public IHttpActionResult Create([FromBody] VehicleDTO vehicle) { HttpResponseMessage response = new HttpResponseMessage(); if (vehicle != null) { try { Guid token = this.GetToken(); UserDTO user = this.userService.GetUserLoggedIn(token); PermissionHandler permissionHandler = new PermissionHandler(); if (permissionHandler.IsUserAllowedToCreateVehicle(user.Role)) { this.vehicleService.AddVehicle(vehicle); response = this.Request.CreateResponse(HttpStatusCode.Created); } else { response = this.Request.CreateResponse(HttpStatusCode.Unauthorized, "El usuario no tiene permisos para ejecutar esta accion"); } } catch (VehicleNullAttributesException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (VehicleVinDuplicatedException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (UserNotExistException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (InvalidOperationException) { string message = "No se ha enviado header de autenticación."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } catch (FormatException) { string message = "El token enviado no tiene un formato valido."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } } else { string message = "El formato del vehículo es incorrecto."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } return(ResponseMessage(response)); }
public void TestAdministratorPermissions() { string admin = "Administrador"; PermissionHandler permissionHandler = new PermissionHandler(); Assert.IsTrue(permissionHandler.IsUserAllowedToCreateInspectionOnYard(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToLocateVehiclesOnZones(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToMoveSubZonesToZones(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToListZones(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToTransportBatches(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToFinishTransportation(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToListBatches(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToCreateBatch(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToCreateVehicle(admin)); Assert.IsTrue(permissionHandler.IsUserAllowedToCreateInspectionOnPort(admin)); }
public void TestYardOperatorPermissions() { string yardOperator = "Operario del Patio"; PermissionHandler permissionHandler = new PermissionHandler(); Assert.IsTrue(permissionHandler.IsUserAllowedToCreateInspectionOnYard(yardOperator)); Assert.IsTrue(permissionHandler.IsUserAllowedToLocateVehiclesOnZones(yardOperator)); Assert.IsTrue(permissionHandler.IsUserAllowedToMoveSubZonesToZones(yardOperator)); Assert.IsTrue(permissionHandler.IsUserAllowedToListZones(yardOperator)); Assert.IsFalse(permissionHandler.IsUserAllowedToTransportBatches(yardOperator)); Assert.IsFalse(permissionHandler.IsUserAllowedToFinishTransportation(yardOperator)); Assert.IsFalse(permissionHandler.IsUserAllowedToListBatches(yardOperator)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateBatch(yardOperator)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateVehicle(yardOperator)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateInspectionOnPort(yardOperator)); }
public void TestCarrierPermissions() { string carrier = "Transportista"; PermissionHandler permissionHandler = new PermissionHandler(); Assert.IsTrue(permissionHandler.IsUserAllowedToTransportBatches(carrier)); Assert.IsTrue(permissionHandler.IsUserAllowedToFinishTransportation(carrier)); Assert.IsTrue(permissionHandler.IsUserAllowedToListBatches(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateBatch(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateVehicle(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateInspectionOnPort(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToCreateInspectionOnYard(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToLocateVehiclesOnZones(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToMoveSubZonesToZones(carrier)); Assert.IsFalse(permissionHandler.IsUserAllowedToListZones(carrier)); }
public IHttpActionResult GetByGroup(string state) { HttpResponseMessage response = new HttpResponseMessage(); try { Guid token = this.GetToken(); UserDTO userLogged = this.userService.GetUserLoggedIn(token); PermissionHandler permissionHandler = new PermissionHandler(); if (permissionHandler.IsUserAllowedToCreateVehicle(userLogged.Role)) { List <VehicleDTO> vehicles = this.vehicleService.GetAllVehicles(); List <VehicleDTO> vehiclesGroup = GetVehiclesGroup(vehicles, state); response = this.Request.CreateResponse(HttpStatusCode.OK, vehiclesGroup); } else { response = this.Request.CreateResponse(HttpStatusCode.Unauthorized, "El usuario no tiene permisos para ejecutar esta accion"); } } catch (UserNotExistException e) { response = this.Request.CreateResponse(HttpStatusCode.BadRequest, e.Message); } catch (InvalidOperationException) { string message = "No se ha enviado header de autenticación."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } catch (FormatException) { string message = "El token enviado no tiene un formato valido."; response = this.Request.CreateResponse(HttpStatusCode.BadRequest, message); } return(ResponseMessage(response)); }