private HttpResponseMessage ValidateModelInfo(ApplicationUserPutJobInfoViewModel model) { if (model.ManagerId != null) { var managerRole = _rolesRepository .Get() .FirstOrDefault(role => role.Name == Roles.Manager); var manager = _applicationUserRepository .Get(x => x.Id == model.ManagerId && x.Roles.Any(y => y.RoleId == managerRole.Id)) .FirstOrDefault(); if (manager == null) { return(Request.CreateResponse(HttpStatusCode.NotFound, string.Format(Resources.Common.DoesNotExist + " Id: {1}", Resources.Models.ApplicationUser.ApplicationUser.Manager, model.ManagerId))); } if (!_projectService.ValidateManagerId(model.Id, model.ManagerId)) { return(Request.CreateResponse(HttpStatusCode.BadRequest, Resources.Common.WrongManager)); } } if (model.QualificationLevelId != null) { var qualificationLevel = _qualificationLevelRepository.GetByID(model.QualificationLevelId); if (qualificationLevel == null) { return(Request.CreateResponse(HttpStatusCode.NotFound, string.Format(Resources.Common.DoesNotExist + " Id: {1}", Resources.Models.ApplicationUser.ApplicationUser.QualificationLevelName, model.QualificationLevelId))); } } return(Request.CreateResponse(HttpStatusCode.OK)); }
public async Task <HttpResponseMessage> PutJobInfo(ApplicationUserPutJobInfoViewModel model) { var userOrg = GetUserAndOrganization(); var editorIsAdministrator = await _permissionService.UserHasPermissionAsync(userOrg, AdministrationPermissions.ApplicationUser); if (editorIsAdministrator && !model.EmploymentDate.HasValue) { return(Request.CreateResponse(HttpStatusCode.BadRequest)); } if (!(editorIsAdministrator || model.Id == User.Identity.GetUserId())) { return(Request.CreateResponse(HttpStatusCode.Forbidden)); } var validatedModelInfo = await ValidateModelInfoAsync(model); if (!validatedModelInfo.IsSuccessStatusCode) { return(validatedModelInfo); } var applicationUser = await _applicationUserRepository.Get(u => u.Id == model.Id, includeProperties : "Roles,Projects,Skills,WorkingHours").FirstOrDefaultAsync(); if (!editorIsAdministrator) { model.EmploymentDate = applicationUser?.EmploymentDate; } if (applicationUser == null) { return(Request.CreateResponse(HttpStatusCode.NotFound, string.Format(Resources.Common.DoesNotExist, Resources.Models.ApplicationUser.ApplicationUser.EntityName))); } _mapper.Map(model, applicationUser); applicationUser.Skills = await _skillsRepository.Get(s => model.SkillIds.Contains(s.Id)).ToListAsync(); if (editorIsAdministrator && model.RoleIds != null) { await UpdateRolesAsync(applicationUser, model.RoleIds); } if (applicationUser.WorkingHours?.OrganizationId == 0) { applicationUser.WorkingHours.OrganizationId = GetUserAndOrganization().OrganizationId; } await _projectService.AddProjectsToUserAsync(applicationUser.Id, model.ProjectIds, userOrg); await _unitOfWork.SaveAsync(); _permissionsCache.TryRemoveEntry(applicationUser.Id); return(Request.CreateResponse(HttpStatusCode.OK)); }