public async Task <IActionResult> GetBillsByPeriod(int billingPeriodId)
{
var billingPeriod = await _billRepository.BillingPeriodFromId(billingPeriodId);
if (billingPeriod == null)
{
var err = new DTO.ErrorBuilder()
.Message("Billing period not found.")
.Code(404)
.Build();
return(err);
}
if (this.UserInRole(Role.Tenant))
{
var userId = this.UserIdFromApiKey();
var tenantId = await _tenantRepository.TenantIdFromUserId(userId);
if (tenantId == null)
{
var err = new DTO.ErrorBuilder()
.Message("Not a tenant")
.Code(400)
.Build();
return(err);
}
var bills = await _billRepository.GetBills((int)tenantId, billingPeriod);
var billDTOs = bills.Select(b => new DTO.BillDTO(b)).ToList();
return(new ObjectResult(billDTOs));
}
else if (this.UserInRole(Role.Manager) || this.UserInRole(Role.Admin))
{
var bills = await _billRepository.GetBills(billingPeriod);
var billDTOs = bills.Select(b => new DTO.BillDTO(b)).ToList();
return(new ObjectResult(billDTOs));
}
else
{
var err = new DTO.ErrorBuilder()
.Message("You are not authorized to view billing information.")
.Code(403)
.Build();
_logger.LogWarning($"Unauthorized access attempt to view billing information.");
return(err);
}
}
