public async Task AssignUserToManager(ManagementAreaRequest request)
{
Check.Value(request, "Request").NotNull();
request.Validate(ImmediateValidator.Instance);
using (var conn = _dbConnFactory.CreateConnection())
{
var user = await conn.GetUserByEmail(request.UserEmail);
var manager = await conn.GetUserByEmail(request.ManagerEmail);
Check.Value(user).NotNull("User doesn't exist");
Check.Value(manager).NotNull("Manager doesn't exist");
var checkExist = await conn.QueryFirstOrDefaultAsync <ManagementArea>("select * from management_areas " +
$"where user_id='{user.Id}' and manager_id='{manager.Id}'");
if (checkExist != null)
{
checkExist.User = null;
checkExist.Manager = null;
}
Check.Value(checkExist).IsNull("This user already belongs to this manager");
await conn.ExecuteAsync(
"INSERT INTO management_areas (user_id, manager_id) VALUES (@UserId, @ManagerId)",
new ManagementArea()
{
UserId = user.Id,
ManagerId = manager.Id
});
}
}
public async Task AdminCannotAssignAndCancelInvalidUsers(string user, string manager)
{
var request = new ManagementAreaRequest
{
UserEmail = user,
ManagerEmail = manager
};
// assign
var assignResponse = await Api.Client.WithRole(RoleNames.Admin).PostAsJsonAsync(
_uri, request);
assignResponse.StatusCode.Should().BeEquivalentTo(400);
// cancel
var cancelResponse = await Api.Client.WithRole(RoleNames.Admin).DeleteAsJsonAsync(
_uri, typeof(ManagementAreaRequest), request);
cancelResponse.StatusCode.Should().BeEquivalentTo(400);
}
public async Task AccessDeniedForUsersWithoutTheNecessaryRights(RoleNames?role, int code)
{
var request = new ManagementAreaRequest
{
UserEmail = TestData.User2.Email,
ManagerEmail = TestData.Manager.Email
};
// assign
var assignResponse = await Api.Client.WithRole(role).PostAsJsonAsync(
_uri, request);
assignResponse.StatusCode.Should().BeEquivalentTo(code);
// cancel
var cancelResponse = await Api.Client.WithRole(role).DeleteAsJsonAsync(
_uri, typeof(ManagementAreaRequest), request);
cancelResponse.StatusCode.Should().BeEquivalentTo(code);
}
public async Task AdminCanAssignAndCancelUserFromManager()
{
var request = new ManagementAreaRequest
{
UserEmail = TestData.User2.Email,
ManagerEmail = TestData.Manager.Email
};
// assign
var assignResponse = await Api.Client.WithRole(RoleNames.Admin).PostAsJsonAsync(
_uri, request);
assignResponse.StatusCode.Should().BeEquivalentTo(200);
assignResponse.Content.Should().NotBeNull();
// cancel
var cancelResponse = await Api.Client.WithRole(RoleNames.Admin).DeleteAsJsonAsync(
_uri, typeof(ManagementAreaRequest), request);
cancelResponse.StatusCode.Should().BeEquivalentTo(200);
cancelResponse.Content.Should().NotBeNull();
}
public async Task CancelUserFromManager(ManagementAreaRequest request)
{
Check.Value(request, "Request").NotNull();
request.Validate(ImmediateValidator.Instance);
using (var conn = _dbConnFactory.CreateConnection())
{
var user = await conn.GetUserByEmail(request.UserEmail);
var manager = await conn.GetUserByEmail(request.ManagerEmail);
Check.Value(user).NotNull("User doesn't exist");
Check.Value(manager).NotNull("Manager doesn't exist");
var checkExist = await conn.QueryFirstOrDefaultAsync <ManagementArea>("select * from management_areas " +
$"where user_id='{user.Id}' and manager_id='{manager.Id}'");
Check.Value(checkExist).NotNull("This user already unassigned to this manager");
await conn.ExecuteAsync($"DELETE FROM management_areas WHERE user_id='{checkExist.UserId}' " +
$"and manager_id='{checkExist.ManagerId}'");
}
}
public async Task CancelUserFromManager([FromBody] ManagementAreaRequest request)
{
await _managementAreaService.CancelUserFromManager(request);
}
public async Task AssignUserToManager([FromBody] ManagementAreaRequest request)
{
await _managementAreaService.AssignUserToManager(request);
}
