public async Task <ActionResult <JObject> > EditSystem([FromBody] JObject changes) { await using var conn = await _db.Obtain(); var system = await _repo.GetSystem(conn, User.CurrentSystem()); SystemPatch patch; try { patch = JsonModelExt.ToSystemPatch(changes); patch.CheckIsValid(); } catch (JsonModelParseError e) { return(BadRequest(e.Message)); } catch (InvalidPatchException e) { return(BadRequest($"Request field '{e.Message}' is invalid.")); } system = await _repo.UpdateSystem(conn, system !.Id, patch); return(Ok(system.ToJson(User.ContextFor(system)))); }
public async Task <ActionResult <JObject> > PatchMember(string hid, [FromBody] JObject changes) { await using var conn = await _db.Obtain(); var member = await conn.QueryMemberByHid(hid); if (member == null) { return(NotFound("Member not found.")); } var res = await _auth.AuthorizeAsync(User, member, "EditMember"); if (!res.Succeeded) { return(Unauthorized($"Member '{hid}' is not part of your system.")); } MemberPatch patch; try { patch = JsonModelExt.ToMemberPatch(changes); } catch (JsonModelParseError e) { return(BadRequest(e.Message)); } var newMember = await conn.UpdateMember(member.Id, patch); return(Ok(newMember.ToJson(User.ContextFor(newMember)))); }
public async Task <ActionResult <JObject> > PostMember([FromBody] JObject properties) { if (!properties.ContainsKey("name")) { return(BadRequest("Member name must be specified.")); } var systemId = User.CurrentSystem(); await using var conn = await _db.Obtain(); var systemData = await _repo.GetSystem(conn, systemId); // Enforce per-system member limit var memberCount = await conn.QuerySingleAsync <int>("select count(*) from members where system = @System", new { System = systemId }); var memberLimit = systemData?.MemberLimitOverride ?? Limits.MaxMemberCount; if (memberCount >= memberLimit) { return(BadRequest($"Member limit reached ({memberCount} / {memberLimit}).")); } await using var tx = await conn.BeginTransactionAsync(); var member = await _repo.CreateMember(conn, systemId, properties.Value <string>("name"), transaction : tx); MemberPatch patch; try { patch = JsonModelExt.ToMemberPatch(properties); patch.CheckIsValid(); } catch (JsonModelParseError e) { await tx.RollbackAsync(); return(BadRequest(e.Message)); } catch (InvalidPatchException e) { await tx.RollbackAsync(); return(BadRequest($"Request field '{e.Message}' is invalid.")); } member = await _repo.UpdateMember(conn, member.Id, patch, transaction : tx); await tx.CommitAsync(); return(Ok(member.ToJson(User.ContextFor(member)))); }
public async Task <ActionResult <JObject> > EditSystem([FromBody] JObject changes) { var system = await _db.Execute(c => c.QuerySystem(User.CurrentSystem())); SystemPatch patch; try { patch = JsonModelExt.ToSystemPatch(changes); } catch (JsonModelParseError e) { return(BadRequest(e.Message)); } await _db.Execute(conn => conn.UpdateSystem(system.Id, patch)); return(Ok(system.ToJson(User.ContextFor(system)))); }
public async Task <ActionResult <JObject> > PostMember([FromBody] JObject properties) { var system = User.CurrentSystem(); if (!properties.ContainsKey("name")) { return(BadRequest("Member name must be specified.")); } await using var conn = await _db.Obtain(); // Enforce per-system member limit var memberCount = await conn.QuerySingleAsync <int>("select count(*) from members where system = @System", new { System = system }); if (memberCount >= Limits.MaxMemberCount) { return(BadRequest($"Member limit reached ({memberCount} / {Limits.MaxMemberCount}).")); } var member = await conn.CreateMember(system, properties.Value <string>("name")); MemberPatch patch; try { patch = JsonModelExt.ToMemberPatch(properties); } catch (JsonModelParseError e) { return(BadRequest(e.Message)); } member = await conn.UpdateMember(member.Id, patch); return(Ok(member.ToJson(User.ContextFor(member)))); }