public IActionResult CreateRisk(string pid, [FromBody] Risk risk)
{
risk.Id = Guid.NewGuid();
risk.ProjectId = Guid.Parse(pid);
try
{
_riskService.Create(risk);
return(Ok(risk));
}
catch (AppException ex)
{
// return error message if there was an exception
return(BadRequest(new { message = ex.Message }));
}
}
public async Task <IActionResult> CreateRisk([FromBody] CreateRiskCommand command)
{
var newValue = await _riskService.Create(command);
_relationshipService.Create(new CreateRelationshipCommand()
{
FromType = ObjectType.Asset, FromId = command.AssetId, ToType = ObjectType.Risk, ToId = newValue.Id
});
foreach (var item in command.Vulnerabilities)
{
_relationshipService.Create(new CreateRelationshipCommand()
{
FromType = ObjectType.Risk, FromId = newValue.Id, ToType = ObjectType.Vulnerabilitie, ToId = item
});
}
foreach (var item in command.Risks)
{
_relationshipService.Create(new CreateRelationshipCommand()
{
FromType = ObjectType.Risk, FromId = newValue.Id, ToType = ObjectType.Risk, ToId = item
});
}
foreach (var item in command.Treatments)
{
_relationshipService.Create(new CreateRelationshipCommand()
{
FromType = ObjectType.Risk, FromId = newValue.Id, ToType = ObjectType.Treatment, ToId = item.Id
});
}
_auditTrailService.LogAction(AuditTrailAction.CreateRisk, newValue.Id, new AuditTrailPayloadModel()
{
Data = JsonConvert.SerializeObject(command)
});
return(Created(newValue.Id.ToString(), newValue));
}
public async Task Add(RiskDTO riskDto)
{
var risk = _mapper.Map <Risk>(riskDto);
await _riskService.Create(risk);
}
