private static string GetAuthorizeFailedMessage(ChangeSetEntry entry) { switch (entry.Type) { case ChangeSetEntryType.DataModification: DataModificationEntry dataModification = (DataModificationEntry)entry; string message = null; if (dataModification.IsNew) { message = Resources.NoPermissionToInsertEntity; } else if (dataModification.IsUpdate) { message = Resources.NoPermissionToUpdateEntity; } else if (dataModification.IsDelete) { message = Resources.NoPermissionToDeleteEntity; } else { throw new NotSupportedException(Resources.DataModificationMustBeCUD); } return(string.Format(CultureInfo.InvariantCulture, message, dataModification.EntitySetName)); case ChangeSetEntryType.ActionInvocation: ActionInvocationEntry actionInvocation = (ActionInvocationEntry)entry; return(string.Format( CultureInfo.InvariantCulture, Resources.NoPermissionToInvokeAction, actionInvocation.ActionName)); default: throw new InvalidOperationException(string.Format( CultureInfo.InvariantCulture, Resources.InvalidChangeSetEntryType, entry.Type)); } }
/// <summary> /// Handles a POST request to an action. /// </summary> /// <param name="cancellationToken">The cancellation token.</param> /// <returns>The task object that contains the action result.</returns> public async Task<IHttpActionResult> PostAction(CancellationToken cancellationToken) { ODataPath path = this.GetPath(); UnboundActionPathSegment actionPathSegment = path.Segments.Last() as UnboundActionPathSegment; if (actionPathSegment == null) { throw new NotSupportedException(Resources.PostToUnboundActionNotSupported); } ActionInvocationEntry entry = new ActionInvocationEntry(actionPathSegment.ActionName, null); RestierChangeSetProperty changeSetProperty = this.Request.GetChangeSet(); if (changeSetProperty == null) { ChangeSet changeSet = new ChangeSet(); changeSet.Entries.Add(entry); SubmitResult result = await Api.SubmitAsync(changeSet, cancellationToken); } else { changeSetProperty.ChangeSet.Entries.Add(entry); await changeSetProperty.OnChangeSetCompleted(); } if (entry.Result != null) { return this.CreateOKResult(entry.Result); } else { // TODO: Should also be able to handle 204. return this.StatusCode(HttpStatusCode.NotImplemented); } }