public IHttpActionResult Create([FromBody] PrincipalClaim value) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } try { service.Create(value); return(CreatedAtRoute("PrincipalClaims_Create", new { id = value.Id }, value)); } catch (UnauthorizedAccessException) { return(StatusCode(HttpStatusCode.Forbidden)); } catch (KeyNotFoundException) { return(NotFound()); } catch (Exception e) { return(InternalServerError(e)); } }
public IHttpActionResult Update(int id, [FromBody] PrincipalClaim value) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } try { service.Update(id, value); return(StatusCode(HttpStatusCode.NoContent)); } catch (NotSupportedException) { return(BadRequest()); } catch (UnauthorizedAccessException) { return(StatusCode(HttpStatusCode.Forbidden)); } catch (KeyNotFoundException) { return(NotFound()); } catch (Exception e) { return(InternalServerError(e)); } }
public void Create(PrincipalClaim value) { using (log.Activity(m => m($"Creating {nameof(PrincipalClaim)} by {Thread.CurrentPrincipal?.Identity?.Name}"))) { using (log.Activity(m => m("Authorization"))) { try { security.ValidateCreate(value); } catch (UnauthorizedAccessException) { log.Warn($"Authorization Denied"); throw; } catch (Exception e) { log.Error($"Authorization Error", e); throw; } } var entity = null as PrincipalClaim; using (log.Activity(m => m("Create Entity"))) { try { entity = context.PrincipalClaims.Add(value); context.SaveChanges(); } //TODO: KB: Do this on index validation //throw new DuplicateKeyException(value.Name) catch (Exception e) { log.Error($"Update Error", e); throw; } } var newValue = entity.Filter(); using (log.Activity(m => m("Emit Event"))) { try { emitter.OnCreated(newValue); } catch (Exception e) { log.Error($"Emit Event Error", e); throw; } } log.Info(m => m($"Created {nameof(PrincipalClaim)}[{entity.Id}] by {Thread.CurrentPrincipal?.Identity?.Name}")); } }
void IEntitySecurity <PrincipalClaim> .ValidateCreate(PrincipalClaim value) { var principal = GetAuthPrincipal(); if (IsSuper(principal) || IsSystem(principal) || IsAdmin(principal)) { return; } throw new UnauthorizedAccessException(); }
void IEntitySecurity <PrincipalClaim> .ValidateRead(PrincipalClaim value, string expand) { var principal = GetAuthPrincipal(); //TODO: KB: Validate This if (IsSuper(principal) || IsSystem(principal) || IsAdmin(principal)) { return; } throw new UnauthorizedAccessException(); }
public void Update(int id, PrincipalClaim value) { using (log.Activity(m => m($"Update {nameof(PrincipalClaim)}[{id}] by {Thread.CurrentPrincipal?.Identity?.Name}"))) { using (log.Activity(m => m($"Validate {nameof(value)}"))) { if (id != value.Id) { //Cannot change primary key log.Warn(l => l($"Cannot update primary key {nameof(PrincipalClaim)}[{id}]")); throw new NotSupportedException(); } } var entity = null as PrincipalClaim; using (log.Activity(m => m($"Read {nameof(PrincipalClaim)}[{id}]"))) { entity = context.PrincipalClaims.Include(item => item.Principal).SingleOrDefault(item => item.Id == id); if (entity == null) { log.Warn($"{nameof(PrincipalClaim)}[{id}] is not found"); throw new KeyNotFoundException(); } } using (log.Activity(m => m("Authorization"))) { try { security.ValidateUpdate(entity, value); } catch (UnauthorizedAccessException) { log.Warn($"Authorization Denied"); throw; } catch (Exception e) { log.Error($"Authorization Error", e); throw; } } var oldValue = entity.Filter(); using (log.Activity(m => m("Update Entity"))) { try { entity.Issuer = value.Issuer; entity.OriginalIssuer = value.OriginalIssuer; entity.Subject = value.Subject; entity.Type = value.Type; entity.Value = value.Value; entity.ValueType = value.ValueType; context.SaveChanges(); } //TODO: KB: Do this on index validation //throw new DuplicateKeyException(value.Name) catch (Exception e) { log.Error($"Update Error", e); throw; } } var newValue = entity.Filter(); using (log.Activity(m => m("Emit Event"))) { try { emitter.OnUpdated(newValue, oldValue); } catch (Exception e) { log.Error($"Emit Event Error", e); throw; } } log.Info(l => l($"Updated {nameof(PrincipalClaim)}[{id}] by {Thread.CurrentPrincipal?.Identity?.Name}")); } }