public IActionResult UpdateData([FromBody] DataModel model, int id)
{
using (IUpdateUnitOfWork <ProtectedData, int> unitOfWork = _repository.ProtectedDataRepository.Update(id))
{
if (unitOfWork == null)
{
return(NotFound());
}
User user = GetSessionUser();
IAuthorizer authorizer = new UserDataAuthorizerBuilder(user, unitOfWork.Entity)
.AddIsOwnerCheck()
.AddRequiredPermission(Permission.WRITE)
.Build();
if (!authorizer.Authorize())
{
return(StatusCode(403));
}
unitOfWork.Entity.Name = model.Name;
unitOfWork.Entity.Data = model.Data;
unitOfWork.Complete();
return(Ok());
}
}
public IActionResult RemoveData(int id)
{
using (IRemoveUnitOfWork <ProtectedData, int> unitOfWork = _repository.ProtectedDataRepository.Remove(id))
{
User user = GetSessionUser();
IAuthorizer authorizer = new UserDataAuthorizerBuilder(user, unitOfWork.Entity)
.AddIsOwnerCheck()
.AddRequiredPermission(Permission.WRITE)
.Build();
if (!authorizer.Authorize())
{
return(StatusCode(403));
}
unitOfWork.Complete();
return(Ok());
}
}
public IActionResult GetDataById(int id)
{
ProtectedData data = _repository.ProtectedDataRepository.GetById(id);
if (data == null)
{
return(NotFound());
}
User user = GetSessionUser();
IAuthorizer authorizer = new UserDataAuthorizerBuilder(user, data)
.AddRequiredPermission(Permission.READ)
.Build();
if (!authorizer.Authorize())
{
return(StatusCode(403));
}
DataModel dataModel = new DataModel()
{
Name = data.Name,
Data = data.Data
};
UserRegisterEntry entry = data.Users.RegisterEntries.Find(x => x.User.Id == user.Id);
dataModel.KeyPairs = from symmetricKey in entry.EncryptedKeys
join publicKey in user.PublicKeys
on symmetricKey.MatchingPublicKeyId equals publicKey.Id
select new KeyPairModel()
{
PublicKey = publicKey.KeyData, SymmetricKey = symmetricKey.KeyData
};
return(Ok(dataModel));
}