public RecipeListItemDTO GetRecipe(long recipeId)
{
var isAllowed = _permissionService.IsAllowed(Permission.GetRecipes, _userData.ToUser()); // AutoMapper here
if (!isAllowed)
{
throw new SecurityException($"User {_userData} is not allowed to {nameof(Permission.GetRecipes)}");
}
// TODO: add helper method to IPermissionService (called EnsureIsAllowed?) that will combine the 3 lines above
RecipeListItemDTO result = null;
using (var ctx = _ctxProvider.New())
{
var item =
(from rv in ctx.RecipeVersions
where !rv.IsDeleted &&
rv.IsVerified &&
rv.RecipeId == recipeId
orderby rv.DateCreated descending
select rv).FirstOrDefault();
result = item == null ? null : new
RecipeListItemDTO
{
RecipeId = item.RecipeId,
RecipeVersionId = item.RecipeVersionId,
RecipeName = item.Content.Name,
Language = item.Language.Name,
};
// TODO: The approach above will obviously not work. There will need to be a separation between domain and db model
}
return(result);
}
public async Task <ActionResult <RecipeListItemDTO> > CreateRecipe(RecipeListItemDTO recipeListItemDTO)
{
// will not be creating / updating "list" items, move it to "details" controller / methods
throw new NotImplementedException();
}
