private bool CheckGetRequest(HttpRequest request, out string response) { response = null; if (String.IsNullOrEmpty(request.Query["guid"])) { response = new JsonResponseBase(HttpStatusCode.BadRequest, "Request must has guid parameter.").ToString(); return(false); } var userRole = new SqlLogProvider().GetUserRole(request.Query["guid"]); if (userRole != "Admin" && userRole != "Developer") { response = new JsonResponseBase(HttpStatusCode.Unauthorized, "You have no permission to this request").ToString(); return(false); } if (String.IsNullOrEmpty(request.Query["clientGuid"])) { response = new JsonResponseBase(HttpStatusCode.BadRequest, "Request must clientGuid parameter.").ToString(); return(false); } if (userRole == "Developer") { if (!new SqlLogProvider().CheckIfDeveloperAssignedToClient(request.Query["clientGuid"], request.Query["guid"])) { response = new JsonResponseBase(HttpStatusCode.Unauthorized, "You have no permission to this request").ToString(); return(false); } } return(true); }
protected JsonNetResult ReturnJsonResponse <T>(JsonResponseBase <T> jsonResponse) { var json = new JsonNetResult(); json.Formatting = Newtonsoft.Json.Formatting.Indented; if (jsonResponse != null) { if (!jsonResponse.Success) { Response.StatusCode = 400; } } else { jsonResponse.Success = false; jsonResponse.Message = "Internal Server Error"; Response.StatusCode = 500; } json.Data = jsonResponse; return(json); }