public async Task <IHttpActionResult> PostAsync(AccessObjectType objectType, int objectId, [FromBody] CreateAccessRuleDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
await ApiSecurity.AuthorizeAsync(objectType, objectId, AccessPermission.IsOwner, cancellationToken);
ValidationResult validationResult;
if (model.Anyone)
{
validationResult = await _securityManager.SetAccessRuleAsync(objectType, objectId, new AccessRuleItem { Permission = model.Permission, Visibility = model.Visibility }, cancellationToken);
}
else
{
var user = await _userManager.FindByEmailAsync(model.Email, cancellationToken);
if (user == null)
{
ModelState.AddModelError("", string.Format(SecurityApiResources.UserNotFound, model.Email));
return(BadRequest());
}
validationResult = await _securityManager.SetAccessRuleAsync(objectType, objectId, new AccessRuleItem { User = user, Permission = model.Permission, Visibility = model.Visibility }, cancellationToken);
}
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok(model));
}
public async Task <IHttpActionResult> PutAsync(int id, [FromBody] MailMessageItemDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, MailMessageField.Project, cancellationToken);
if (mailMessage == null)
{
return(NotFound());
}
var project = await _projectManager.FindByIdAsync(mailMessage.Project.Id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
mailMessage.Subject = model.Subject;
mailMessage.Body = model.Body;
var validationResult = await _projectManager.ReplaceMailMessageAsync(project, mailMessage, mailMessage, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok(mailMessage));
}
public async Task <IHttpActionResult> MoveAsync(string portalUri, string pageUri, [FromBody] string uri, CancellationToken cancellationToken)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
var page = await _portalManager.GetPageByUriAsync(portal, pageUri, cancellationToken);
if (page == null)
{
return(NotFound());
}
var referencePage = (uri == null) ? null : await _portalManager.GetPageByUriAsync(portal, uri, cancellationToken);
var validationResult = await _portalManager.MovePageAsync(portal, page, referencePage, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok());
}
public async Task <IHttpActionResult> PostFileAsync(int projectId, CancellationToken cancellationToken)
{
var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
using (var content = await Request.Content.ReadAsFileStreamAsync(cancellationToken))
{
var contactManager = new ContactManager(_projectManager);
switch (content.FileExtension.ToLower())
{
case ".xls":
await contactManager.ImportFromXlsAsync(project, content.FileStream, cancellationToken);
break;
case ".xlsx":
await contactManager.ImportFromXlsxAsync(project, content.FileStream, cancellationToken);
break;
default:
return(StatusCode(HttpStatusCode.UnsupportedMediaType));
}
}
return(Ok());
}
public async Task <IHttpActionResult> PostContentAsync(string portalUri, string pageUri, [FromBody] SetPageBodyDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
var page = await _portalManager.GetPageByUriAsync(portal, pageUri, PageField.All, cancellationToken);
if (page == null)
{
return(NotFound());
}
page.HtmlContent = model.HtmlContent;
page.StyleContent = model.StyleContent;
var validationResult = await _portalManager.ReplacePageAsync(portal, page, page, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok(ModelMapper.ToPageDto(page)));
}
public async Task <IHttpActionResult> PutAsync(int id, [FromBody] ActionItemDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var action = await _projectManager.GetActionByIdAsync(id, cancellationToken);
if (action == null)
{
return(NotFound());
}
var project = await _projectManager.FindByIdAsync(action.Project.Id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
action.Type = model.Type;
action.Enabled = model.Enabled;
action.Name = model.Name;
action.Options = model.Options;
action.ModifiedDate = DateTime.UtcNow;
var validationResult = await _projectManager.ReplaceActionAsync(project, action, action, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(new ActionContentResult(_actionLinkService, action, this));
}
public async Task <IHttpActionResult> DeleteAsync(AccessObjectType objectType, int objectId, [FromBody] string email, CancellationToken cancellationToken)
{
await ApiSecurity.AuthorizeAsync(objectType, objectId, AccessPermission.IsOwner, cancellationToken);
AccessRuleItem trustee;
if (email == null)
{
trustee = await _securityManager.GetAccessRuleAsync(objectType, objectId, cancellationToken);
}
else
{
trustee = await _securityManager.GetAccessRuleByUserEmailAsync(objectType, objectId, email, cancellationToken);
}
if (trustee == null)
{
ModelState.AddModelError("", string.Format(SecurityApiResources.UserNotFound, email ?? "Anyone"));
return(BadRequest());
}
var validationResult = await _securityManager.RemoveAccessRuleAsync(objectType, objectId, trustee, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> PostAsync(string portalUri, string mediaUri, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
var media = default(MediaItem);
using (var content = await Request.Content.ReadAsFileStreamAsync(cancellationToken))
{
var validationResult = await _portalManager.AddMediaAsync(
portal,
null,
media = new MediaItem
{
Uri = content.FileName,
Type = MimeMapping.GetMimeMapping(content.FileName),
Name = content.FileName
},
content.FileStream,
cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
}
return(CreatedAtRoute(
"Portals.Media.GetByUri",
new RouteValueDictionary {
["portalUri"] = portal.Uri, ["mediaUri"] = media.Uri
},
ModelMapper.ToMediaDto(media, uri => _portalManager.GetMediaLinkByUri(portal.Uri, uri))));
}
public async Task <IHttpActionResult> PutAsync(int id, [FromBody] BusinessTagItemDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var businessTag = await _projectManager.GetBusinessTagByIdAsync(id, cancellationToken);
if (businessTag == null)
{
return(NotFound());
}
var project = await _projectManager.FindByIdAsync(businessTag.Project.Id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
businessTag.Name = model.Name;
businessTag.Color = model.Color;
var validationResult = await _projectManager.ReplaceBusinessTagAsync(project, businessTag, businessTag, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(new BusinessTagContentResult(HttpStatusCode.OK, businessTag, this));
}
public async Task <IHttpActionResult> PostProjectByUriAsync(string uri, [FromBody] int?projectId, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
ProjectItem project = null;
if (projectId != null)
{
project = await _projectManager.FindByIdAsync((int)projectId, cancellationToken);
if (project == null)
{
return(BadRequest(string.Format(PortalApiResources.ProjectNotFound, projectId)));
}
await ApiSecurity.AuthorizeAsync(project, AccessPermission.IsOwner, cancellationToken);
}
var validationResult = await _portalManager.SetProjectAsync(portal, project, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok());
}
public async Task <IHttpActionResult> PostMasterPageByUriAsync(string uri, [FromBody] string masterPageUri, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
ValidationResult validationResult;
if (masterPageUri == null)
{
validationResult = await _portalManager.SetMasterPageAsync(portal, null, cancellationToken);
}
else
{
var masterPage = await _portalManager.GetPageByUriAsync(portal, masterPageUri, cancellationToken);
if (masterPage == null)
{
return(BadRequest(string.Format(PortalApiResources.PageNotFound, uri)));
}
validationResult = await _portalManager.SetMasterPageAsync(portal, masterPage, cancellationToken);
}
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok());
}
public async Task <IHttpActionResult> PutAsync(string uri, [FromBody] SetPortalHeadDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
ValidationResult validationResult;
if (model.Uri != null)
{
validationResult = await _portalManager.SetUriAsync(portal, model.Uri, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
}
portal.Name = model.Name;
portal.Description = model.Description;
portal.GATrackingId = model.GATrackingId;
validationResult = await _portalManager.UpdateAsync(portal, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok(ModelMapper.ToPortalDto(portal)));
}
public async Task <IHttpActionResult> MoveAsync(int id, [FromBody] ActionSortOrderDto model, CancellationToken cancellationToken)
{
var action = await _projectManager.GetActionByIdAsync(id, cancellationToken);
if (action == null)
{
return(NotFound());
}
var referenceAction = default(ActionItem);
if (model != null)
{
referenceAction = await _projectManager.GetActionByIdAsync((int)model.ReferenceId, cancellationToken);
if (referenceAction == null)
{
return(NotFound());
}
}
var project = await _projectManager.FindByIdAsync(action.Project.Id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
var validationResult = await _projectManager.MoveActionBeforeAsync(project, action, referenceAction, cancellationToken);
return(this.ValidationContent(validationResult));
}
public async Task <IHttpActionResult> GetAllAsync(int projectId, CancellationToken cancellationToken)
{
var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanView, cancellationToken);
return(Ok(await _projectManager.GetBusinessTagsAsync(project, cancellationToken)));
}
public async Task <IHttpActionResult> GetByUriAsync(string uri, PortalQueryField fields, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(uri, (PortalField)(fields & ~PortalQueryField.Pages), cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanView, cancellationToken);
return(Ok(ModelMapper.ToPortalDto(portal, fields.HasFlag(PortalQueryField.Pages) ? await _portalManager.GetPagesAsync(portal, cancellationToken) : null)));
}
public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
{
var project = await _projectManager.FindByIdAsync(id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.IsOwner, cancellationToken);
await _projectManager.DeleteAsync(project, cancellationToken);
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> DeleteAsync(string uri, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.IsOwner, cancellationToken);
await _portalManager.DeleteAsync(portal, cancellationToken);
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> GetByLinkAsync(string link, CancellationToken cancellationToken)
{
var actionLink = _actionLinkService.DecodeLink(link);
var action = await _projectManager.GetActionByIdAsync(actionLink.ActionId, cancellationToken);
var contact = actionLink.ContactId != null ? await _projectManager.GetContactByIdAsync((int)actionLink.ContactId, ContactField.None, cancellationToken) : null;
await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);
return(new ActionLinkContentResult(_actionLinkService, action, contact, actionLink.CustomUri, this));
}
public async Task <IHttpActionResult> GetByIdAsync(int id, PageField fields, CancellationToken cancellationToken)
{
var page = await _portalManager.GetPageByIdAsync(id, fields | PageField.Portal, cancellationToken);
if (page == null)
{
return(NotFound());
}
await ApiSecurity.AuthorizeAsync(AccessObjectType.Portal, page.Portal.Id, AccessPermission.CanView, cancellationToken);
return(Ok(ModelMapper.ToPageDto(page)));
}
public async Task <IHttpActionResult> GetByIdAsync(int id, MailMessageField fields, CancellationToken cancellationToken)
{
var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, fields | MailMessageField.Project, cancellationToken);
if (mailMessage == null)
{
return(NotFound());
}
await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, mailMessage.Project.Id, AccessPermission.CanView, cancellationToken);
return(Ok(mailMessage));
}
public async Task <IHttpActionResult> DeleteAllAsync(int projectId, [FromBody] IEnumerable <int> model, CancellationToken cancellationToken)
{
var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
var contacts = await _projectManager.GetContactsAsync(project, model, ContactSortOrder.None, ContactField.None, cancellationToken);
await _projectManager.RemoveContactsAsync(project, contacts, cancellationToken);
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> GetById(int id, ContactField fields, CancellationToken cancellationToken)
{
var contact = await _projectManager.GetContactByIdAsync(id, fields | ContactField.Project, cancellationToken);
if (contact == null)
{
return(NotFound());
}
await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, contact.Project.Id, AccessPermission.CanView, cancellationToken);
return(Ok(contact));
}
public async Task <IHttpActionResult> GetByLinkIdAsync(int id, CancellationToken cancellationToken)
{
var action = await _projectManager.GetActionByLinkIdAsync(id, cancellationToken);
if (action == null)
{
return(NotFound());
}
await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);
return(new ActionContentResult(_actionLinkService, action, this));
}
public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
{
var contact = await _projectManager.GetContactByIdAsync(id, ContactField.Project, cancellationToken);
if (contact != null)
{
var project = await _projectManager.FindByIdAsync(contact.Project.Id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
await _projectManager.RemoveContactAsync(project, contact, cancellationToken);
}
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> GetAllAsync(string portalUri, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanView, cancellationToken);
var pages = await _portalManager.GetPagesAsync(portal, cancellationToken);
if (pages == null)
{
return(NotFound());
}
return(Ok(ModelMapper.ToPageListDto(pages)));
}
public async Task <IHttpActionResult> DeleteAsync(string portalUri, string mediaUri, CancellationToken cancellationToken)
{
var portal = await _portalManager.FindByUriAsync(portalUri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
var media = await _portalManager.GetMediaByUriAsync(portal, mediaUri, cancellationToken);
if (media != null)
{
await _portalManager.RemoveMediaAsync(portal, media, cancellationToken);
}
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> GetByNameAsync(int projectId, string name, CancellationToken cancellationToken)
{
var project = await _projectManager.FindByIdAsync(projectId, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanView, cancellationToken);
var businessTag = await _projectManager.GetBusinessTagByNameAsync(project, name, cancellationToken);
if (businessTag == null)
{
return(NotFound());
}
return(new BusinessTagContentResult(HttpStatusCode.OK, businessTag, this));
}
public async Task <IHttpActionResult> GetLinkByIdAsync([FromUri] ActionLink model, bool absolute = true, CancellationToken cancellationToken = default(CancellationToken))
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var action = await _projectManager.GetActionByIdAsync(model.ActionId, cancellationToken);
if (action == null)
{
return(NotFound());
}
await ApiSecurity.AuthorizeAsync(AccessObjectType.Project, action.Project.Id, AccessPermission.CanView, cancellationToken);
return(Ok(_actionLinkService.CreateLink(model, absolute)));
}
public async Task <IHttpActionResult> DeleteAsync(int id, CancellationToken cancellationToken)
{
var mailMessage = await _projectManager.GetMailMessageByIdAsync(id, MailMessageField.Project, cancellationToken);
if (mailMessage == null)
{
return(NotFound());
}
var project = await _projectManager.FindByIdAsync(mailMessage.Project.Id, cancellationToken);
await ApiSecurity.AuthorizeAsync(project, AccessPermission.CanEdit, cancellationToken);
await _projectManager.RemoveMailMessageAsync(project, mailMessage, cancellationToken);
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> CopyAsync(string uri, [FromBody] CopyPortalDto model, CancellationToken cancellationToken)
{
if (model == null || !ModelState.IsValid)
{
return(BadRequest());
}
var portal = await _portalManager.FindByUriAsync(uri, cancellationToken);
await ApiSecurity.AuthorizeAsync(portal, AccessPermission.CanEdit, cancellationToken);
var validationResult = await _portalManager.CopyAsync(portal, model.Uri, cancellationToken);
if (!validationResult.Succeeded)
{
return(this.ValidationContent(validationResult));
}
return(Ok());
}