities"] = _ =>
{
try
{
if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization))
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var securities = _service.GetAll();
List <object> result = new List <object>();
foreach (var security in securities)
{
List <object> radios = new List <object>();
foreach (var radio in security.RadiosWithAccess)
{
dynamic radioWithAccess = new
{
alias = radio.RadioAlias,
guid = radio.RadioGuid,
access = radio.HasAccess
};
radios.Add(radioWithAccess);
}
List <object> reports = new List <object>();
foreach (var report in security.ReportsWithAccess)
{
dynamic reportWithAccess = new
{
name = report.ReportName,
access = report.HasAccess
};
reports.Add(reportWithAccess);
}
List <object> properties = new List <object>();
foreach (var property in security.Properties)
{
dynamic propertyWithAccess = new
{
group = property.Group.ToString(),
name = property.Name
};
properties.Add(propertyWithAccess);
}
dynamic resultAccessGroup = new
{
guid = security.Guid,
name = security.Name,
accessAllRadios = security.AccessAllRadios,
radiosWithAccess = radios,
accessAllReports = security.AccessAllReports,
reportsWithAccess = reports,
properties = properties
};
result.Add(resultAccessGroup);
}
return(Response.AsJson(result));
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureObtainingSecurities
});
}
};
Get["/api/reports"] = (_) =>
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var reports = _service.GetAllReports();
List <object> result = new List <object>();
foreach (var report in reports.OrderBy(item => item.Description))
{
result.Add(new
{
name = report.ReportName,
description = report.Description
});
}
return(Response.AsJson(result));
};
Get["/api/security-properties"] = (_) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var properties = _service.GetAllProperties();
var result = new List <object>();
foreach (var property in properties.OrderBy(x => x.Description))
{
result.Add(new
{
group = property.Group.ToString(),
name = property.Name,
description = property.Description
});
}
return(Response.AsJson(result));
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureObtainingSecurityProperties
});
}
};
Post["/api/securities/add", true] = async(_, __) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var model = this.Bind <SecurityModel>(x => x.Guid);
var result = this.Validate(model);
if (result.IsValid)
{
await _service.AddAsync(SecurityModelToDbSecurityModel(model));
return(Response.AsJson(model, HttpStatusCode.OK));
}
else
{
return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem));
}
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingSecurity
});
}
};
Post["/api/securities/update", true] = async(_, __) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var model = this.Bind <SecurityModel>();
var result = this.Validate(model);
if (result.IsValid)
{
await _service.UpdateAsync(SecurityModelToDbSecurityModel(model)).ConfigureAwait(false);
return(Response.AsJson(new object(), HttpStatusCode.OK));
}
else
{
return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem));
}
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingSecurity
});
}
};
Post["/api/securities/delete", true] = async(_, __) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ChangeSystemSecurity");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
foreach (var record in this.Bind <IEnumerable <SecurityModel> >())
{
var result = this.Validate(record);
if (result.IsValid)
{
await _service.DeleteAsync(SecurityModelToDbSecurityModel(record));
}
else
{
return(Negotiate.WithModel(result).WithStatusCode(HttpStatusCode.BadRequest));
}
}
return(Response.AsJson(new object(), HttpStatusCode.OK));
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureDeletingSecurity
});
}
};
}
private dbModels.SecurityModel SecurityModelToDbSecurityModel(SecurityModel model)
{
var result = new dbModels.SecurityModel(model.Guid, model.Name, model.AccessAllRadios, model.AccessAllReports);
foreach (var radio in model.RadiosWithAccess)
{
result.RadiosWithAccess.Add(new dbModels.SecurityRadioModel()
{
HasAccess = true,
RadioGuid = radio.Guid,
RadioAlias = radio.Alias
});
}
foreach (var report in model.ReportsWithAccess)
{
result.ReportsWithAccess.Add(new dbModels.SecurityReportModel()
{
ReportName = report.Name,
HasAccess = report.Access
});
}
foreach (var property in model.Properties)
{
dbModels.SecurityPropertyGroup group;
Enum.TryParse(property.Group, true, out group);
result.Properties.Add(new dbModels.SecurityPropertyModel()
{
Group = group,
Name = property.Name
});
}
return(result);
}
}
public GroupsModule(ILoggerService logger, IGroupsService service, IStationsRepository stationsRepository, ISecurityService securityService,
IConnectionManager signalR
)
{
_logger = logger;
_service = service;
_stationsRepository = stationsRepository;
_securityService = securityService;
_signalR = signalR;
if (Debugger.IsAttached)
{
this.RequiresApiAuthentication();
}
else
{
this.RequiresAuthentication();
}
Get["/web/groups"] = _ =>
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("2d42263c463a43d396806673c03b3e9d", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("d56025ce863b4d8c9eadda06c1460535", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("57228cfcdc1440ae82062953c3a0d792", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("7286b28b7f9747cfb6da8ca3cf599161", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("a0deb9e657224eb786b6ad9c4e02f9ac", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("421362042c3c4d5ab7aac2ef36292900", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOnline(_signalR, Guid.ParseExact("d105d8941a3e4bc1939585bfd1971af3", "N"));
//Hubs.RadioNetworksStatusHub.SetStationOffline(_signalR, Guid.ParseExact("ebdee74feda74ad19f7f11b1463297b1", "N"));
return(View["Groups.cshtml", new GroupResponseModel(_service.GetAll())]);
};
Get["/api/groups"] = _ =>
{
try
{
if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization))
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var groups = _service.GetAll();
List <object> result = new List <object>();
foreach (var group in groups)
{
var radio = _stationsRepository.Find(x => x.Guid == group.RadioGuid);
dynamic resultGroup = new
{
guid = group.Guid,
radioGuid = radio?.Guid,
radioAlias = radio?.Alias,
alias = group.Alias
};
result.Add(resultGroup);
}
return(Response.AsJson(result));
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureObtainingGroups
});
}
};
Post["/api/groups/add", true] = async(_, __) =>
{
try
{
if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization))
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var model = this.Bind <GroupModel>(x => x.Guid);
var result = this.Validate(model);
if (result.IsValid)
{
await _service.AddAsync(GroupModelToDbGroupModel(model));
return(Response.AsJson(model, HttpStatusCode.OK));
}
else
{
return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem));
}
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureSavingGroup
});
}
};
Post["/api/groups/update", true] = async(_, __) =>
{
try
{
if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization))
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var model = this.Bind <GroupModel>();
var result = this.Validate(model);
if (result.IsValid)
{
await _service.UpdateAsync(GroupModelToDbGroupModel(model)).ConfigureAwait(false);
return(Response.AsJson(new object(), HttpStatusCode.OK));
}
else
{
return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem));
}
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureSavingGroup
});
}
};
Post["/api/groups/delete", true] = async(_, __) =>
{
try
{
if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization))
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
foreach (var record in this.Bind <IEnumerable <GroupModel> >())
{
var result = this.Validate(record);
if (result.IsValid)
{
await _service.DeleteAsync(GroupModelToDbGroupModel(record));
}
else
{
return(Negotiate.WithModel(result).WithStatusCode(HttpStatusCode.BadRequest));
}
}
return(Response.AsJson(new object(), HttpStatusCode.OK));
}
catch (Exception e)
{
_logger.LogError(e);
return(Negotiate.WithStatusCode(HttpStatusCode.InternalServerError).WithReasonPhrase(WebResources.Error_FailureDeletingGroup));
}
};
}
public AccessGroupsModule(ILoggerService logger, IAccessGroupsService service, IUsersService usersService, ISecurityService securityService)
{
_logger = logger;
_service = service;
_securityService = securityService;
if (Debugger.IsAttached)
{
this.RequiresApiAuthentication();
}
else
{
this.RequiresAuthentication();
}
Get["/web/access-groups"] = _ =>
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
return(View["AccessGroups.cshtml"]);
};
Get["/api/access-groups"] = _ =>
{
try
{
if (string.IsNullOrWhiteSpace(Context.Request.Headers.Authorization))
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var accessGroups = _service.GetAll().OrderBy(x => x.Name);
List <object> result = new List <object>();
foreach (var accessGroup in accessGroups)
{
dynamic resultAccessGroup = new
{
guid = accessGroup.Guid,
name = accessGroup.Name
};
result.Add(resultAccessGroup);
}
return(Response.AsJson(result));
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = WebResources.Error_FailureObtainingAccessGroups
});
}
};
Post["/api/access-groups/add", true] = async(_, __) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var model = this.Bind <AccessGroupModel>();
var result = this.Validate(model);
if (result.IsValid)
{
var dbModel = AccessGroupModelToDbAccessGroupModel(model);
dbModel.Guid = Guid.Empty;
await _service.AddAsync(dbModel);
return(Response.AsJson(model, HttpStatusCode.OK));
}
else
{
return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem));
}
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingAccessGroup
});
}
};
Post["/api/access-groups/update", true] = async(_, __) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
var model = this.Bind <AccessGroupModel>();
var result = this.Validate(model);
if (result.IsValid)
{
await _service.UpdateAsync(AccessGroupModelToDbAccessGroupModel(model)).ConfigureAwait(false);
return(Response.AsJson(new object(), HttpStatusCode.OK));
}
else
{
return(Negotiate.WithAllowedMediaRange("application/json").WithModel(result).WithStatusCode(HttpStatusCode.BadRequest).WithReasonPhrase(WebResources.Error_FailureValidatingItem));
}
}
catch (Exception e)
{
_logger.LogError(e);
return(new Response {
StatusCode = HttpStatusCode.InternalServerError, ReasonPhrase = Resources.WebResources.Error_FailureSavingAccessGroup
});
}
};
Post["/api/access-groups/delete", true] = async(_, __) =>
{
try
{
if (Context.Request.Headers.Authorization == null)
{
var access = _securityService.CheckUserAccess(((UserIdentity)Context.CurrentUser).Guid, "ViewOrChangeAccessGroups");
if (!access)
{
return new Response {
StatusCode = HttpStatusCode.Forbidden, ReasonPhrase = WebResources.Error_PermissionDenied
}
}
;
}
foreach (var record in this.Bind <IEnumerable <AccessGroupModel> >())
{
var result = this.Validate(record);
if (result.IsValid)
{
await _service.DeleteAsync(AccessGroupModelToDbAccessGroupModel(record).Guid);
}
else
{
return(Negotiate.WithModel(result).WithStatusCode(HttpStatusCode.BadRequest));
}
}
return(Response.AsJson(new object(), HttpStatusCode.OK));
}
catch (Exception e)
{
_logger.LogError(e);
return(Negotiate.WithStatusCode(HttpStatusCode.InternalServerError).WithReasonPhrase(WebResources.Error_FailureDeletingAccessGroup));
}
};
}
