private bool CheckGetRequest(HttpRequest request, out string response)
{
response = null;
if (String.IsNullOrEmpty(request.Query["guid"]))
{
response = new JsonResponseBase(HttpStatusCode.BadRequest, "Request must has guid parameter.").ToString();
return(false);
}
var userRole = new SqlLogProvider().GetUserRole(request.Query["guid"]);
if (userRole != "Admin" && userRole != "Developer")
{
response = new JsonResponseBase(HttpStatusCode.Unauthorized, "You have no permission to this request").ToString();
return(false);
}
if (String.IsNullOrEmpty(request.Query["clientGuid"]))
{
response = new JsonResponseBase(HttpStatusCode.BadRequest, "Request must clientGuid parameter.").ToString();
return(false);
}
if (userRole == "Developer")
{
if (!new SqlLogProvider().CheckIfDeveloperAssignedToClient(request.Query["clientGuid"], request.Query["guid"]))
{
response = new JsonResponseBase(HttpStatusCode.Unauthorized, "You have no permission to this request").ToString();
return(false);
}
}
return(true);
}
protected JsonNetResult ReturnJsonResponse <T>(JsonResponseBase <T> jsonResponse)
{
var json = new JsonNetResult();
json.Formatting = Newtonsoft.Json.Formatting.Indented;
if (jsonResponse != null)
{
if (!jsonResponse.Success)
{
Response.StatusCode = 400;
}
}
else
{
jsonResponse.Success = false;
jsonResponse.Message = "Internal Server Error";
Response.StatusCode = 500;
}
json.Data = jsonResponse;
return(json);
}