/// <summary>
/// The reason this is not in the constructor is solely for the purpose of exception handling.
/// If you leave this in the controller and someone who is not authenticated calls the API you will not get a tenantId not found error.
/// The error will be ugly and be hard to figure out you are not authorized.
/// This way if the all methods have the ClaimsAuthorize attribute on them they will first be authenticated if not get a nice error message of not authorized.
/// </summary>
/// <exception cref="System.Exception">No Tenant Id Found.</exception>
private void Setup()
{
//var isAllowed = ClaimsAuthorization.CheckAccess("Get", "CustomerId", "00");
//isAllowed = true;
//Get the current claims principal
var identity = (ClaimsPrincipal)Thread.CurrentPrincipal;
var tenant = identity.Claims.Where(c => c.Type == ClaimsConstants.TenantIdClaimType).Select(c => c.Value).SingleOrDefault();
if (string.IsNullOrEmpty(tenant))
{
throw new Exception("No Tenant Id Found.");
}
_tenantId = Guid.Parse(tenant);
_user = identity.Identity.Name;
_equipmentService = EquipmentServiceFactory.Create(_tenantId);
}
public static IProcessMakerService Create(Guid tenantId, int equipmentId)
{
if (Container == null)
{
throw new Exception("Unity Container Not Initialized.");
}
var equipmentService = EquipmentServiceFactory.Create(tenantId);
var settings = equipmentService.RetrieveEquipmentByEquipmentId(equipmentId).EquipmentConnectionSettings;
if (settings == null)
{
throw new Exception("Equipment record not found for this equipmentId:" + equipmentId);
}
//var logger = Container.Resolve<ILogger>();
//logger.WriteLogEntry(tenantId.ToString(), new List<object> { settings }, string.Format(MethodBase.GetCurrentMethod().Name + " in WebAPI."), LogLevelType.Info);
var service = new Services.ProcessMakerService(settings);
return(service);
}
