public async Task <IActionResult> GenerateClientLink([FromQuery] int?roleId, [FromQuery] string email)
{
var role = StaticHelper.GetCurrentRole(User);
if (roleId != 5)
{
roleId = 4;
}
if (email == null)
{
return(BadRequest("Email is required!"));
}
if (StaticHelper.IsEmailInBase(email, db))
{
return(BadRequest("Provided email is already registred or occupied!"));
}
var regLink = new RegistrationToken()
{
RoleId = (int)roleId,
Type = "Client",
Email = email,
Token = Guid.NewGuid().ToString("N"),
Opened = DateTime.Now
};
db.RegistrationTokens.Add(regLink);
await db.SaveChangesAsync();
return(Ok(regLink));
}
public IActionResult GetTaskComments([FromQuery] int?taskId)
{
if (taskId == null)
{
return(BadRequest("Task ID is required!"));
}
var task = _context
.TicketTasks
.Include(x => x.User)
.FirstOrDefault(x => x.Id == taskId);
if (task == null)
{
return(NotFound("Task with such id doesn't exists!"));
}
var role = StaticHelper.GetCurrentRole(User);
if (!StaticHelper.CheckTaskByRole(role, task, User.Identity.Name, _context))
{
return(BadRequest());
}
var taskComments = IncludeAllComments().Where(x => x.TaskId == taskId);
return(new JsonResult(taskComments));
}
public async Task <IActionResult> GetTickets([FromQuery] int?count, [FromQuery] int?offset, [FromQuery] int?priority, [FromQuery] int?status)
{
var role = StaticHelper.GetCurrentRole(User);
var tickets = SortByRole(role, IncludeAllTicket());
if (tickets == null)
{
return(BadRequest("No tickets was found for your account"));
}
if (priority != null)
{
tickets = tickets.Where(x => x.PriorityId == priority);
}
if (status != null)
{
tickets = tickets.Where(x => x.StatusId == status);
}
if (offset != null)
{
tickets = tickets.Skip((int)offset);
}
if (count != null)
{
tickets = tickets.Take((int)count);
}
return(Ok(tickets));
}
public async Task <IActionResult> GetTicketComment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var ticketComment = await IncludeAllComments().FirstOrDefaultAsync(x => x.Id == id);
if (ticketComment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (!StaticHelper.CheckTicketByRole(role, ticketComment.Ticket, User.Identity.Name, _context))
{
return(BadRequest());
}
var serializerSettings = new JsonSerializerSettings();
if (role == "client" || role == "superclient")
{
var resolver = new PropertyRenameAndIgnoreSerializerContractResolver();
resolver.IgnoreProperty(typeof(User), "Email", "Phone");
resolver.IgnoreProperty(typeof(Client), "Email", "Phone");
serializerSettings.ContractResolver = resolver;
}
return(Ok(JsonConvert.SerializeObject(ticketComment, serializerSettings)));
}
public async Task <IActionResult> DeleteArticleAttachment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var articleAttachment = await IncludeAllAttachments().FirstOrDefaultAsync(x => x.Id == id);
if (articleAttachment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
var current = _context.Users.FirstOrDefault(x => x.Email == User.Identity.Name);
if (current == null)
{
return(BadRequest());
}
if (role != "admin" & articleAttachment.Article.UserId != current.Id)
{
return(BadRequest());
}
_context.ArticleAttachments.Remove(articleAttachment);
await _context.SaveChangesAsync();
return(new JsonResult(articleAttachment));
}
public IActionResult GetArticles([FromQuery] int? sectionId, [FromQuery] int? count, [FromQuery] int? offset, [FromQuery] int? typeId)
{
var articles = IncludeAllArticle();
var role = StaticHelper.GetCurrentRole(User);
if(role == "client" || role == "superclient")
{
typeId = 2;
}
if(sectionId != null)
{
articles = articles.Where(x => x.SectionId == sectionId);
}
if(typeId != null)
{
articles = articles.Where(x => x.TypeId == typeId);
}
if(offset != null)
{
articles = articles.Skip((int)offset);
}
if(count != null)
{
articles = articles.Take((int)count);
}
return new JsonResult(articles);
}
public async Task <IActionResult> DeleteTicketAttachment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var ticketAttachment = await IncludeAllAttachments().FirstOrDefaultAsync(x => x.Id == id);
if (ticketAttachment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (!StaticHelper.CheckTicketByRole(role, ticketAttachment.Ticket, User.Identity.Name, _context))
{
return(BadRequest());
}
_context.TicketAttachments.Remove(ticketAttachment);
await _context.SaveChangesAsync();
return(Ok(ticketAttachment));
}
public IActionResult GetTicketAttachments([FromQuery] int?ticketId)
{
if (ticketId == null)
{
return(BadRequest("Ticket ID is required!"));
}
var ticket = _context
.Tickets
.Include(x => x.Client)
.ThenInclude(x => x.Company)
.FirstOrDefault(x => x.Id == ticketId);
if (ticket == null)
{
return(NotFound("Ticket with such id doesn't exists!"));
}
var role = StaticHelper.GetCurrentRole(User);
if (!StaticHelper.CheckTicketByRole(role, ticket, User.Identity.Name, _context))
{
return(BadRequest());
}
var attachments = IncludeAllAttachments().Where(x => x.TicketId == ticketId);
return(Ok(attachments));
}
public async Task <IActionResult> GetNotification([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var notification = await _context.Notifications
.Include(x => x.EventType)
.FirstOrDefaultAsync(x => x.Id == id);
if (notification == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (role != "admin")
{
var normal = await CheckNotification(notification, User);
if (!normal)
{
return(BadRequest());
}
}
return(Ok(notification));
}
public IActionResult GetArticleAttachments([FromQuery] int?articleId)
{
if (articleId == null)
{
return(BadRequest("Article ID is required!"));
}
var article = _context
.Articles
.FirstOrDefault(x => x.Id == articleId);
if (article == null)
{
return(NotFound("Article with such id doesn't exists!"));
}
var role = StaticHelper.GetCurrentRole(User);
if (role == "client" && role == "superclient")
{
if (article.TypeId != 2)
{
return(BadRequest());
}
}
var attachments = IncludeAllAttachments().Where(x => x.ArticleId == articleId);
return(new JsonResult(attachments));
}
public IActionResult GetNotifications()
{
var notifications = _context.Notifications.Include(x => x.EventType) as IQueryable <Notification>;
var role = StaticHelper.GetCurrentRole(User);
if (role != "admin")
{
if (role == "client" || role == "superclient")
{
var client = _context.Clients.FirstOrDefault(x => x.Email == User.Identity.Name);
if (client == null)
{
return(Unauthorized());
}
notifications = notifications.Where(x => x.ClientId == client.Id);
}
else
{
var user = _context.Users.FirstOrDefault(x => x.Email == User.Identity.Name);
if (user == null)
{
return(Unauthorized());
}
notifications = notifications.Where(x => x.UserId == user.Id);
}
}
return(Ok(JsonConvert.SerializeObject(notifications.ToArray())));
}
public async Task <IActionResult> GetUser([FromRoute] int id)
{
var role = StaticHelper.GetCurrentRole(User);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _context.Users
.Include(x => x.Departament)
.Include(x => x.Status)
.Include(x => x.Role)
.FirstOrDefaultAsync(x => x.Id == id);
if (user == null)
{
return(NotFound());
}
if (role == "client" || role == "superclient")
{
return(Ok("{\"fullName\":\"" + user.FullName + "\"}"));
}
return(Ok(user));
}
public async Task <IActionResult> GetArticleAttachment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var articleAttachment = await IncludeAllAttachments()
.FirstOrDefaultAsync(x => x.Id == id);
if (articleAttachment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (role == "client" || role == "superclient")
{
if (articleAttachment.Article.TypeId != 2)
{
return(BadRequest());
}
}
return(new JsonResult(articleAttachment));
}
public async Task <IActionResult> PutTaskComment([FromRoute] int id, [FromQuery] string content)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (content == null)
{
return(BadRequest("Content is required!"));
}
var taskComment = await IncludeAllComments().FirstOrDefaultAsync(x => x.Id == id);
if (taskComment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (role != "admin")
{
if (taskComment.User.Email != User.Identity.Name || taskComment.User == null)
{
return(BadRequest());
}
}
taskComment.Content = content;
_context.Entry(taskComment).State = EntityState.Modified;
await _context.SaveChangesAsync();
return(NoContent());
}
public async Task <IActionResult> DeleteTaskComment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var taskComment = await IncludeAllComments().FirstOrDefaultAsync(x => x.Id == id);
if (taskComment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (role != "admin")
{
if (taskComment.User.Email != User.Identity.Name || taskComment.User == null)
{
return(BadRequest());
}
}
_context.TaskComments.Remove(taskComment);
await _context.SaveChangesAsync();
return(new JsonResult(taskComment));
}
public async Task <IActionResult> PostTicketTask([FromBody] TicketTask task)
{
var role = StaticHelper.GetCurrentRole(User);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await db.Users.Include(x => x.Role)
.Include(x => x.Departament)
.FirstOrDefaultAsync(x => x.Email == User.Identity.Name);
if (user == null)
{
return(Unauthorized());
}
var taskUser = db.Users.FirstOrDefault(x => x.Id == task.UserId);
if (taskUser == null)
{
return(BadRequest());
}
var ticket = await db.Tickets.FirstOrDefaultAsync(x => x.Id == task.TicketId);
if (ticket == null)
{
return(BadRequest());
}
if ((role == "user") && !((ticket.UserId == user.Id) ||
((ticket.UserId == null) && (ticket.DepartamentId == user.DepartamentId))))
{
return(Forbid());
}
if ((role == "superuser") && !((taskUser.DepartamentId == ticket.DepartamentId) || !(ticket.DepartamentId == user.DepartamentId)))
{
return(Forbid());
}
task.DateCreated = DateTime.Now;
task.StatusId = 1;
try
{
db.TicketTasks.Add(task);
await db.SaveChangesAsync();
}
catch (DbUpdateException e)
{
return(BadRequest("Some of the fields are incorrect!"));
}
catch (Exception e)
{
throw e;
}
await StaticHelper.RaiseEvent(EventTypes.TaskAdded, task, db);
return(CreatedAtAction("GetTicketTask", new { id = task.Id }, task));
}
public async Task <IActionResult> RegClientByToken([FromBody] Client client, [FromQuery] string token)
{
if (token == null)
{
return(BadRequest("Registration token required!"));
}
var regToken = db.RegistrationTokens.FirstOrDefault(x => x.Token == token);
if (regToken == null)
{
return(BadRequest("Invalid registration token!"));
}
if (regToken.Type != "Client")
{
return(BadRequest("Invalid token type!"));
}
var span = DateTime.Now - regToken.Opened;
if (span.TotalHours > 24)
{
db.RegistrationTokens.Remove(regToken);
return(BadRequest("Token has expired"));
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var role = StaticHelper.GetCurrentRole(User);
var oldPass = client.Password;
client.Password = new PasswordHasher <AppUser>().HashPassword(new AppUser(), client.Password);
client.Email = regToken.Email;
client.RoleId = regToken.RoleId;
try
{
db.Clients.Add(client);
await db.SaveChangesAsync();
}
catch
{
return(BadRequest("Invalid data. Can't register client."));
}
await StaticHelper.SendEmailAsync(client.Email, "Регистрация",
"Спасибо за регистрацию на сервисе HelpDesk " + regToken.Email + "! Вам присвоен пароль : " + oldPass);
db.RegistrationTokens.Remove(regToken);
await db.SaveChangesAsync();
return(CreatedAtAction("GetClient", "Client", new { id = client.Id }, client));
}
public async Task <IActionResult> PostUser([FromBody] User user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var role = StaticHelper.GetCurrentRole(User);
if (role == "superuser")
{
var cUser = await _context.Users.FirstOrDefaultAsync(x => x.Email == User.Identity.Name);
if (cUser.DepartamentId != user.DepartamentId)
{
return(BadRequest("Can't create user for other departament"));
}
}
if (user.RoleId != 2 && user.RoleId != 3)
{
user.RoleId = 1;
}
user.StatusId = 1;
var cl = _context.Clients.FirstOrDefault(x => x.Email == user.Email);
var us = _context.Users.FirstOrDefault(x => x.Email == user.Email);
if (cl != null || us != null)
{
return(BadRequest("Provided email is occupied by someone."));
}
var oldPass = user.Password;
user.Password = new PasswordHasher <AppUser>().HashPassword(new AppUser(), user.Password);
try
{
_context.Users.Add(user);
await _context.SaveChangesAsync();
}
catch
{
return(BadRequest("Invalid data. Can't register user."));
}
await StaticHelper.SendEmailAsync(user.Email, "Регистрация",
"Спасибо за регистрацию на сервисе HelpDesk, вам был присвоен пароль : " + oldPass);
return(CreatedAtAction("GetUser", new { id = user.Id }, user));
}
public async Task <IActionResult> DeleteTicketComment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var ticketComment = await IncludeAllComments().FirstOrDefaultAsync(x => x.Id == id);
if (ticketComment == null)
{
return(NotFound());
}
if (ticketComment.Ticket == null)
{
return(BadRequest());
}
var role = StaticHelper.GetCurrentRole(User);
var serializerSettings = new JsonSerializerSettings();
if (role != "admin")
{
if (role == "client" || role == "superclient")
{
var resolver = new PropertyRenameAndIgnoreSerializerContractResolver();
resolver.IgnoreProperty(typeof(User), "Email", "Phone");
resolver.IgnoreProperty(typeof(Client), "Email", "Phone");
serializerSettings.ContractResolver = resolver;
if (ticketComment.Client.Email != User.Identity.Name || ticketComment.Client == null)
{
return(BadRequest());
}
}
else
{
if (ticketComment.User.Email != User.Identity.Name || ticketComment.User == null)
{
return(BadRequest());
}
}
}
_context.TicketComments.Remove(ticketComment);
await _context.SaveChangesAsync();
return(Ok(JsonConvert.SerializeObject(ticketComment, serializerSettings)));
}
public async Task <IActionResult> PostTicketComment([FromBody] TicketComment ticketComment)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var role = StaticHelper.GetCurrentRole(User);
var ticket = await _context.Tickets.FirstOrDefaultAsync(x => x.Id == ticketComment.TicketId);
if (ticket == null)
{
return(BadRequest());
}
if (!StaticHelper.CheckTicketByRole(role, ticket, User.Identity.Name, _context))
{
return(BadRequest());
}
if (role == "client" || role == "superclient")
{
var client = await _context.Clients.FirstOrDefaultAsync(x => x.Email == User.Identity.Name);
if (client == null)
{
return(BadRequest());
}
ticketComment.ClientId = client.Id;
ticketComment.UserId = null;
}
else
{
var user = await _context.Users.FirstOrDefaultAsync(x => x.Email == User.Identity.Name);
if (user == null)
{
return(BadRequest());
}
ticketComment.UserId = user.Id;
ticketComment.ClientId = null;
}
_context.TicketComments.Add(ticketComment);
await _context.SaveChangesAsync();
await StaticHelper.RaiseEvent(EventTypes.TicketComment, ticket, _context);
return(CreatedAtAction("GetTicketComment", new { id = ticketComment.Id }, ticketComment));
}
public async Task <IActionResult> PostArticleAttachment([FromBody] ArticleAttachment articleAttachment)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var article = _context
.Articles
.FirstOrDefault(x => x.Id == articleAttachment.ArticleId);
if (article == null)
{
return(NotFound("Article with such id doesn't exists!"));
}
var role = StaticHelper.GetCurrentRole(User);
var current = _context.Users.FirstOrDefault(x => x.Email == User.Identity.Name);
if (current == null)
{
return(BadRequest());
}
if (role != "admin" & article.UserId != current.Id)
{
return(BadRequest());
}
try
{
articleAttachment.Type = articleAttachment.Path.Substring(articleAttachment.Path.LastIndexOf('.') + 1);
if (String.IsNullOrWhiteSpace(articleAttachment.Type))
{
return(BadRequest("Unable to define file type."));
}
}
catch
{
return(BadRequest("Unable to define file type."));
}
if (articleAttachment.Name == null)
{
articleAttachment.Name = "attachment";
}
_context.ArticleAttachments.Add(articleAttachment);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetArticleAttachment", new { id = articleAttachment.Id }, articleAttachment));
}
public async Task <IActionResult> GetTicket([FromRoute] int id)
{
var role = StaticHelper.GetCurrentRole(User);
var ticket = IncludeAllTicket().FirstOrDefault(x => x.Id == id);
if (ticket == null)
{
return(NotFound("No ticket was found!"));
}
if (!StaticHelper.CheckTicketByRole(role, ticket, User.Identity.Name, db))
{
return(Forbid());
}
await StaticHelper.RaiseEvent(EventTypes.TicketAdded, ticket, db);
return(Ok(ticket));
}
public async Task <IActionResult> DeleteTicket([FromRoute] int id)
{
var role = StaticHelper.GetCurrentRole(User);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var ticket = await IncludeAllTicket().FirstOrDefaultAsync(x => x.Id == id);
if (ticket == null)
{
return(NotFound());
}
var email = User.Identity.Name;
AppUser user;
if (role == "client" || role == "superclient")
{
if (ticket.StatusId != 5)
{
return(BadRequest("Ticket is in work, can't delete it!"));
}
user = db.Clients.FirstOrDefault(x => x.Email == email);
}
else
{
user = db.Users.FirstOrDefault(x => x.Email == email);
}
if ((role == "admin") ||
((role == "client" && ticket.ClientId == user.Id) ||
(role == "superclient" && ticket.Client.CompanyId == (user as Client).CompanyId)))
{
db.Tickets.Remove(ticket);
await db.SaveChangesAsync();
return(Ok(ticket));
}
else
{
return(Forbid());
}
}
public IActionResult GetUsers()
{
var role = StaticHelper.GetCurrentRole(User);
var users = _context.Users
.Include(x => x.Departament)
.Include(x => x.Status)
.Include(x => x.Role) as IQueryable <User>;
if (role == "superuser")
{
var user = _context.Users.FirstOrDefault(x => x.Email == User.Identity.Name);
if (user == null)
{
return(Unauthorized());
}
users = users.Where(x => x.DepartamentId == user.DepartamentId);
}
return(Ok(users));
}
public async Task <IActionResult> PutNotification([FromRoute] int id, [FromBody] Notification notification)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (id != notification.Id)
{
return(BadRequest());
}
var role = StaticHelper.GetCurrentRole(User);
if (role != "admin")
{
var normal = await CheckNotification(notification, User);
if (!normal)
{
return(BadRequest());
}
}
_context.Entry(notification).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!NotificationExists(id))
{
return(NotFound());
}
else
{
return(BadRequest("Some values are invalid!"));
}
}
return(NoContent());
}
public async Task <IActionResult> PostTicketAttachment([FromBody] TicketAttachment ticketAttachment)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var ticket = _context.Tickets
.Include(x => x.Client)
.ThenInclude(x => x.Company)
.FirstOrDefault(x => x.Id == ticketAttachment.TicketId);
if (ticket == null)
{
return(NotFound("Ticket with such id doesn't exists!"));
}
var role = StaticHelper.GetCurrentRole(User);
if (!StaticHelper.CheckTicketByRole(role, ticket, User.Identity.Name, _context))
{
return(BadRequest());
}
try
{
ticketAttachment.Type = ticketAttachment.Path.Substring(ticketAttachment.Path.LastIndexOf('.') + 1);
if (String.IsNullOrWhiteSpace(ticketAttachment.Type))
{
return(BadRequest("Unable to define file type."));
}
}
catch
{
return(BadRequest("Unable to define file type."));
}
if (ticketAttachment.Name == null)
{
ticketAttachment.Name = "attachment";
}
_context.TicketAttachments.Add(ticketAttachment);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetTicketAttachment", new { id = ticketAttachment.Id }, ticketAttachment));
}
public async Task<IActionResult> PutArticle([FromRoute] int id, [FromBody] PutArticle article)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var oldArticle = await IncludeAllArticle().FirstOrDefaultAsync(x => x.Id == id);
if(oldArticle == null)
{
return NotFound();
}
var role = StaticHelper.GetCurrentRole(User);
var current = _context.Users.FirstOrDefault(x => x.Email == User.Identity.Name);
if(current == null)
{
return BadRequest();
}
if(role != "admin" && oldArticle.UserId != current.Id)
{
return BadRequest();
}
oldArticle.Name = article.Name ?? oldArticle.Name;
oldArticle.Content = article.Content ?? oldArticle.Content;
oldArticle.SectionId = article.SectionId ?? oldArticle.SectionId;
oldArticle.TypeId = article.TypeId ?? oldArticle.TypeId;
_context.Entry(oldArticle).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch
{
return BadRequest("Some values are invalid, can't modify article");
}
return NoContent();
}
public async Task <IActionResult> PostTicket([FromBody] Ticket ticket)
{
var role = StaticHelper.GetCurrentRole(User);
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!StaticHelper.CheckTicketByRole(role, ticket, User.Identity.Name, db))
{
return(Forbid());
}
var slaId = db.Companies.FirstOrDefault(x => x.Id == db.Clients.
FirstOrDefault(t => t.Id == ticket.ClientId).CompanyId).SLAId;
if (!CheckTicketBySLA(ticket, slaId))
{
return(BadRequest("Some values are not allowed by SLA, associated with company of client"));
}
ticket.DateModified = DateTime.Now;
ticket.DateCreated = DateTime.Now;
ticket.StatusId = 5;
try
{
db.Tickets.Add(ticket);
await db.SaveChangesAsync();
}
catch (DbUpdateException e)
{
return(BadRequest("Some of the fields are incorrect!"));
}
catch (Exception e)
{
throw e;
}
await StaticHelper.RaiseEvent(EventTypes.TicketAdded, ticket, db);
return(CreatedAtAction("GetTicket", new { id = ticket.Id }, ticket));
}
public async Task <IActionResult> GetClient([FromRoute] int id)
{
var role = StaticHelper.GetCurrentRole(User);
var client = await _context.Clients
.Include(x => x.Company)
.Include(x => x.Role)
.FirstOrDefaultAsync(x => x.Id == id);
if (client == null)
{
return(NotFound());
}
if (role == "client" || role == "superclient")
{
var logClient = _context.Clients.FirstOrDefault(x => x.Email == User.Identity.Name);
if (logClient == null)
{
return(Unauthorized());
}
if (role == "client" && logClient.Id != client.Id)
{
return(Forbid());
}
if (role == "superclient" && logClient.CompanyId != client.CompanyId)
{
return(Forbid());
}
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
return(Ok(client));
}
public async Task <IActionResult> GetTaskComment([FromRoute] int id)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var taskComment = await IncludeAllComments().FirstOrDefaultAsync(x => x.Id == id);
if (taskComment == null)
{
return(NotFound());
}
var role = StaticHelper.GetCurrentRole(User);
if (!StaticHelper.CheckTaskByRole(role, taskComment.TicketTask, User.Identity.Name, _context))
{
return(BadRequest());
}
return(new JsonResult(taskComment));
}
