public ServiceResult GetDataset(string type = "", string field = "") { List <DataPoint> dataSet; if (string.IsNullOrWhiteSpace(type)) { return(ServiceResponse.Error("You must provide a type to get the datasets.")); } if (string.IsNullOrWhiteSpace(field)) { return(ServiceResponse.Error("You must provide a series to get the datasets.")); } if (CurrentUser == null) { return(ServiceResponse.Error("You must be logged in to access this function.")); } //todo log all access to this. //CurrentUser.RoleWeight //CurrentUser.AccountUUID if (type?.ToLower() == "users" && CurrentUser.SiteAdmin == false) { //BACKLOG turn on the flag to log permission routes to log this. //add numeric value to roles s we can include multiple roles by doing math >= roleWeight RoleManager roleManager = new RoleManager(Globals.DBConnectionKey, CurrentUser); var admin = roleManager.GetRole("admin", CurrentUser.AccountUUID); var owner = roleManager.GetRole("owner", CurrentUser.AccountUUID); if (admin == null && owner == null) { return(ServiceResponse.Error("You are not authorized this action.")); } if (!roleManager.IsInRole(CurrentUser.UUID, CurrentUser.AccountUUID, admin.UUID, false) || !roleManager.IsInRole(CurrentUser.UUID, CurrentUser.AccountUUID, owner.UUID, false)) { return(ServiceResponse.Error("You are not authorized to query the type:" + type)); } } try { DataFilter filter = this.GetFilter(Request); DatasetManager dm = new DatasetManager(Globals.DBConnectionKey, this.GetAuthToken(Request)); dataSet = dm.GetDataSet(type, ref filter); return(ServiceResponse.OK("", dataSet)); } catch (Exception ex) { Debug.Assert(false, ex.Message); SystemLogger logger = new SystemLogger(Globals.DBConnectionKey); logger.InsertError(ex.Message, "ReportsController", "GetDataset"); return(ServiceResponse.Error("Error retrieving dataset.")); } }