Пример #1
0
        public async Task <ActionResult <GetPermissionResponse> > GetPermission(string meUserId, string permissionId)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(new GetPermissionResponse()));
            }

            try
            {
                var user = await _userRetrievalByIdService.Handle(new UserRetrievalByIdQuery(meUserId));

                if (user == null)
                {
                    return(NotFound(new GetPermissionResponse()));
                }

                var permission = user.Permissions.FirstOrDefault(p => p.PermissionId == permissionId);

                if (permission == null)
                {
                    return(NotFound(new GetPermissionResponse()));
                }

                var locationDocument = (await
                                        _locationParentsService.Handle(
                                            new LocationParentsQuery(permission.LocationId)))
                                       .ToLocationPath();

                if (!CanAsync(Permission.GetUserPermission, locationDocument))
                {
                    return(Forbid());
                }

                var location = await permission.GetLocationName(_locationsRetrievalByIdService);

                var permissionLocations = new PermissionLocation(permission, location, meUserId);

                var result = Mapper.Map <GetPermissionResponse>(permissionLocations);
                return(Ok(result));
            }
            catch (ArgumentException)
            {
                return(NotFound(new GetPermissionResponse()));
            }
            catch (NullReferenceException)
            {
                return(NotFound(new GetPermissionResponse()));
            }
        }
Пример #2
0
        public async Task <ActionResult <PutPermissionResponse> > UpdatePermission(
            [Required] string meUserId,
            [Required] string permissionId,
            [FromBody]
            PutPermissionRequest putPermission)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return(BadRequest(new PutPermissionResponse()));
                }

                var currentUser = await CurrentUser();

                if (currentUser.UserId.Equals(meUserId))
                {
                    return(Forbid());
                }

                var locationDocument = (await
                                        _locationParentsService.Handle(
                                            new LocationParentsQuery(putPermission.LocationId)))
                                       .ToLocationPath();

                if (!CanAsync(Permission.UpdateUserPermission, locationDocument))
                {
                    return(Forbid());
                }

                var user = await _userRetrievalByIdService.Handle(new UserRetrievalByIdQuery(meUserId));

                if (user == null)
                {
                    return(NotFound(new PutPermissionResponse()));
                }

                var permissionToUpdate = user.Permissions.SingleOrDefault(p => p.PermissionId == permissionId);

                if (permissionToUpdate == null)
                {
                    return(NotFound(new PutPermissionResponse()));
                }

                if (user.Permissions.Any(usersPermission => usersPermission.LocationId == putPermission.LocationId && usersPermission.UserRole == putPermission.UserRole))
                {
                    return(Conflict());
                }

                permissionToUpdate = Mapper.Map(putPermission, permissionToUpdate);

                var updateUser = new UserUpdatePermissions
                {
                    UserId      = user.UserId,
                    Permissions = user.Permissions,
                };

                await _userUpdateService.Handle(new UserUpdateQuery(updateUser, currentUser));

                var locationOfPermission =
                    _locationRetrievalService.Handle(new LocationRetrievalByIdQuery(permissionToUpdate.LocationId)).Result;

                var permissionLocation = new PermissionLocation(permissionToUpdate, locationOfPermission, meUserId);

                var result = Mapper.Map <PutPermissionResponse>(permissionLocation);

                return(Ok(result));
            }
            catch (DocumentClientException)
            {
                return(NotFound(new PutPermissionResponse()));
            }
            catch (ArgumentException)
            {
                return(NotFound(new PutPermissionResponse()));
            }
        }
Пример #3
0
        public async Task <ActionResult <PostPermissionResponse> > CreatePermission(
            [Required] string meUserId,
            [FromBody]
            PostPermissionRequest postPermission)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(new PostPermissionResponse()));
            }

            var currentUser = await CurrentUser();

            if (currentUser.UserId.Equals(meUserId))
            {
                return(Forbid());
            }

            try
            {
                var permission = Mapper.Map <MEUserPermission>(postPermission);
                permission.PermissionId = Guid.NewGuid().ToString();

                var locationDocument = (await
                                        _locationParentsService.Handle(
                                            new LocationParentsQuery(permission.LocationId)))
                                       .ToLocationPath();

                if (!CanAsync(Permission.CreateUserPermission, locationDocument))
                {
                    return(Forbid());
                }

                var user = await _userRetrievalByIdService.Handle(new UserRetrievalByIdQuery(meUserId));

                if (user == null)
                {
                    return(NotFound(new PostPermissionResponse()));
                }

                var existingPermissions = user.Permissions != null?user.Permissions.ToList() : new List <MEUserPermission>();

                if (user.Permissions == null)
                {
                    user.Permissions = new List <MEUserPermission>();
                }

                if (user.Permissions.Any(usersPermissions => usersPermissions.IsEquivalent(permission)))
                {
                    return(Conflict());
                }

                existingPermissions.Add(permission);

                user.Permissions = existingPermissions;

                var updateUser = new UserUpdatePermissions
                {
                    UserId      = user.UserId,
                    Permissions = user.Permissions,
                };

                await _userUpdateService.Handle(new UserUpdateQuery(updateUser, currentUser));

                var location = _locationRetrievalService.Handle(new LocationRetrievalByIdQuery(permission.LocationId)).Result;

                var permissionLocation = new PermissionLocation(permission, location, meUserId);

                var result = Mapper.Map <PostPermissionResponse>(permissionLocation);
                return(Ok(result));
            }
            catch (DocumentClientException)
            {
                return(NotFound(new PostPermissionResponse()));
            }
            catch (ArgumentException)
            {
                return(NotFound(new PostPermissionResponse()));
            }
        }