示例#1
0
        public async Task <IActionResult> GetById(long id)
        {
            AuthorizationModel auth = UserAuth();

            if (auth.IsNotOwner(id) && auth.IsNotAdmin())
            {
                return(BadRequest(new { message = "Insufficient privildeges" }));
            }

            User user = await _userService.GetById(id);

            UserModel model = _mapper.Map <UserModel>(user);

            return(Ok(model));
        }
示例#2
0
        public async Task <ActionResult <UserModel> > Delete(int id)
        {
            AuthorizationModel auth = UserAuth();

            if (auth.IsNotOwner(id) && auth.IsNotAdmin())
            {
                return(BadRequest(new { message = "Insufficient privildeges" }));
            }

            User deletedUser = await _userService.Delete(id);

            if (deletedUser == null)
            {
                return(NotFound());
            }

            UserModel userModel = _mapper.Map <UserModel>(deletedUser);

            return(userModel);
        }
示例#3
0
        public async Task <ActionResult <RestaurantModel> > DeleteRestaurant(long id)
        {
            AuthorizationModel auth = UserAuth();
            // Read owner of the restaurant
            long restaurantOwner = await _restaurantService.GetOwner(id);

            if (auth.IsNotOwner(restaurantOwner) && auth.IsNotAdmin())
            {
                return(BadRequest(new { message = "Insufficient privildeges" }));
            }
            // Delete the restaurant
            Restaurant deletedRestaurant = await _restaurantService.Delete(id);

            // If deleted restauraunt is null, it does not exist
            if (deletedRestaurant == null)
            {
                return(NotFound());
            }

            return(Ok(FormatForUser(deletedRestaurant)));
        }
示例#4
0
        public async Task <IActionResult> PutRestaurant(long id, [FromBody] UpdateModel model)
        {
            AuthorizationModel auth = UserAuth();

            long restaurantOwner = await _restaurantService.GetOwner(id);

            if (auth.IsNotOwner(restaurantOwner) && auth.IsNotAdmin())
            {
                return(BadRequest(new { message = "Insufficient privildeges" }));
            }

            Restaurant restaurant = _mapper.Map <Restaurant>(model);

            try
            {
                _restaurantService.Update(restaurant);
                return(NoContent());
            }
            catch (ApplicationException ex)
            {
                return(BadRequest(new { message = ex.Message }));
            }
        }
示例#5
0
        public IActionResult Update(long id, [FromBody] UserUpdateModel model)
        {
            AuthorizationModel auth = UserAuth();

            if (auth.IsNotOwner(id) && auth.IsNotAdmin())
            {
                return(BadRequest(new { message = "Insufficient privildeges" }));
            }

            User user = _mapper.Map <User>(model);

            user.Id = id;

            try
            {
                _userService.Update(user, model.Password);
                return(NoContent());
            }
            catch (ApplicationException ex)
            {
                // Error can be thrown by already taken email
                return(BadRequest(new { message = ex.Message }));
            }
        }