public override void OnActionExecuting(HttpActionContext filterContext)
{
var itemRequest = (ItemRequest)filterContext.ActionArguments["itemRequest"];
var itemManagement = new ItemManagement(GlobalAppSettings.QueryBuilder, GlobalAppSettings.DataProvider);
var itemDetails = new ItemDetail();
if (itemRequest.ServerPath != null)
{
itemRequest.ItemId = itemManagement.GetItemDetailsFromItemPath(itemRequest.ServerPath).Id;
}
if (itemRequest.ItemId == Guid.Empty && (itemRequest.ItemType == ItemType.Datasource || itemRequest.ItemType == ItemType.File))
{
itemDetails = itemManagement.GetItemDetailsFromItemName(itemRequest.Name, itemRequest.ItemType);
if (itemDetails != null)
{
itemRequest.ItemId = itemDetails.Id;
}
else
{
var apiResponse = new ItemResponse
{
Status = false,
StatusMessage = "Invalid request values"
};
var response = new HttpResponseMessage
{
Content = new StringContent(javaScriptSerializer.Serialize(apiResponse))
};
filterContext.Response = response;
}
}
filterContext.ActionArguments["itemRequest"] = itemRequest;
var userId = new UserManagement(GlobalAppSettings.QueryBuilder, GlobalAppSettings.DataProvider).GetUserId(itemRequest.UserName);
var itemsList =
itemManagement.GetItems(
new UserManagement(GlobalAppSettings.QueryBuilder, GlobalAppSettings.DataProvider).GetUserId(
itemRequest.UserName), ItemType, null, null, null, null, null, itemRequest.ItemId);
HttpContext.Current.Session["UserId"] = userId;
if (itemsList.result.Any(a => a.Id == itemRequest.ItemId && a.CanRead) == false)
{
var apiResponse = new ItemResponse
{
Status = false,
StatusMessage = "You do not have permission to access this item or the item does not exist."
};
var response = new HttpResponseMessage
{
Content = new StringContent(javaScriptSerializer.Serialize(apiResponse))
};
filterContext.Response = response;
}
base.OnActionExecuting(filterContext);
}
public override void OnActionExecuting(HttpActionContext filterContext)
{
var itemRequest = (ItemRequest)filterContext.ActionArguments["itemRequest"];
if (String.IsNullOrWhiteSpace(itemRequest.ServerPath) == false)
{
var splitPath = itemRequest.ServerPath.Split('/');
var itemDetail = itemManagement.GetItemDetailsFromItemName(splitPath[1]);
itemRequest.CategoryId = itemDetail.Id;
}
filterContext.ActionArguments["itemRequest"] = itemRequest;
var userId = userManagement.GetUserId(itemRequest.UserName);
var permissionAccess = itemManagement.GetItemTypesWithCreateAccess(userId);
if (permissionAccess[ItemType] == false)
{
var apiResponse = new ItemResponse
{
Status = false,
StatusMessage = "Permission denied to add item - " + ItemType.ToString()
};
var response = new HttpResponseMessage
{
Content = new StringContent(javaScriptSerializer.Serialize(apiResponse))
};
filterContext.Response = response;
}
else
{
if (String.IsNullOrEmpty(itemRequest.Name))
{
var apiResponse = new ItemResponse
{
Status = false,
StatusMessage = "Item name should not be empty"
};
var response = new HttpResponseMessage
{
Content = new StringContent(javaScriptSerializer.Serialize(apiResponse))
};
filterContext.Response = response;
}
if (itemManagement.IsItemNameAlreadyExists(itemRequest.Name, itemRequest.CategoryId))
{
var apiResponse = new ItemResponse
{
Status = false,
StatusMessage = "Item with the same name is already exist in the specified Category"
};
var response = new HttpResponseMessage
{
Content = new StringContent(javaScriptSerializer.Serialize(apiResponse))
};
filterContext.Response = response;
}
}
base.OnActionExecuting(filterContext);
}