public RecipeListItemDTO GetRecipe(long recipeId) { var isAllowed = _permissionService.IsAllowed(Permission.GetRecipes, _userData.ToUser()); // AutoMapper here if (!isAllowed) { throw new SecurityException($"User {_userData} is not allowed to {nameof(Permission.GetRecipes)}"); } // TODO: add helper method to IPermissionService (called EnsureIsAllowed?) that will combine the 3 lines above RecipeListItemDTO result = null; using (var ctx = _ctxProvider.New()) { var item = (from rv in ctx.RecipeVersions where !rv.IsDeleted && rv.IsVerified && rv.RecipeId == recipeId orderby rv.DateCreated descending select rv).FirstOrDefault(); result = item == null ? null : new RecipeListItemDTO { RecipeId = item.RecipeId, RecipeVersionId = item.RecipeVersionId, RecipeName = item.Content.Name, Language = item.Language.Name, }; // TODO: The approach above will obviously not work. There will need to be a separation between domain and db model } return(result); }
public async Task <ActionResult <RecipeListItemDTO> > CreateRecipe(RecipeListItemDTO recipeListItemDTO) { // will not be creating / updating "list" items, move it to "details" controller / methods throw new NotImplementedException(); }