public DTO.BillDTO Create(DTO.BillDTO dto)
{
var model = base.Create <BillDTO, Bill>(dto
, _IBillRepository
, dtoAction => {});
return(model);
}
public async Task <IActionResult> PostBill(DataModel.PayBill bill)
{
var billingPeriod = await _billRepository.BillingPeriodFromId(bill.BillingPeriodId);
if (billingPeriod == null)
{
var err = new DTO.ErrorBuilder()
.Message("Billing period not found.")
.Code(404)
.Build();
return(err);
}
if (this.UserInRole(Role.Tenant))
{
var userId = this.UserIdFromApiKey();
var tenantId = await _tenantRepository.TenantIdFromUserId(userId);
if (tenantId == null)
{
var err = new DTO.ErrorBuilder()
.Message("Not a tenant")
.Code(400)
.Build();
return(err);
}
var paid = await _billRepository.PayBill((int)tenantId, bill.Amount, bill.Resource, bill.BillingPeriodId);
var flatBill = new DTO.BillDTO(paid);
return(new ObjectResult(flatBill));
}
else if (this.UserInRole(Role.Manager) || this.UserInRole(Role.Admin))
{
var paid = await _billRepository.PayBill(bill.TenantId, bill.Amount, bill.Resource, bill.BillingPeriodId);
var flatBill = new DTO.BillDTO(paid);
return(new ObjectResult(flatBill));
}
else
{
var err = new DTO.ErrorBuilder()
.Message("You are not authorized to make bill payments.")
.Code(403)
.Build();
_logger.LogWarning($"Unauthorized access attempt to make a billing payment.");
return(err);
}
}
