public async Task ExecuteAsync(QueryContext context)
{
_repo.Apply(context.Descriptor, context.Params);
var condition = new Condition();
Utils.Map(context.Descriptor, context.Params, condition);
if (!string.IsNullOrEmpty(context.Params.Exclude))
{
object[] id;
try
{
id = _repo.ParseId(context.Params.Exclude);
}
catch (Exception ex)
{
throw new QueryException("id format incorrect", QueryErrorCode.BadRequest, ex);
}
var result = await _repo.ExistsAsync(condition, id, context.CancellationToken);
context.Succeed(result);
}
else
{
var result = await _repo.ExistsAsync(condition, context.CancellationToken);
context.Succeed(result);
}
}
public async Task ExecuteAsync(QueryContext context)
{
_repo.Apply(context.Descriptor, context.Params);
if (!string.IsNullOrEmpty(context.Params.Id))
{
object[] id;
try
{
id = _repo.ParseId(context.Params.Id);
}
catch (Exception ex)
{
throw new QueryException("id format incorrect", QueryErrorCode.BadRequest, ex);
}
var found = await _repo.FindAsync(id, context.CancellationToken);
if (found == null)
{
context.Succeed(null);
return;
}
if (context.Descriptor.OnlyOwnerCanRead)
{
var authContext = new AuthorizationContext <T>(context);
var authorized = await authContext.AuthorizeAsync(found, context.Descriptor.DeletePolicy);
if (authorized)
{
context.Succeed(found);
}
else
{
context.Fail(null, QueryErrorCode.Unauthorized, "unauthorized");
}
}
else
{
context.Succeed(found);
}
}
else
{
var condition = new Condition();
Utils.Map(context.Descriptor, context.Params, condition);
var found = await _repo.FindAsync(condition, context.CancellationToken);
if (context.Descriptor.OnlyOwnerCanRead)
{
var authContext = new AuthorizationContext <T>(context);
var authorized = await authContext.AuthorizeAsync(found, context.Descriptor.DeletePolicy);
if (authorized)
{
context.Succeed(found);
}
else
{
context.Fail(null, QueryErrorCode.Unauthorized, "unauthorized");
}
}
else
{
context.Succeed(found);
}
}
}
public async Task ExecuteAsync(QueryContext context)
{
var softDelete = _repo.SoftDelete;
_repo.SoftDelete = context.Descriptor.SoftDelete;
if (!string.IsNullOrEmpty(context.Params.Id))
{
object[] id;
try
{
id = _repo.ParseId(context.Params.Id);
}
catch (Exception ex)
{
throw new QueryException("id format incorrect", QueryErrorCode.BadRequest, ex);
}
if (context.Descriptor.OnlyOwnerCanDelete)
{
var authContext = new AuthorizationContext <T>(context);
await _repo.RemoveAsync(id,
async (newDto, oldDto, cancellationToken) =>
{
var authorized = await authContext.AuthorizeAsync(oldDto, context.Descriptor.DeletePolicy);
if (authorized)
{
return(true);
}
context.Fail(oldDto, QueryErrorCode.Unauthorized, "unauthorized");
return(false);
},
(dto) => context.Fail(dto, QueryErrorCode.NotFound, "not found"),
context.CancellationToken);
}
else
{
await _repo.RemoveAsync(id,
(dto) => context.Fail(dto, QueryErrorCode.NotFound, "not found"),
context.CancellationToken);
}
return;
}
if (context.IsArrayModel())
{
var models = context.ToModels <T>() ?? throw new QueryException("models is required", QueryErrorCode.BadRequest);
var errors = new List <RecordError>(models.Length);
if (context.Descriptor.OnlyOwnerCanDelete)
{
var authContext = new AuthorizationContext <T>(context);
await _repo.RemoveRangeAsync(models,
async (newDto, oldDto, index, continuation, cancellationToken) =>
{
var authorized = await authContext.AuthorizeAsync(oldDto, context.Descriptor.DeletePolicy);
if (authorized)
{
return(true);
}
errors.Add(new RecordError
{
ErrorCode = QueryErrorCode.Unauthorized,
ErrorDescription = QueryErrorCode.Unauthorized.ToString(),
At = index
});
continuation.Yes = true;
return(false);
},
(dto, index, continuation) =>
{
errors.Add(new RecordError
{
ErrorCode = QueryErrorCode.NotFound,
ErrorDescription = QueryErrorCode.NotFound.ToString(),
At = index
});
continuation.Yes = true;
}, context.CancellationToken);
}
else
{
await _repo.RemoveRangeAsync(models,
(dto, index, continuation) =>
{
errors.Add(new RecordError
{
ErrorCode = QueryErrorCode.NotFound,
ErrorDescription = QueryErrorCode.NotFound.ToString(),
At = index
});
continuation.Yes = true;
}, context.CancellationToken);
}
if (errors.Count > 0)
{
context.Fail(errors, QueryErrorCode.ValidationError, QueryErrorCode.ValidationError.ToString());
}
else
{
context.Succeed(models);
}
}
else
{
var model = context.ToModel <T>() ?? throw new QueryException("model is required", QueryErrorCode.BadRequest);
if (context.Descriptor.OnlyOwnerCanDelete)
{
var authContext = new AuthorizationContext <T>(context);
await _repo.RemoveAsync(model,
async (newDto, oldDto, cancellationToken) =>
{
var authorized = await authContext.AuthorizeAsync(oldDto, context.Descriptor.DeletePolicy);
if (authorized)
{
return(true);
}
context.Fail(newDto, QueryErrorCode.Unauthorized, "unauthorized");
return(false);
},
(dto) => context.Fail(dto, QueryErrorCode.NotFound, "not found"),
context.CancellationToken);
}
else
{
await _repo.RemoveAsync(model,
(dto) => context.Fail(dto, QueryErrorCode.NotFound, "not found"),
context.CancellationToken);
}
}
_repo.SoftDelete = softDelete;
}
public async Task ExecuteAsync(QueryContext context)
{
_repo.Apply(context.Descriptor, context.Params);
if (!string.IsNullOrEmpty(context.Params.Id))
{
object[] id;
try
{
id = _repo.ParseId(context.Params.Id);
}
catch (Exception ex)
{
throw new QueryException("id format incorrect", QueryErrorCode.BadRequest, ex);
}
var found = await _repo.FindAsync(id, context.CancellationToken);
if (found == null)
{
context.Succeed(new T[0]);
return;
}
if (context.Descriptor.OnlyOwnerCanRead)
{
var authContext = new AuthorizationContext <T>(context);
var authorized = await authContext.AuthorizeAsync(found, context.Descriptor.DeletePolicy);
if (authorized)
{
context.Succeed(new [] { found });
}
else
{
context.Fail(null, QueryErrorCode.Unauthorized, "unauthorized");
}
}
else
{
context.Succeed(new[] { found });
}
}
else
{
if (context.Params.Page.HasValue || context.Params.Offset.HasValue)
{
var pagination = new Pagination();
if (context.Params.Page.HasValue)
{
pagination.Page = context.Params.Page.Value;
}
if (context.Params.Offset.HasValue)
{
pagination.Offset = context.Params.Offset.Value;
}
if (context.Params.PageSize.HasValue)
{
pagination.PageSize = context.Params.PageSize.Value;
}
if (context.Params.Limit.HasValue)
{
pagination.Limit = context.Params.Limit.Value;
}
Utils.Map(context.Descriptor, context.Params, pagination);
var paged = await _repo.GetPagedAsync(pagination, context.CancellationToken);
if (context.Descriptor.OnlyOwnerCanRead)
{
var authContext = new AuthorizationContext <T>(context);
foreach (var record in paged.Records)
{
var authorized = await authContext.AuthorizeAsync(record, context.Descriptor.DeletePolicy);
if (authorized)
{
continue;
}
context.Fail(null, QueryErrorCode.Unauthorized, "unauthorized");
return;
}
}
else
{
context.Succeed(paged);
}
}
else
{
var condition = new Condition();
Utils.Map(context.Descriptor, context.Params, condition);
var collection = await _repo.ListAsync(condition, context.CancellationToken);
if (context.Descriptor.OnlyOwnerCanRead)
{
var authContext = new AuthorizationContext <T>(context);
foreach (var record in collection)
{
var authorized = await authContext.AuthorizeAsync(record, context.Descriptor.DeletePolicy);
if (authorized)
{
continue;
}
context.Fail(null, QueryErrorCode.Unauthorized, "unauthorized");
return;
}
}
else
{
context.Succeed(collection);
}
}
}
}