public IHttpActionResult Search(Domain.Catalog.Model.SearchCriteria criteria) { criteria = criteria ?? new Domain.Catalog.Model.SearchCriteria(); criteria.Normalize(); criteria.ApplyRestrictionsForUser(User.Identity.Name, _securityService); var result = new Domain.Catalog.Model.SearchResult(); if ((criteria.ResponseGroup & SearchResponseGroup.WithProducts) == SearchResponseGroup.WithProducts) { result = SearchProducts(criteria); } var catalogResponseGroup = criteria.ResponseGroup & (SearchResponseGroup.WithCatalogs | SearchResponseGroup.WithCategories); if (catalogResponseGroup != SearchResponseGroup.None) { criteria.ResponseGroup = catalogResponseGroup; var catalogResult = _catalogSearchService.Search(criteria); result.Catalogs = catalogResult.Catalogs; result.Categories = catalogResult.Categories; } return(Ok(result.ToWebModel(_blobUrlResolver))); }
/// <summary> /// Filter catalog search criteria based on current user permissions /// </summary> /// <param name="criteria"></param> /// <returns></returns> protected void ApplyRestrictionsForCurrentUser(Domain.Catalog.Model.SearchCriteria criteria) { var userName = User.Identity.Name; criteria.ApplyRestrictionsForUser(userName, _securityService); }