public async Task <IActionResult> GetAgreement(int agreementId) { var userId = this.UserIdFromApiKey(); // Handle agreement query by tenant. if (this.UserInRole(Role.Tenant)) { var tenantId = await _tenantRepository.TenantIdFromUserId(userId); if (tenantId == null) { var err = new DTO.ErrorBuilder() .Message("You are not a tenant of this property.") .Code(403) .Build(); return(err); } var agreements = await _agreementRepository.GetSignedAgreements((int)tenantId); // TODO: make this less terrible var targetAgreement = agreements.Where(a => a.AgreementId == agreementId).FirstOrDefault(); if (targetAgreement == null) { var err = new DTO.ErrorBuilder() .Message("Unable to find that agreement.") .Code(404) .Build(); return(err); } var targetAgreementAsDTO = new DTO.AgreementDTO(targetAgreement); return(new ObjectResult(targetAgreementAsDTO)); } else if (this.UserInRole(Role.Manager) || this.UserInRole(Role.Admin)) { var agreement = await _agreementRepository.GetSignedAgreement(agreementId); if (agreement == null) { var err = new DTO.ErrorBuilder() .Message("Unable to find that agreement.") .Code(404) .Build(); return(err); } var agreementAsDTO = new DTO.AgreementDTO(agreement); return(new ObjectResult(agreementAsDTO)); } else { var err = new DTO.ErrorBuilder() .Message("You are not authorized to view agreements.") .Code(403) .Build(); return(err); } }
public async Task <IActionResult> SignAgreement(DTO.SignAgreementDTO signAgreement) { if (this.UserInRole(Role.Tenant)) { var userId = this.UserIdFromApiKey(); var tenantId = await _tenantRepository.TenantIdFromUserId(userId); if (tenantId == null) { var err = new DTO.ErrorBuilder() .Message("You are not a tenant of this property.") .Code(403) .Build(); return(err); } var agreement = await _agreementRepository.SignAgreement((int)tenantId, signAgreement.AgreementId, signAgreement.StartDate, signAgreement.EndDate); if (agreement == null) { var err = new DTO.ErrorBuilder() .Message("Unable to find that agreement id.") .Code(404) .Build(); return(err); } else { var agreementDTO = new DTO.AgreementDTO(agreement); return(new ObjectResult(agreementDTO)); } } else { var err = new DTO.ErrorBuilder() .Message("Only tenants may sign agreements.") .Code(400) .Build(); return(err); } }