Exemplo n.º 1
0
        public async Task <ActionResult <SheriffDto> > GetSelfSheriff()
        {
            var sheriff = await SheriffService.GetFilteredSheriffForTeams(User.CurrentUserId());

            if (sheriff == null)
            {
                return(NotFound(CouldNotFindSheriffError));
            }
            return(Ok(sheriff.Adapt <SheriffDto>()));
        }
Exemplo n.º 2
0
        public async Task <ActionResult <SheriffDto> > GetSheriffForTeam(Guid id)
        {
            var sheriff = await SheriffService.GetFilteredSheriffForTeams(id);

            if (sheriff == null)
            {
                return(NotFound(CouldNotFindSheriffError));
            }
            if (!PermissionDataFiltersExtensions.HasAccessToLocation(User, Db, sheriff.HomeLocationId))
            {
                return(Forbid());
            }

            return(Ok(sheriff.Adapt <SheriffDto>()));
        }
Exemplo n.º 3
0
        public async Task <ActionResult <SheriffWithIdirDto> > GetSheriffForTeam(Guid id)
        {
            var sheriff = await SheriffService.GetFilteredSheriffForTeams(id);

            if (sheriff == null)
            {
                return(NotFound(CouldNotFindSheriffError));
            }
            if (!PermissionDataFiltersExtensions.HasAccessToLocation(User, Db, sheriff.HomeLocationId))
            {
                return(Forbid());
            }

            var sheriffDto = sheriff.Adapt <SheriffWithIdirDto>();

            //Prevent exposing Idirs to regular users.
            sheriffDto.IdirName = User.HasPermission(Permission.EditIdir) ? sheriff.IdirName : null;
            return(Ok(sheriffDto));
        }