/// <summary> /// The reason this is not in the constructor is solely for the purpose of exception handling. /// If you leave this in the controller and someone who is not authenticated calls the API you will not get a tenantId not found error. /// The error will be ugly and be hard to figure out you are not authorized. /// This way if the all methods have the ClaimsAuthorize attribute on them they will first be authenticated if not get a nice error message of not authorized. /// </summary> /// <exception cref="System.Exception">No Tenant Id Found.</exception> private void Setup() { //var isAllowed = ClaimsAuthorization.CheckAccess("Get", "CustomerId", "00"); //isAllowed = true; //Get the current claims principal var identity = (ClaimsPrincipal)Thread.CurrentPrincipal; var tenant = identity.Claims.Where(c => c.Type == ClaimsConstants.TenantIdClaimType).Select(c => c.Value).SingleOrDefault(); if (string.IsNullOrEmpty(tenant)) { throw new Exception("No Tenant Id Found."); } _tenantId = Guid.Parse(tenant); _user = identity.Identity.Name; _equipmentService = EquipmentServiceFactory.Create(_tenantId); }
public static IProcessMakerService Create(Guid tenantId, int equipmentId) { if (Container == null) { throw new Exception("Unity Container Not Initialized."); } var equipmentService = EquipmentServiceFactory.Create(tenantId); var settings = equipmentService.RetrieveEquipmentByEquipmentId(equipmentId).EquipmentConnectionSettings; if (settings == null) { throw new Exception("Equipment record not found for this equipmentId:" + equipmentId); } //var logger = Container.Resolve<ILogger>(); //logger.WriteLogEntry(tenantId.ToString(), new List<object> { settings }, string.Format(MethodBase.GetCurrentMethod().Name + " in WebAPI."), LogLevelType.Info); var service = new Services.ProcessMakerService(settings); return(service); }