public async Task <IActionResult> GetById(int id) { var item = await _queryFunctionality.GetByIdAsync(id); if ((item.SupplierManager == null || !CheckPermissionsExtensions.UserHasPermissions(item.SupplierManager.Id, User, UserRoles.Admin)) && !CheckPermissionsExtensions.UserHasPermissions(item.Manager.Id, User, UserRoles.Admin)) { return(StatusCode(StatusCodes.Status403Forbidden)); } return(ResponseWithData(StatusCodes.Status200OK, Mapper.Map <DeliveryRequestViewModel>(item))); }
public async Task <IActionResult> Complete(int orderId) { var order = await _queryFunctionality.GetByIdAsync(orderId); if (!CheckPermissionsExtensions.UserHasPermissions(order.Worker.Id, User, UserRoles.Admin)) { return(StatusCode(StatusCodes.Status403Forbidden)); } await _commandFunctionality.CompleteAsync(orderId); return(StatusCode(StatusCodes.Status200OK)); }
public async Task <IActionResult> Promote(int id) { var supplierManagerId = await _queryFunctionality.GetAssignedSupplierManagerByDeliveryRequestId(id); if (supplierManagerId.HasValue && !CheckPermissionsExtensions.UserHasPermissions(supplierManagerId.Value, User, UserRoles.Admin)) { return(StatusCode(StatusCodes.Status403Forbidden)); } await _commandFunctionality.Promote(new DeliveryRequestPromoteCommand { DeliveryRequestId = id }); return(StatusCode(StatusCodes.Status200OK)); }