public async Task <IActionResult> Post(string organizationId, [FromBody] OrganizationUnit value) { if (value == null && string.IsNullOrEmpty(organizationId)) { ModelState.AddModelError("Add", "Organization Id not passed"); return(BadRequest(ModelState)); } Guid entityId = new Guid(organizationId); if (value == null || value.OrganizationId == null || !value.OrganizationId.HasValue || entityId != value.OrganizationId.Value) { ModelState.AddModelError("Update", "Organization IDs don't match"); return(BadRequest(ModelState)); } var orgmem = membershipManager.GetOrganizationMember(Guid.Parse(organizationId), SecurityContext.PersonId)?.Items?.FirstOrDefault(); if (orgmem == null || (orgmem != null && orgmem.IsAdministrator == null) || (orgmem != null && orgmem.IsAdministrator.HasValue && orgmem.IsAdministrator == false)) { ModelState.AddModelError("Add", "Add department failed, administrator of an organization can only add departments"); return(BadRequest(ModelState)); } var orgUnit = repository.Find(null, d => d.Name.ToLower(null) == value.Name.ToLower(null) && d.OrganizationId == value.OrganizationId)?.Items?.FirstOrDefault(); if (orgUnit != null) { ModelState.AddModelError("Add", "Department Name already exists, cannot add duplicate"); return(BadRequest(ModelState)); } value.OrganizationId = new Guid(organizationId); return(await base.PostEntity(value)); }
public async Task <IActionResult> Get(string id) { try { var orgmem = membershipManager.GetOrganizationMember(Guid.Parse(id), SecurityContext.PersonId)?.Items?.FirstOrDefault(); if (orgmem == null) { return(Ok()); } var result = base.GetEntity(id).Result; if (result.GetType() == typeof(StatusCodeResult)) { return(result); } var organization = ((OkObjectResult)result).Value as Organization; //need to get organization member using logged in person id if (orgmem != null) { organization.Members.Add(orgmem); } return(Ok(organization)); } catch (Exception ex) { return(ex.GetActionResult()); } }
public async Task <IActionResult> Approve(string organizationId, string id) { if (string.IsNullOrEmpty(id) || string.IsNullOrEmpty(organizationId)) { ModelState.AddModelError("Approve", "Access or Organization Id not passed"); return(BadRequest(ModelState)); } Guid entityId = new Guid(id); var orgmem = _manager.GetOrganizationMember(Guid.Parse(organizationId), SecurityContext.PersonId)?.Items?.FirstOrDefault(); if (orgmem == null || (orgmem != null && orgmem.IsAdministrator == null) || (orgmem != null && orgmem.IsAdministrator.HasValue && orgmem.IsAdministrator == false)) { ModelState.AddModelError("Approve", "Approve failed, administrator of an organization can only Approve"); return(BadRequest(ModelState)); } Guid approvalRequestGuid = Guid.Parse(id); try { _manager.ApproveAccessRequest(approvalRequestGuid, SecurityContext); return(Ok()); } catch (Exception ex) { return(ex.GetActionResult()); } }
public async Task <IActionResult> Delete(string organizationId, string organizationMemberId) { try { //check if the logged in user is member of the organization, do not allow self deletion from organization var orgId = new Guid(organizationId); var orgMemberId = new Guid(organizationMemberId); var orgmem = _membershipManager.GetOrganizationMember(orgId, SecurityContext.PersonId)?.Items?.FirstOrDefault(); if (orgmem == null || (orgmem != null && orgmem.IsAdministrator == null) || (orgmem != null && orgmem.IsAdministrator.HasValue && orgmem.IsAdministrator == false)) { ModelState.AddModelError("Delete", "Remove from organization failed, administrator of an organization can only remove members"); return(BadRequest(ModelState)); } var orgMem = repository.Find(null, p => p.OrganizationId == orgId && p.Id == orgMemberId)?.Items?.FirstOrDefault(); //if member is the logged in user, do not delete if (orgMem != null && orgMem.PersonId == SecurityContext.PersonId) { ModelState.AddModelError("Delete", "cannot remove from the organization"); return(BadRequest(ModelState)); } return(await base.DeleteEntity(organizationMemberId)); } catch (Exception ex) { return(ex.GetActionResult()); } }