private Characteristic GetCharacteristic(Characteristic request) { var id = request?.Id; Characteristic ret = null; var query = DocQuery.ActiveQuery ?? Execute; DocPermissionFactory.SetVisibleFields <Characteristic>(currentUser, "Characteristic", request.VisibleFields); DocEntityCharacteristic entity = null; if (id.HasValue) { entity = DocEntityCharacteristic.GetCharacteristic(id.Value); } if (null == entity) { throw new HttpError(HttpStatusCode.NotFound, $"No Characteristic found for Id {id.Value}"); } if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.VIEW)) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have VIEW permission for this route."); } ret = entity?.ToDto(); return(ret); }
public void Delete(Characteristic request) { using (Execute) { Execute.Run(ssn => { if (!(request?.Id > 0)) { throw new HttpError(HttpStatusCode.NotFound, $"No Id provided for delete."); } var en = DocEntityCharacteristic.GetCharacteristic(request?.Id); if (null == en) { throw new HttpError(HttpStatusCode.NotFound, $"No Characteristic could be found for Id {request?.Id}."); } if (en.IsRemoved) { return; } if (!DocPermissionFactory.HasPermission(en, currentUser, DocConstantPermission.DELETE)) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have DELETE permission for this route."); } en.Remove(); DocCacheClient.RemoveSearch(DocConstantModelName.CHARACTERISTIC); DocCacheClient.RemoveById(request.Id); }); } }
public Characteristic Post(CharacteristicCopy request) { Characteristic ret = null; using (Execute) { Execute.Run(ssn => { var entity = DocEntityCharacteristic.GetCharacteristic(request?.Id); if (null == entity) { throw new HttpError(HttpStatusCode.NoContent, "The COPY request did not succeed."); } if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.ADD)) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have ADD permission for this route."); } var pDocumentSets = entity.DocumentSets.ToList(); var pName = entity.Name; if (!DocTools.IsNullOrEmpty(pName)) { pName += " (Copy)"; } var pURI = entity.URI; if (!DocTools.IsNullOrEmpty(pURI)) { pURI += " (Copy)"; } #region Custom Before copyCharacteristic #endregion Custom Before copyCharacteristic var copy = new DocEntityCharacteristic(ssn) { Hash = Guid.NewGuid() , Name = pName , URI = pURI }; foreach (var item in pDocumentSets) { entity.DocumentSets.Add(item); } #region Custom After copyCharacteristic #endregion Custom After copyCharacteristic copy.SaveChanges(DocConstantPermission.ADD); ret = copy.ToDto(); }); } return(ret); }
private Characteristic _AssignValues(Characteristic request, DocConstantPermission permission, Session session) { if (permission != DocConstantPermission.ADD && (request == null || request.Id <= 0)) { throw new HttpError(HttpStatusCode.NotFound, $"No record"); } if (permission == DocConstantPermission.ADD && !DocPermissionFactory.HasPermissionTryAdd(currentUser, "Characteristic")) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have ADD permission for this route."); } request.VisibleFields = request.VisibleFields ?? new List <string>(); Characteristic ret = null; request = _InitAssignValues <Characteristic>(request, permission, session); //In case init assign handles create for us, return it if (permission == DocConstantPermission.ADD && request.Id > 0) { return(request); } var cacheKey = GetApiCacheKey <Characteristic>(DocConstantModelName.CHARACTERISTIC, nameof(Characteristic), request); //First, assign all the variables, do database lookups and conversions var pDocumentSets = request.DocumentSets?.ToList(); var pName = request.Name; var pURI = request.URI; DocEntityCharacteristic entity = null; if (permission == DocConstantPermission.ADD) { var now = DateTime.UtcNow; entity = new DocEntityCharacteristic(session) { Created = now, Updated = now }; } else { entity = DocEntityCharacteristic.GetCharacteristic(request.Id); if (null == entity) { throw new HttpError(HttpStatusCode.NotFound, $"No record"); } } //Special case for Archived var pArchived = true == request.Archived; if (DocPermissionFactory.IsRequestedHasPermission <bool>(currentUser, request, pArchived, permission, DocConstantModelName.CHARACTERISTIC, nameof(request.Archived))) { if (DocPermissionFactory.IsRequested(request, pArchived, entity.Archived, nameof(request.Archived))) { if (DocResources.Metadata.IsInsertOnly(DocConstantModelName.CHARACTERISTIC, nameof(request.Archived)) && DocConstantPermission.ADD != permission) { throw new HttpError(HttpStatusCode.Forbidden, $"{nameof(request.Archived)} cannot be modified once set."); } } if (DocTools.IsNullOrEmpty(pArchived) && DocResources.Metadata.IsRequired(DocConstantModelName.CHARACTERISTIC, nameof(request.Archived))) { throw new HttpError(HttpStatusCode.BadRequest, $"{nameof(request.Archived)} requires a value."); } entity.Archived = pArchived; if (DocPermissionFactory.IsRequested <bool>(request, pArchived, nameof(request.Archived)) && !request.VisibleFields.Matches(nameof(request.Archived), ignoreSpaces: true)) { request.VisibleFields.Add(nameof(request.Archived)); } } if (DocPermissionFactory.IsRequestedHasPermission <string>(currentUser, request, pName, permission, DocConstantModelName.CHARACTERISTIC, nameof(request.Name))) { if (DocPermissionFactory.IsRequested(request, pName, entity.Name, nameof(request.Name))) { if (DocResources.Metadata.IsInsertOnly(DocConstantModelName.CHARACTERISTIC, nameof(request.Name)) && DocConstantPermission.ADD != permission) { throw new HttpError(HttpStatusCode.Forbidden, $"{nameof(request.Name)} cannot be modified once set."); } } if (DocTools.IsNullOrEmpty(pName) && DocResources.Metadata.IsRequired(DocConstantModelName.CHARACTERISTIC, nameof(request.Name))) { throw new HttpError(HttpStatusCode.BadRequest, $"{nameof(request.Name)} requires a value."); } entity.Name = pName; if (DocPermissionFactory.IsRequested <string>(request, pName, nameof(request.Name)) && !request.VisibleFields.Matches(nameof(request.Name), ignoreSpaces: true)) { request.VisibleFields.Add(nameof(request.Name)); } } if (DocPermissionFactory.IsRequestedHasPermission <string>(currentUser, request, pURI, permission, DocConstantModelName.CHARACTERISTIC, nameof(request.URI))) { if (DocPermissionFactory.IsRequested(request, pURI, entity.URI, nameof(request.URI))) { if (DocResources.Metadata.IsInsertOnly(DocConstantModelName.CHARACTERISTIC, nameof(request.URI)) && DocConstantPermission.ADD != permission) { throw new HttpError(HttpStatusCode.Forbidden, $"{nameof(request.URI)} cannot be modified once set."); } } if (DocTools.IsNullOrEmpty(pURI) && DocResources.Metadata.IsRequired(DocConstantModelName.CHARACTERISTIC, nameof(request.URI))) { throw new HttpError(HttpStatusCode.BadRequest, $"{nameof(request.URI)} requires a value."); } entity.URI = pURI; if (DocPermissionFactory.IsRequested <string>(request, pURI, nameof(request.URI)) && !request.VisibleFields.Matches(nameof(request.URI), ignoreSpaces: true)) { request.VisibleFields.Add(nameof(request.URI)); } } if (request.Locked) { entity.Locked = request.Locked; } entity.SaveChanges(permission); if (DocPermissionFactory.IsRequestedHasPermission <List <Reference> >(currentUser, request, pDocumentSets, permission, DocConstantModelName.CHARACTERISTIC, nameof(request.DocumentSets))) { if (true == pDocumentSets?.Any()) { var requestedDocumentSets = pDocumentSets.Select(p => p.Id).Distinct().ToList(); var existsDocumentSets = Execute.SelectAll <DocEntityDocumentSet>().Where(e => e.Id.In(requestedDocumentSets)).Select(e => e.Id).ToList(); if (existsDocumentSets.Count != requestedDocumentSets.Count) { var nonExists = requestedDocumentSets.Where(id => existsDocumentSets.All(eId => eId != id)); throw new HttpError(HttpStatusCode.NotFound, $"Cannot patch collection DocumentSets with objects that do not exist. No matching DocumentSets(s) could be found for Ids: {nonExists.ToDelimitedString()}."); } var toAdd = requestedDocumentSets.Where(id => entity.DocumentSets.All(e => e.Id != id)).ToList(); toAdd?.ForEach(id => { var target = DocEntityDocumentSet.GetDocumentSet(id); if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.ADD, targetEntity: target, targetName: nameof(Characteristic), columnName: nameof(request.DocumentSets))) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have permission to add {nameof(request.DocumentSets)} to {nameof(Characteristic)}"); } entity.DocumentSets.Add(target); }); var toRemove = entity.DocumentSets.Where(e => requestedDocumentSets.All(id => e.Id != id)).Select(e => e.Id).ToList(); toRemove.ForEach(id => { var target = DocEntityDocumentSet.GetDocumentSet(id); if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.REMOVE, targetEntity: target, targetName: nameof(Characteristic), columnName: nameof(request.DocumentSets))) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have permission to remove {nameof(request.DocumentSets)} from {nameof(Characteristic)}"); } entity.DocumentSets.Remove(target); }); } else { var toRemove = entity.DocumentSets.Select(e => e.Id).ToList(); toRemove.ForEach(id => { var target = DocEntityDocumentSet.GetDocumentSet(id); if (!DocPermissionFactory.HasPermission(entity, currentUser, DocConstantPermission.REMOVE, targetEntity: target, targetName: nameof(Characteristic), columnName: nameof(request.DocumentSets))) { throw new HttpError(HttpStatusCode.Forbidden, "You do not have permission to remove {nameof(request.DocumentSets)} from {nameof(Characteristic)}"); } entity.DocumentSets.Remove(target); }); } if (DocPermissionFactory.IsRequested <List <Reference> >(request, pDocumentSets, nameof(request.DocumentSets)) && !request.VisibleFields.Matches(nameof(request.DocumentSets), ignoreSpaces: true)) { request.VisibleFields.Add(nameof(request.DocumentSets)); } } DocPermissionFactory.SetVisibleFields <Characteristic>(currentUser, nameof(Characteristic), request.VisibleFields); ret = entity.ToDto(); var cacheExpires = DocResources.Metadata.GetCacheExpiration(DocConstantModelName.CHARACTERISTIC); DocCacheClient.Set(key: cacheKey, value: ret, entityId: request.Id, entityType: DocConstantModelName.CHARACTERISTIC, cacheExpires); return(ret); }