public async Task <IActionResult?> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "put", Route = "dishes/{dishId}/rating")] HttpRequest req, string dishId ) { var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync(); if (!authenticationStatus) { return(authenticationResponse); } var dish = await _dishRepository.GetDishAsync(Guid.Parse(dishId)); if (dish is null) { return(new BadRequestObjectResult("DISH_NOT_FOUND")); } var userId = Guid.Parse(req.HttpContext.User.GetNameIdentifierId() !); if (!_authz.Authorize(userId, dish.FamilyId, Resources.Dish, Actions.Update)) { return(new UnauthorizedResult()); } var dishRating = await req.GetBodyAs <UpdateDishRatingCommandModel>(); if (dishRating is null || dishRating.FamilyMemberId is null) { return(new BadRequestObjectResult("MISSING_VALUES")); } var family = await _familyRepository.GetFamily(dish.FamilyId); var familyMemberId = Guid.Parse(dishRating.FamilyMemberId); var familyMember = family !.FamilyMembers.FirstOrDefault(w => w.Id == familyMemberId); if (familyMember is null) { return(new BadRequestObjectResult("FAMILYMEMBER_NOT_FOUND_IN_FAMILY")); } // verify that you're rating as yourself or on behalf of a user that doesn't have autonomy - rating on behalf of other autonomus users is not allowed if (!familyMember.Id.Equals(userId) && familyMember.HasAutonomy) { return(new BadRequestObjectResult("NOT_ALLOWED")); } dish.SetRating(familyMemberId, dishRating.GetRatingInDomainFormat()); await _dishRepository.SaveAsync(dish); return(new OkResult()); }
public async Task <IActionResult?> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = "family/{familyId}/member")] HttpRequest req, string familyId) { var(authenticationStatus, authenticationResponse) = await req.HttpContext.AuthenticateAzureFunctionAsync(); if (!authenticationStatus) { return(authenticationResponse); } if (!_authz.Authorize(req.HttpContext.User.GetNameIdentifierId() !, familyId, Resources.Family, Actions.Update)) { return(new UnauthorizedResult()); } var familyGuid = Guid.Parse(familyId); if (familyGuid.Equals(Guid.Empty)) { return(new BadRequestObjectResult("MISSING_FAMILYID")); } var command = await req.GetBodyAs <InviteFamilyMemberCommandModel>(); if (string.IsNullOrEmpty(command.Email)) { return(new BadRequestObjectResult("MISSING_EMAIL")); } var user = await _userRepository.GetUser(command.Email); if (user is null) { return(new NoContentResult()); } var family = await _familyRepository.GetFamily(familyGuid); if (family is null) { return(new BadRequestObjectResult("NOT_FOUND_FAMILY")); } family.InviteFamilyMember(user.Id); await _familyRepository.SaveAsync(family); return(new OkResult()); }
public FamilyViewModel GetFamily(int Id) { var dataModel = _familyRepository.GetFamily(Id); return(familyMapping.MapToView(dataModel)); }
public IActionResult GetFamily(int id) { var family = _familyRepository.GetFamily(id); return(Ok(family)); }