public List <Baby> BabiesForUserAndRole(User currentUser)
{
return(currentUser.Role == BabyMemoryConstants.AdminUserRole
? _context.Scan <Baby>().ToList()
: _context.Query <Baby>(currentUser.Id,
new DynamoDBOperationConfig {
IndexName = "UserIdIndex"
})
.ToList());
}
// GET: api/User
/// <summary>
/// Get Users
/// </summary>
/// <remarks>
/// A parameter of email can be used to get users by email address.
/// Users with admin role can get any users.
/// Users without admin role only returns the authorized user.
/// </remarks>
/// <response code="401">Unauthorized: due to user not token not authorized</response>
/// <returns>User</returns>
/// <exception cref="HttpResponseException"></exception>
public async Task <IEnumerable <Dictionary <string, object> > > Get()
{
var currentUser = await _authController.GetVerifiedUser(Request.Headers.Authorization);
if (currentUser is null)
{
throw new HttpResponseException(HttpStatusCode.Unauthorized);
}
var parameters = Request.GetQueryNameValuePairs();
var users = new List <Dictionary <string, object> >();
if (!parameters.Any())
{
if (currentUser.Role != BabyMemoryConstants.AdminUserRole)
{
return(new List <Dictionary <string, object> > {
ResponseDictionary(currentUser)
});
}
var scannedUsers = _context.Scan <User>();
users.AddRange(scannedUsers.Select(ResponseDictionary));
return(users);
}
foreach (var queryString in parameters)
{
if (queryString.Key.ToLower() != "email")
{
continue;
}
if (currentUser.Email.ToLower().Trim() == queryString.Value.ToLower().Trim() || (currentUser.Role == BabyMemoryConstants.AdminUserRole))
{
var us = _context.Query <User>(queryString.Value.ToLower(), new DynamoDBOperationConfig {
IndexName = "UserEmailIndex"
});
return(us.Select(user => ResponseDictionary(user)).ToList());
}
}
throw new HttpResponseException(HttpStatusCode.BadRequest);
}
private Dictionary <string, object> ResponseDictionary(Baby baby)
{
Dictionary <string, object> metadata = new Dictionary <string, object>();
metadata.Add("baby", baby);
metadata.Add("url", Url.Route("DefaultApi", new { controller = "babies", id = baby.Id }));
var user = _context.Load <User>(baby.UserId);
if (user != null)
{
metadata.Add("user_url", Url.Route("DefaultApi", new { controller = "user", id = user.Id }));
}
var memories = _context.Query <Memory>(baby.Id, new DynamoDBOperationConfig {
IndexName = "BabyIdIndex"
});
if (memories != null && memories.Any())
{
metadata.Add("memory_url", Url.Route("DefaultApi", new { controller = "memories", baby = baby.Id }));
}
return(metadata);
}
public async Task <User> GetVerifiedUser(AuthenticationHeaderValue token)
{
var email = await GetVerifiedEmail(token);
var users = _context.Query <User>(email.ToLower(), new DynamoDBOperationConfig {
IndexName = "UserEmailIndex"
}).ToList();
return(users.Count > 0 ? users[0] : null);
}
public IEnumerable <T> GetAllWithQuery(ScanOperator scanOperator, ConditionalOperatorValues?condition, params object[] values)
{
var config = new DynamoDBOperationConfig
{
OverrideTableName = _ddbTableName,
IndexName = IndexName,
};
config.QueryFilter.AddRange(new List <ScanCondition>
{
new ScanCondition("DateTimeId", scanOperator, values)
});
return(_ddbcontext.Query <T>(_applicationName, config));
}