public async Task <ActionResult> CreateOffer(OfferDto offer) { await _posAuthLoader.AssertResourceAccessAsync(User, offer.PointOfSaleId, IsAuthorizedUserPolicy.Instance); var cmd = new CreateOffer(Guid.NewGuid(), offer.PointOfSaleId, offer.ProductId, offer.RecommendedPrice, offer.StockItemId, offer.ValidSince, offer.ValidUntil); return(await SendAndHandleIdentifierResultCommand(cmd, nameof(GetOffer))); }
public async Task <ActionResult <IPagedResult <StockItem> > > BrowseStockItemsAtPointOfSale(Guid posId, [FromQuery] BrowseStockItems query) { if (query.AtPointOfSaleId != null && query.AtPointOfSaleId != posId) { return(BadRequest($"The '{nameof(query.AtPointOfSaleId)}' query option must equal the ID from URL or must be left unset")); } await _posAuthLoader.AssertResourceAccessAsync(User, posId, IsAuthorizedUserPolicy.Instance); return(Collection(await _stockItemsService.BrowseStockItems(query.Bind(q => q.AtPointOfSaleId, posId)))); }
public async Task <ActionResult <IPagedResult <AssignmentToPointOfSale> > > BrowseAssignmentsToSpecificPointOfSale(Guid posId, [FromQuery] BrowseAssignmentsToPointOfSale query) { await _posAuthLoader.AssertResourceAccessAsync(User, posId, IsAuthorizedUserPolicy.Instance); return(Collection(await _identityService.BrowseAssignmentsToPointOfSale(query))); }
public async Task <ActionResult> CreateAuthorizedUser(Guid id, Guid userId, UserAuthorizationDto userAuthorization) { await _authLoader.AssertResourceAccessAsync(User, id, IsOwnerPolicy.Instance); return(await SendAndHandleOperationCommand(new CreatePointOfSaleUserAuthorization(id, userId, userAuthorization.Level))); }