public IHttpActionResult UpdateApp(int id, AppDO app)
{
UnitUser unitUser = this.unitOfWork.DbContext.Set<UnitUser>().FirstOrDefault(e => e.UserId == this.userContext.UserId);
ClassificationPermission editPermission = this.classificationRepository.GetByAlias("Edit");
ClassificationPermission readPermission = this.classificationRepository.GetByAlias("Read");
bool hasEditPermission =
this.appRepository.HasPermission(unitUser.UnitId, id, editPermission.ClassificationPermissionId) &&
this.appRepository.HasPermission(unitUser.UnitId, id, readPermission.ClassificationPermissionId);
if (!hasEditPermission)
{
return Unauthorized();
}
var oldApp = this.appRepository.Find(id);
oldApp.EnsureForProperVersion(app.Version);
oldApp.AopEmployerId = app.AopEmployerId;
oldApp.Email = app.Email;
//I
oldApp.STAopApplicationTypeId = app.STAopApplicationTypeId;
oldApp.STObjectId = app.STObjectId;
oldApp.STSubject = app.STSubject;
oldApp.STCriteriaId = app.STCriteriaId;
oldApp.STValue = app.STValue;
oldApp.STRemark = app.STRemark;
oldApp.STIsMilitary = app.STIsMilitary;
oldApp.STNoteTypeId = app.STNoteTypeId;
oldApp.STDocId = app.STDocId;
oldApp.STChecklistId = app.STChecklistId;
oldApp.STChecklistStatusId = app.STChecklistStatusId;
oldApp.STNoteId = app.STNoteId;
//II
oldApp.NDAopApplicationTypeId = app.NDAopApplicationTypeId;
oldApp.NDObjectId = app.NDObjectId;
oldApp.NDSubject = app.NDSubject;
oldApp.NDCriteriaId = app.NDCriteriaId;
oldApp.NDValue = app.NDValue;
oldApp.NDIsMilitary = app.NDIsMilitary;
oldApp.NDROPIdNum = app.NDROPIdNum;
oldApp.NDROPUnqNum = app.NDROPUnqNum;
oldApp.NDROPDate = app.NDROPDate;
oldApp.NDProcedureStatusId = app.NDProcedureStatusId;
oldApp.NDRefusalReason = app.NDRefusalReason;
oldApp.NDAppeal = app.NDAppeal;
oldApp.NDRemark = app.NDRemark;
oldApp.NDDocId = app.NDDocId;
oldApp.NDChecklistId = app.NDChecklistId;
oldApp.NDChecklistStatusId = app.NDChecklistStatusId;
oldApp.NDReportId = app.NDReportId;
//aop set oldapp.docid if not set
this.unitOfWork.Save();
this.appRepository.ExecSpSetAopApplicationTokens(aopApplicationId: oldApp.AopApplicationId);
this.appRepository.ExecSpSetAopApplicationUnitTokens(aopApplicationId: oldApp.AopApplicationId);
return Ok(new
{
err = "",
aopApplicationId = oldApp.AopApplicationId
});
}
public IHttpActionResult GetApp(int id)
{
UnitUser unitUser = this.unitOfWork.DbContext.Set<UnitUser>().FirstOrDefault(e => e.UserId == this.userContext.UserId);
ClassificationPermission readPermission = this.classificationRepository.GetByAlias("Read");
bool hasReadPermission =
this.appRepository.HasPermission(unitUser.UnitId, id, readPermission.ClassificationPermissionId);
if (!hasReadPermission)
{
return Unauthorized();
}
AopApp app = this.appRepository.Find(id,
e => e.CreateUnit,
e => e.AopEmployer);
if (app == null)
{
return NotFound();
}
AppDO returnValue = new AppDO(app);
#region DocRelations
//ST
if (app.STDocId.HasValue)
{
var dr = unitOfWork.DbContext.Set<DocRelation>()
.Include(e => e.Doc.DocCasePartType)
.Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User))
.Include(e => e.Doc.DocDirection)
.Include(e => e.Doc.DocType)
.Include(e => e.Doc.DocStatus)
.FirstOrDefault(e => e.DocId == app.STDocId.Value);
returnValue.STDocRelation = new DocRelationDO(dr);
}
if (app.STChecklistId.HasValue)
{
var dr = unitOfWork.DbContext.Set<DocRelation>()
.Include(e => e.Doc.DocCasePartType)
.Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User))
.Include(e => e.Doc.DocDirection)
.Include(e => e.Doc.DocType)
.Include(e => e.Doc.DocStatus)
.FirstOrDefault(e => e.DocId == app.STChecklistId.Value);
returnValue.STChecklistRelation = new DocRelationDO(dr);
}
if (app.STNoteId.HasValue)
{
var dr = unitOfWork.DbContext.Set<DocRelation>()
.Include(e => e.Doc.DocCasePartType)
.Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User))
.Include(e => e.Doc.DocDirection)
.Include(e => e.Doc.DocType)
.Include(e => e.Doc.DocStatus)
.FirstOrDefault(e => e.DocId == app.STNoteId.Value);
returnValue.STNoteRelation = new DocRelationDO(dr);
}
//ND
if (app.NDDocId.HasValue)
{
var dr = unitOfWork.DbContext.Set<DocRelation>()
.Include(e => e.Doc.DocCasePartType)
.Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User))
.Include(e => e.Doc.DocDirection)
.Include(e => e.Doc.DocType)
.Include(e => e.Doc.DocStatus)
.FirstOrDefault(e => e.DocId == app.NDDocId.Value);
returnValue.NDDocRelation = new DocRelationDO(dr);
}
if (app.NDChecklistId.HasValue)
{
var dr = unitOfWork.DbContext.Set<DocRelation>()
.Include(e => e.Doc.DocCasePartType)
.Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User))
.Include(e => e.Doc.DocDirection)
.Include(e => e.Doc.DocType)
.Include(e => e.Doc.DocStatus)
.FirstOrDefault(e => e.DocId == app.NDChecklistId.Value);
returnValue.NDChecklistRelation = new DocRelationDO(dr);
}
if (app.NDReportId.HasValue)
{
var dr = unitOfWork.DbContext.Set<DocRelation>()
.Include(e => e.Doc.DocCasePartType)
.Include(e => e.Doc.DocCasePartMovements.Select(dc => dc.User))
.Include(e => e.Doc.DocDirection)
.Include(e => e.Doc.DocType)
.Include(e => e.Doc.DocStatus)
.FirstOrDefault(e => e.DocId == app.NDReportId.Value);
returnValue.NDReportRelation = new DocRelationDO(dr);
}
#endregion
#region Set permissions
List<vwAopApplicationUser> vwAopApplicationUsers = this.appRepository.GetvwAopApplicationUsersForAppByUnitId(id, unitUser);
returnValue.CanRead = vwAopApplicationUsers.Any(e => e.AopApplicationId == app.AopApplicationId && e.ClassificationPermission.Alias == "Read");
returnValue.CanEdit = vwAopApplicationUsers.Any(e => e.AopApplicationId == app.AopApplicationId && e.ClassificationPermission.Alias == "Edit");
#endregion
return Ok(returnValue);
}
