public async Task <IActionResult> GetGlobalRoles([FromQuery] string username) { var normalizedUsername = UsernameNormalizer.Normalize(username); // Authroize var loggedInUsername = UsernameNormalizer.Normalize(HttpContext.User.Identity.Name); var authorizationResult = await authorizationModule.AuthorizeAsync(new GetGlobalRolesResourceDescription(normalizedUsername), loggedInUsername); if (!authorizationResult.IsAuthorized) { return(StatusCode((int)HttpStatusCode.Unauthorized, "Not authorized")); } if (!await authenticationModule.ExistsAsync(normalizedUsername)) { return(NotFound($"User '{normalizedUsername}' doesn't exist")); } var roles = await authenticationModule.GetGlobalRolesForUserAsync(normalizedUsername); return(new ContentResult { ContentType = Conventions.JsonContentType, Content = JsonConvert.SerializeObject(roles), StatusCode = (int)HttpStatusCode.OK }); }
public async Task <IActionResult> ReportTo( [FromQuery] string recipient, [FromQuery] string dataType, [FromQuery] string id) { // Validate if (string.IsNullOrEmpty(recipient)) { return(BadRequest("Recipient missing")); } if (string.IsNullOrEmpty(dataType)) { return(BadRequest("Data type missing")); } if (string.IsNullOrEmpty(id)) { return(BadRequest("ID missing")); } var recipientExists = await authenticationModule.ExistsAsync(recipient); if (!recipientExists) { return(BadRequest("Unknown recipient")); } // Authenticate var loggedInUsername = UsernameNormalizer.Normalize(HttpContext.User.Identity.Name); var authorizationResult = await authorizationModule.AuthorizeAsync( new ReportDataResourceDescription(), loggedInUsername); if (!authorizationResult.IsAuthorized) { return(StatusCode((int)HttpStatusCode.Unauthorized, "Not authorized")); } // Provide await subscriptionManager.NotifyUserAboutNewDataAsync(recipient, dataType, id); apiEventLogger.Log(LogLevel.Info, $"User '{authorizationResult.User.UserName}' reported '{dataType}' with ID '{id}' to '{recipient}'"); return(Ok()); }