// POST odata/Element public async Task <IHttpActionResult> Post(Delta <Element> patch) { var element = patch.GetEntity(); // Don't allow the user to set these fields / coni2k - 29 Jul. '17 // TODO Use ForbiddenFieldsValidator?: Currently breeze doesn't allow to post custom (delta) entity // TODO Or use DTO?: Needs a different metadata than the context, which can be overkill element.Id = 0; element.CreatedOn = DateTime.UtcNow; element.ModifiedOn = DateTime.UtcNow; element.DeletedOn = null; // Owner check: Entity must belong to the current user var r = await _resourcePoolManager .GetResourcePoolSet(element.ResourcePoolId) .SingleOrDefaultAsync(); var userId = await _resourcePoolManager .GetResourcePoolSet(element.ResourcePoolId) .Select(item => item.UserId) .Distinct() .SingleOrDefaultAsync(); var currentUserId = User.Identity.GetUserId <int>(); if (currentUserId != userId) { return(StatusCode(HttpStatusCode.Forbidden)); } await _resourcePoolManager.AddElementAsync(element); return(Created(element)); }
public IQueryable <ResourcePool> Get() { var list = _resourcePoolManager.GetResourcePoolSet(null, true, resourcePool => resourcePool.User); // TODO Handle this by intercepting the query either on OData or EF level // Currently it queries the database twice / coni2k - 20 Feb. '17 var currentUserId = User.Identity.GetUserId <int>(); foreach (var item in list.Where(item => item.UserId != currentUserId)) { item.User.ResetValues(); } return(list); }
public async Task UpdateComputedFields2() { Security.LoginAs(3, "Regular"); using (var manager = new ResourcePoolManager()) { var list = manager.GetResourcePoolSet(17).AsEnumerable(); await manager.UpdateComputedFieldsAsync(list.First().Id); } }
public async Task UpdateComputedFields() { Security.LoginAs(1, "Administrator"); using (var manager = new ResourcePoolManager()) { var list = manager.GetResourcePoolSet(29).AsEnumerable(); await manager.UpdateComputedFieldsAsync(list.First().Id); } }