public bool CanBuild(SessionDto session, int furnitureItemId)
{
SessionService.CheckSession(session);
InvariantPartStore itemPartStore = GetPartStore(furnitureItemId);
InvariantPartStore userPartStore = PartService.GetOwnedInvariant(session);
return(userPartStore.Contains(itemPartStore));
}
public void CheckActiveAdmin(SessionDto dto)
{
SessionService.CheckSession(dto);
if (!IsAdmin(dto.UserId.GetValueOrDefault()))
{
throw new ForbiddenException("admin");
}
}
private void CheckBuildSession(BuildSessionDto buildSession)
{
SessionService.CheckSession(buildSession.Session);
if (!BuildSessions.ContainsKey(buildSession.BuildSessionToken))
{
throw new NotFoundException("build session");
}
BuildSessionManager sessionInfo = BuildSessions[buildSession.BuildSessionToken];
if (buildSession.Session.UserId.Value != sessionInfo.UserId)
{
throw new NotFoundException("build session");
}
}
public PaymentInfo CreateManufacturerTradePromise(AddManufacturerSellDto manufacturerSellDto, string callbackEndpoint)
{
if (manufacturerSellDto.NewAccountExtension == null && manufacturerSellDto.ExisitingAccountExtensionId == null)
{
throw new NotFoundException("nor old neither new account extension");
}
SessionService.CheckSession(manufacturerSellDto.Session);
if (manufacturerSellDto.NewAccountExtension != null && manufacturerSellDto.NewAccountExtension.AccountId != manufacturerSellDto.Session.UserId)
{
throw new ForbiddenException("account owner");
}
AccountExtensionModel accountExtension = manufacturerSellDto.ExisitingAccountExtensionId == null ||
!manufacturerSellDto.ExisitingAccountExtensionId.HasValue ?
Mapper.Map <AccountExtensionDto, AccountExtensionModel>(manufacturerSellDto.NewAccountExtension) :
AccountExtensionRepo.Get(manufacturerSellDto.ExisitingAccountExtensionId.Value);
if (accountExtension == null)
{
throw new NotFoundException("account extension");
}
if (accountExtension.AccountId != manufacturerSellDto.Session.UserId)
{
throw new ForbiddenException("account owner");
}
string orderId = Guid.NewGuid().ToString();
SellModel sellModel = BuildOrderFromManufacturer(orderId, accountExtension, manufacturerSellDto.Positions);
Sell sell = new Sell(orderId, sellModel);
PendingOrders.Add(orderId, sell);
PaymentPrepareModel paymentPrepare = new PaymentPrepareModel(orderId, sellModel.TotalPrice);
paymentPrepare.CallbackUrl = callbackEndpoint;
paymentPrepare.Expired = sell.Expires;
PaymentInfo payment = PaymentService.CreateFromUserPayment(paymentPrepare);
sell.PaymentInfo = payment;
return(payment);
}
public AccountModel Update(UpdateAccountDto dto)
{
return(ProtectedExecute <UpdateAccountDto, AccountModel>(accountDto =>
{
SessionService.CheckSession(accountDto.Session);
if (accountDto.Id != accountDto.Session.UserId)
{
throw new ForbiddenException("Account owner");
}
accountDto.Password = Hasher.GetHash(accountDto.Password);
AccountModel model = Mapper.Map <UpdateAccountDto, AccountModel>(accountDto);
return AccountRepo.Update(model.Id, model);
}, dto));
}
public PartStore GetOwned(SessionDto ownerSession)
{
SessionService.CheckSession(ownerSession);
return(new PartStore(GetOwnedConcrete(ownerSession)));
}